finance.ua Open in urlscan Pro
2606:4700:20::681a:707 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://finance.ua/
Effective URL:
https://finance.ua/
Submission: On November 10 via api (November 10th 2023, 2:51:00 pm UTC) from US — Scanned from DE

Summary HTTP 175 Redirects Links 126 Behaviour Indicators

Summary

This website contacted 74 IPs in 10 countries across 80 domains to perform 175 HTTP transactions. The main IP is 2606:4700:20::681a:707, located in United States and belongs to CLOUDFLARENET, US. The main domain is finance.ua. The Cisco Umbrella rank of the primary domain is 881084.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 28th 2023. Valid for: a year.

This is the only time finance.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:607	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 33	2606:4700:20:... 2606:4700:20::681a:707	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:3f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:2f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::67 2620:1ec:bdf::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	163.172.71.49 163.172.71.49	12876 (Online SAS) (Online SAS)
4	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2400:52e0:1a0... 2400:52e0:1a01::994:1	200325 (BUNNYCDN) (BUNNYCDN)
1	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
1	34.160.203.91 34.160.203.91	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a0c:5c87:524... 2a0c:5c87:5241::2	55081 (24SHELLS) (24SHELLS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	52.210.111.70 52.210.111.70	16509 (AMAZON-02) (AMAZON-02)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a01:4f8:242:... 2a01:4f8:242:57ce::2	24940 (HETZNER-AS) (HETZNER-AS)
3	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1 3	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2 13	185.83.71.234 185.83.71.234	55081 (24SHELLS) (24SHELLS)
1	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1 2	34.200.14.96 34.200.14.96	14618 (AMAZON-AES) (AMAZON-AES)
1 1	157.245.23.44 157.245.23.44	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
7 8	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
1 1	8.2.110.161 8.2.110.161	46636 (NATCOWEB) (NATCOWEB)
1	8.2.110.17 8.2.110.17	46636 (NATCOWEB) (NATCOWEB)
1	193.3.178.2 193.3.178.2	399668 (E-PLANNING-) (E-PLANNING-)
4	193.3.178.3 193.3.178.3	399668 (E-PLANNING-) (E-PLANNING-)
1 1	3.222.95.59 3.222.95.59	14618 (AMAZON-AES) (AMAZON-AES)
1	3.65.142.57 3.65.142.57	16509 (AMAZON-02) (AMAZON-02)
1	69.166.1.66 69.166.1.66	27630 (AS-XFERNET) (AS-XFERNET)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 5	18.195.142.87 18.195.142.87	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
13	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
2	99.81.151.243 99.81.151.243	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3 5	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	2600:1f16:e61... 2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a	16509 (AMAZON-02) (AMAZON-02)
3 4	52.49.90.12 52.49.90.12	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.15.245.83 185.15.245.83	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	34.255.67.121 34.255.67.121	16509 (AMAZON-02) (AMAZON-02)
2 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	18.197.230.215 18.197.230.215	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.155.252.188 54.155.252.188	16509 (AMAZON-02) (AMAZON-02)
1	162.55.236.224 162.55.236.224	24940 (HETZNER-AS) (HETZNER-AS)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	44.209.183.242 44.209.183.242	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.209.20.66 52.209.20.66	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 2	52.2.255.128 52.2.255.128	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.32.27.99 13.32.27.99	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	34.247.205.196 34.247.205.196	16509 (AMAZON-02) (AMAZON-02)
1 1	35.210.239.72 35.210.239.72	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.71.54.14 52.71.54.14	14618 (AMAZON-AES) (AMAZON-AES)
1	2a05:d018:d29... 2a05:d018:d29:3605:b2f6:43fb:c655:2341	16509 (AMAZON-02) (AMAZON-02)
1 1	52.70.1.191 52.70.1.191	14618 (AMAZON-AES) (AMAZON-AES)
1	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	5.135.209.100 5.135.209.100	16276 (OVH) (OVH)
1 1	211.120.53.201 211.120.53.201	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
4	2a05:d018:ac8... 2a05:d018:ac8:b900:110:d8d7:bd0e:715a	16509 (AMAZON-02) (AMAZON-02)
1	94.130.55.46 94.130.55.46	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
175	74

1 2606:4700:20::681a:607 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

finance.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700:20::681a:707 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

finance.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
themes.finance.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.finance.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.finance.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:3f2 (United States)

ASN13335 (CLOUDFLARENET, US)

placeholder.treeum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:2f2 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.treeum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.71.49 (France)

ASN12876 (Online SAS, FR)
PTR: pics8.esputnik.com

statics.esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a01::994:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.203.91 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.203.160.34.bc.googleusercontent.com

tg.finance.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.111.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-111-70.eu-west-1.compute.amazonaws.com

site-script.esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:242:57ce::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.3.178.4 (United States) 1 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.83.71.234 (Cricklewood, United Kingdom) 2 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.14.96 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-14-96.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.23.44 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.adsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.149 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.67 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.161 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cm-x.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.17 (United States)

ASN46636 (NATCOWEB, US)

sync.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.178.2 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

u-ams03.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.95.59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-95-59.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.142.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-142-57.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.142.87 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-142-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.151.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-151-243.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a (Columbus, United States)

ASN16509 (AMAZON-02, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.90.12 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-90-12.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.67.121 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.230.215 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-230-215.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.252.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-252-188.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.183.242 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-183-242.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.20.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-20-66.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.255.128 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-255-128.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.99 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.239.72 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.54.14 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-54-14.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:b2f6:43fb:c655:2341 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.1.191 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-1-191.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.209.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-5-135-209.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.120.53.201 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:ac8:b900:110:d8d7:bd0e:715a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.55.46 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.55.130.94.clients.your-server.de

forms.esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	finance.ua 2 redirects finance.ua — Cisco Umbrella Rank: 881084 themes.finance.ua t.finance.ua static.finance.ua tg.finance.ua	903 KB
18	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 6758 ghb.adtelligent.com — Cisco Umbrella Rank: 5236 sync.adtelligent.com — Cisco Umbrella Rank: 3489	226 KB
13	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3274 mwzeom.zeotap.com — Cisco Umbrella Rank: 3222	4 KB
10	esputnik.com statics.esputnik.com — Cisco Umbrella Rank: 182969 site-script.esputnik.com — Cisco Umbrella Rank: 190242 esputnik.com — Cisco Umbrella Rank: 70411 forms.esputnik.com — Cisco Umbrella Rank: 708544	2 MB
9	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1589 usersync.gumgum.com — Cisco Umbrella Rank: 2098	3 KB
9	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969 eus.rubiconproject.com — Cisco Umbrella Rank: 602 pixel.rubiconproject.com — Cisco Umbrella Rank: 376 token.rubiconproject.com — Cisco Umbrella Rank: 458	29 KB
9	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 2776 s.e-planning.net — Cisco Umbrella Rank: 5968 u-ams03.e-planning.net — Cisco Umbrella Rank: 39934 i.e-planning.net — Cisco Umbrella Rank: 5337 sync.e-planning.net — Cisco Umbrella Rank: 4647	4 KB
8	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	5 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 k.clarity.ms — Cisco Umbrella Rank: 18474 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	2 KB
5	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1451 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	4 KB
5	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	1 KB
5	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 534 image6.pubmatic.com — Cisco Umbrella Rank: 823	18 KB
5	treeum.net placeholder.treeum.net — Cisco Umbrella Rank: 909978 fonts.treeum.net	118 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890 s.amazon-adsystem.com — Cisco Umbrella Rank: 310	3 KB
4	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
4	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	3 KB
4	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1267 dmp.adform.net — Cisco Umbrella Rank: 3509 c1.adform.net — Cisco Umbrella Rank: 599	2 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 758 usermatch.krxd.net — Cisco Umbrella Rank: 1979	941 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	445 B
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	2 KB
3	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 592	983 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
3	adtarget.com.tr 1 redirects s.console.adtarget.com.tr — Cisco Umbrella Rank: 10155 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 10731	2 KB
3	google.com google.com — Cisco Umbrella Rank: 1 region1.analytics.google.com — Cisco Umbrella Rank: 3040	412 B
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1922	1 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 539	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	914 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27893	906 B
2	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	19 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 695 us-u.openx.net — Cisco Umbrella Rank: 522	549 B
2	nextmillmedia.com 1 redirects cookies.nextmillmedia.com — Cisco Umbrella Rank: 2836	218 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	186 KB
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3752	64 KB
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1208	834 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	45 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 547	541 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580	286 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1055	44 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 909	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	metadsp.co.uk 1 redirects u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190	237 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 12394
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 17718	243 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	98 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 868	1 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	692 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 51304	214 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 685	145 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1851	375 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1324	204 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 560	528 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 25983	84 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	596 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7844	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 13579	460 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 705	202 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	140 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 931	401 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	35 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1439	300 B
1	admanmedia.com sync.admanmedia.com — Cisco Umbrella Rank: 3714	119 B
1	mgid.com 1 redirects cm-x.mgid.com — Cisco Umbrella Rank: 6847	644 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 751	206 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2189
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	477 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851	434 B
1	adsinteractive.com 1 redirects sync.adsinteractive.com — Cisco Umbrella Rank: 12548	389 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 26427	349 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 683	277 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 10367	259 B
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 923
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	764 B
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5423	7 KB
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 14674	761 B
1	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 53935	2 KB
0	bemail.it Failed bn01.er.bemail.it Failed
0	tidaltv.com Failed sync.tidaltv.com Failed
175	80

	Domain	Requested by
30	finance.ua	1 redirects finance.ua themes.finance.ua
11	mwzeom.zeotap.com	spl.zeotap.com
11	sync.adtelligent.com	1 redirects s.console.adtarget.com.tr ads.us.e-planning.net
7	usersync.gumgum.com	rtb.gumgum.com
7	ib.adnxs.com	6 redirects spl.zeotap.com
5	cm.g.doubleclick.net	3 redirects spl.zeotap.com rtb.gumgum.com
5	x.bidswitch.net	2 redirects ads.us.e-planning.net spl.zeotap.com rtb.gumgum.com
4	esputnik.com	statics.esputnik.com
4	dpm.demdex.net	3 redirects ssum.casalemedia.com
4	eus.rubiconproject.com	ads.us.e-planning.net rtb.gumgum.com eus.rubiconproject.com
4	u-ams03.e-planning.net	ads.us.e-planning.net ssum.casalemedia.com
4	site-script.esputnik.com	statics.esputnik.com
4	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
4	fonts.treeum.net	finance.ua
3	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com
3	match.adsrvr.org	spl.zeotap.com ssum.casalemedia.com rtb.gumgum.com
3	pixel.tapad.com	2 redirects spl.zeotap.com
3	creativecdn.com	3 redirects
3	sync.1rx.io	3 redirects
3	ads.pubmatic.com	player.adtelligent.com ads.us.e-planning.net rtb.gumgum.com
3	k.clarity.ms	www.clarity.ms
3	ghb.adtelligent.com	player.adtelligent.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	c1.adform.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	live.rezync.com	2 redirects
2	i.liadm.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	ups.analytics.yahoo.com	1 redirects ssum.casalemedia.com
2	idsync.frontend.weborama.fr	2 redirects
2	rtb.gumgum.com	ads.us.e-planning.net rtb.gumgum.com
2	sync.console.adtarget.com.tr	1 redirects s.console.adtarget.com.tr
2	spl.zeotap.com	ads.us.e-planning.net spl.zeotap.com
2	ssum.casalemedia.com	1 redirects ads.us.e-planning.net
2	secure-assets.rubiconproject.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com spl.zeotap.com
2	cookies.nextmillmedia.com	1 redirects
2	ads.us.e-planning.net	1 redirects player.adtelligent.com
2	onetag-sys.com	player.adtelligent.com ads.us.e-planning.net
2	c.clarity.ms	1 redirects
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	google.com	www.googletagmanager.com
2	www.googletagmanager.com	finance.ua www.googletagmanager.com
2	themes.finance.ua	finance.ua
1	img.youtube.com
1	forms.esputnik.com
1	tg.socdm.com	1 redirects
1	sync.e-planning.net	rtb.gumgum.com
1	ssbsync.smartadserver.com	rtb.gumgum.com
1	bh.contextweb.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	rtb.gumgum.com
1	sync.srv.stackadapt.com	1 redirects
1	us-u.openx.net	rtb.gumgum.com
1	u.ipw.metadsp.co.uk	1 redirects
1	secure.adnxs.com	1 redirects
1	ad4m.at	ssum.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	idsync.rlcdn.com	ssum.casalemedia.com
1	p.rfihub.com	1 redirects
1	cms.quantserve.com	1 redirects
1	pixel.rubiconproject.com	spl.zeotap.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	bcp.crwdcntrl.net	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	eb2.3lift.com	ads.us.e-planning.net
1	tags.crwdcntrl.net	s.e-planning.net
1	cm.adform.net	s.console.adtarget.com.tr
1	i.e-planning.net	ads.us.e-planning.net
1	rtb.openx.net	ads.us.e-planning.net
1	sync.go.sonobi.com	ads.us.e-planning.net
1	match.sharethrough.com	ads.us.e-planning.net
1	ssp.disqus.com	1 redirects
1	s.e-planning.net	ads.us.e-planning.net
1	sync.admanmedia.com	ads.us.e-planning.net
1	cm-x.mgid.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	vid.vidoomy.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	sync.adsinteractive.com	1 redirects
1	t.trafmag.com
1	ap.lijit.com
1	a4p.adpartner.pro	1 redirects
1	ssc-cms.33across.com	player.adtelligent.com
1	s.console.adtarget.com.tr	player.adtelligent.com
1	c.bing.com	1 redirects
1	www.google.de	finance.ua
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	tg.finance.ua	www.googletagmanager.com
1	widget.trustpilot.com	themes.finance.ua
1	images.dmca.com	themes.finance.ua
1	statics.esputnik.com	finance.ua
1	static.finance.ua	finance.ua
1	t.finance.ua	1 redirects
1	placeholder.treeum.net	finance.ua
1	player.adtcdn.com	finance.ua
0	bn01.er.bemail.it Failed	spl.zeotap.com
0	sync.tidaltv.com Failed	spl.zeotap.com
175	115

This site contains links to these domains. Also see Links.

Domain
news.finance.ua
sp.finance.ua
miniaylo.finance.ua
charts.finance.ua
tables.finance.ua
insure.finance.ua
new.finance.ua
project.finance.ua
forum.finance.ua
t.finance.ua
www.project.minfin.com.ua
cutt.ly
www.youtube.com
www.project.finance.ua
www.dmca.com
www.trustpilot.com
play.google.com
t.me
facebook.com
www.tiktok.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-28` - `2024-01-27`	a year	crt.sh
adtcdn.com GTS CA 1P5	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.esputnik.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-28`	a year	crt.sh
player.adtelligent.com R3	`2023-09-16` - `2023-12-15`	3 months	crt.sh
images.dmca.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
tg.finance.ua GTS CA 1D4	`2023-11-07` - `2024-02-05`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
ads.us.e-planning.net R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
cookies.nextmillmedia.com Amazon RSA 2048 M02	`2023-06-13` - `2024-07-11`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.e-planning.net R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-02-09`	a year	crt.sh
sync.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
*.tapad.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-18` - `2024-09-17`	a year	crt.sh
dmp.theadex.com R3	`2023-10-21` - `2024-01-19`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://finance.ua/
Frame ID: A9EE994F53E6E3E44CB6668C9FFB0BB4
Requests: 85 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 06D9CE7D75C6592396982E04EA4C0443
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 57F00791C84B0283575100E3AC55F28C
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: ADEEA3FC9496E2C8B0D6F13F31053D5D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 4B1F749B010CD39B6EB87B19635FA9F1
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: E3BCBD4F9C067B51F9B22F5406C72990
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 89F318F58E038D685C730A8CBF068DD3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1a6c1baa257569b8%26uid%3D
Frame ID: 85C8F042F6B1636B62081B9F30356572
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
Frame ID: F96E44A3B9688840EC34274E4E2310B7
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: C34EAC4024AB1CABB226ADB49BBF8D99
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 97A54A211B4A514939E1D751BBE85356
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 5A5EE29D328E0C78C80FD2CA0CB25EF8
Requests: 33 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=UONVFThB0HpxADi38ld6&pi=admatic&tc=1
Frame ID: BF536F2F5F6B231E248D38859BE9BE4D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: E82C126F6A999AF6DD7B830C057140FE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Frame ID: 544D6F1D19E40BE20C4ECB1D702C3564
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: D3B90D61335514ECC5246FBADA137C2D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AO3GoeRCPVN74DZV
Frame ID: B08C1880BDE7DE459E1A4F594AD28F10
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=7039491008036749499&gdpr=&gdpr_consent=
Frame ID: BDE2E40B0450924B9C2FFCBB4AAAE019
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWMyODAzZS1iMDM0LTQyZDMtOGM4Ny1iNzUyMWIwMjRhZmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: 3090D10A9B591C31DF0488CB4CA9F9F8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F4BEF112939F0D28235C69DD196B30AC
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 375C1674A03519AB496CCF26E70FB162
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZU5DT8Co5swAAORIPqcAAAAA
Frame ID: 26490C89A183ED93E17F4BB6E2B32AC6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=UONVFThB0HpxADi38ld6&pi=gumgum
Frame ID: FB939DE7D36F5AE03B43A4CC5E3528B9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: BA2FBC54B220B8438A8CFB38CF3932E4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Finance.ua | Фінанси в Україні | Курси валют, кредити, депозити, новини України

Page URL History Show full URLs

http://finance.ua/ HTTP 301
https://finance.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

175
Requests

77 %
HTTPS

24 %
IPv6

80
Domains

115
Subdomains

74
IPs

10
Countries

4133 kB
Transfer

6639 kB
Size

95
Cookies

126 Outgoing links

These are links going to different origins than the main page.

URL: https://news.finance.ua/
Title: Новини

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/currency
Title: Валюта

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/personal-finances
Title: Особисті фінанси

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/column
Title: Авторські колонки

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/press-releases
Title: Новини компаній

Search URL Search Domain Scan URL

URL: https://sp.finance.ua/
Title: Спецпроєкти

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/tests
Title: Тести

Search URL Search Domain Scan URL

URL: https://miniaylo.finance.ua/
Title: Міняйло

Search URL Search Domain Scan URL

URL: https://charts.finance.ua/ua/currency/interbank/-/1/usd
Title: Міжбанк

Search URL Search Domain Scan URL

URL: https://tables.finance.ua/ua/currency/cash
Title: Готівкові курси

Search URL Search Domain Scan URL

URL: https://tables.finance.ua/ua/currency/cards
Title: Карткові курси

Search URL Search Domain Scan URL

URL: https://tables.finance.ua/ua/currency/official
Title: Курс НБУ

Search URL Search Domain Scan URL

URL: https://charts.finance.ua/ua/currency/bitcoin/-/1/btc
Title: Курс Bitcoin

Search URL Search Domain Scan URL

URL: https://insure.finance.ua/ua/dms
Title: Добровільне медичне страхування

Search URL Search Domain Scan URL

URL: https://insure.finance.ua/ua/dmskorp
Title: ДМС для співробітників

Search URL Search Domain Scan URL

URL: https://new.finance.ua/ua/autoassistance
Title: Картка Assistance

Search URL Search Domain Scan URL

URL: https://insure.finance.ua/loyal
Title: Програма лояльності

Search URL Search Domain Scan URL

URL: https://project.finance.ua/telemedicine
Title: Телемедицина

Search URL Search Domain Scan URL

URL: https://forum.finance.ua/
Title: Форум

Search URL Search Domain Scan URL

URL: https://charts.finance.ua/ua/currency/interbank/-/1/usd#table
Title: $ 36.12 0.0450 / 36.14 0.0450

Search URL Search Domain Scan URL

URL: https://charts.finance.ua/ua/currency/interbank/-/1/eur#table
Title: € 38.57 0.1252 / 38.59 0.1180

Search URL Search Domain Scan URL

URL: https://charts.finance.ua/ua/currency/interbank
Title: Всі курси

Search URL Search Domain Scan URL

URL: https://miniaylo.finance.ua//
Title: Всі курси

Search URL Search Domain Scan URL

URL: https://tables.finance.ua/ua/currency/official/-/1
Title: $ 36.04 0.0036

Search URL Search Domain Scan URL

URL: https://tables.finance.ua/ua/currency/cash/-/ua/usd/0
Title: $ 37.17 0.0097 / 37.73 0.0178

Search URL Search Domain Scan URL

URL: https://tables.finance.ua/ua/currency/cash/-/ua/eur/0
Title: € 39.71 0.0007 / 40.44 0.0026

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-kyyevi-eksperty-investyciynoho-biznesu-podilyat-sya-sekretamy-uspishnoho-investuvannya
Title: Експерти інвестиційного бізнесу поділяться секретами успішного інвестування

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/nova-poshta-pochala-pracyuvaty-shhe-v-odniy-yevropeys-kiy-kraini
Title: 16:44Finance.ua«Нова пошта» почала працювати ще в одній європейській країні

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/chotyry-krainy-yes-zvolikayut-z-rishennyam-shhodo-vykorystannya-aktyviv-rf
Title: 16:30Чотири країни ЄС зволікають з рішенням щодо використання активів рф

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/yevidnovlennya-skil-ky-ukraincyam-vzhe-vydilyly-kompensaciy-za-znyshhene-zhytlo
Title: 16:13Finance.uaєВідновлення: скільки компенсацій за знищене житло вже виділили українцям

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ukraina-posila-druhe-misce-u-svitovomu-reytynhu-blahodiynosti
Title: 16:02Україна посіла друге місце у світовому рейтингу благодійності

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-ukraini-onovyly-pravyla-spadkuvannya-shho-zminylosya
Title: 15:47В Україні оновили правила спадкування: що змінилося

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/min-yust-vykorystav-kozhnu-p-yatu-hryvnyu-neefektyvno-abo-z-porushennyamy-rahunkova-palata
Title: 15:30Finance.uaМінʼюст використав кожну пʼяту гривню неефективно або з порушеннями — Рахункова палата

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ches-kyy-zaliznychnyy-operator-investuvatyme-u-vidnovlennya-elektryfikacii-na-dilyanci-chop-mukachevo
Title: 15:13Чеський залізничний оператор інвестуватиме у відновлення електрифікації на ділянці Чоп-Мукачево

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/u-zelens-koho-rozpovily-do-choho-hotuvatys-u-2024-roci
Title: 15:00У Зеленського розповіли, до чого готуватись у 2024 році

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/krainy-nato-mayut-navchatysya-kiberzahystu-v-ukrainy-holova-mzs-nimechchyny
Title: 14:34Країни НАТО мають навчатися кіберзахисту в України, — голова МЗС Німеччини

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-ukraini-zalyshylosya-lyshe-dva-mil-yardery-hto-skil-ky-vtratyv-z-2021-roku-spysok
Title: 14:00В Україні залишилося лише два мільярдери: хто скільки втратив з 2021 року (список)

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/kyivvodokanal-zaprovadyv-novitniy-servis-podrobyci-vid-komunal-nykiv
Title: 13:34«Київводоканал» запровадив новітній сервіс: подробиці від комунальників

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/deficyt-pracivnykiv-u-yakyh-haluzyah-zhinok-zaluchayut-na-cholovichi-posady
Title: 13:01Дефіцит працівників. У яких галузях жінок залучають на «чоловічі» посади

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/oae-pohodylysya-obmezhyty-reeksport-tovariv-iz-yes-do-rf-turechchyna-rozhlyadaye-taki-sami-zahody-zmi
Title: 12:43ОАЕ погодилися обмежити реекспорт товарів із ЄС до рф, Туреччина розглядає такі самі заходи — ЗМІ

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/meshkanci-odnoho-z-rehioniv-ukrainy-mozhut-otrymaty-dodatkovi-vyplaty-shho-vidomo
Title: 12:38Мешканці одного з регіонів України можуть отримати додаткові виплати: що відомо

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/nbu-vvodyt-v-obih-novu-obihovu-pam-yatnu-monetu
Title: 12:15Finance.uaНБУ вводить в обіг нову обігову пам’ятну монету (фото)

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/shho-bude-iz-kursom-dolara-u-lystopadi-kolyvannya-nemynuchi-ale-ye-nyuans
Title: 12:03Що буде із курсом долара у листопаді: коливання неминучі, але є нюанс

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/vidsotkiv-nedostatn-o-ukraina-potrebuye-vsi-zamorozheni-rosiys-ki-aktyvy-dlya-vidbudovy-min-yust
Title: 11:45Відсотків недостатньо, Україна потребує всі заморожені російські активи для відбудови — Мін'юст

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/kyiv-otrymav-koshty-vid-tayvanyu-na-dobudovu-pishohidnoho-mostu-z-obolons-koi-naberezhnoi
Title: 11:34Finance.uaКиїв отримав кошти від Тайваню на добудову пішохідного мосту з Оболонської набережної на острів

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/za-chas-voyennoho-stanu-systema-prozorro-prodazhi-dopomohla-zarobyty-do-byudzhetiv-riznyh-rivniv-ponad-20-mlrd-hryven
Title: 11:20Finance.uaЗа час воєнного стану система Прозорро. Продажі допомогла заробити до бюджетів різних рівнів понад 20 млрд гривень

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/shmyhal-nazvav-p-yat-komponentiv-uspishnoi-vidbudovy-ukrainy
Title: 11:15Шмигаль назвав п’ять компонентів успішної відбудови України

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/dobirka-viddalenyh-vakansiy-lystopada
Title: 11:07Finance.uaДобірка віддалених вакансій листопада

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/yes-rozhlyadaye-al-ternatyvnyy-plan-dopomohy-ukraini-shhob-obiyty-veto-uhorshhyny
Title: 10:45ЄС розглядає альтернативний план допомоги Україні, щоб обійти вето Угорщини

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/pakety-oboronnoi-dopomohy-ukraini-stanut-menshymy-pentahon
Title: 10:30Пакети оборонної допомоги Україні стануть меншими — Пентагон

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ukraina-rozshyryuvatyme-spivpracyu-z-amerykans-kym-partnerom-westinghouse-halushhenko
Title: 10:13Finance.uaУкраїна розширюватиме співпрацю з американським партнером Westinghouse — Галущенко

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/reyderstvo-pid-chas-viyny-kil-kist-sprav-v-ukraini-strimko-zrostaye
Title: 10:03Finance.uaРейдерство під час війни: кількість справ в Україні стрімко зростає

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/mobil-ni-banky-v-nebezpechnyh-rayonah-bankivs-ki-posluhy-mozhut-nadavaty-u-shovyshhah
Title: 09:48Finance.uaМобільні банки: в небезпечних районах банківські послуги можуть надавати у сховищах

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ekspert-pid-chas-likvidacii-banku-chasto-zabuvayut-pro-depozytariy-z-cinnymy-paperamy
Title: 09:35Експерт: під час ліквідації банку часто забувають про депозитарій з цінними паперами

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/yevrodeputaty-vymahayut-posylyty-kontrol-nad-dotrymannyam-sankciy-proty-rosii
Title: 09:12Євродепутати вимагають посилити контроль над дотриманням санкцій проти росії

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/derzhbyudzhet-2024-kurs-dolara-vydatky-na-oboronu-minimal-na-zarplata-y-pensiya
Title: 09:00Finance.uaДержбюджет-2024: курс долара, видатки на оборону, мінімальна зарплата й пенсія

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ukrposhta-zapustyla-pershu-elektronnu-marku
Title: 08:30Finance.ua«Укрпошта» запустила першу електронну марку

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/seredn-omisyachna-zarplata-aytivcya-z-2020-roku-zrosla-udvichi-derzhstat
Title: 08:01Середньомісячна зарплата айтівця з 2020 року зросла удвічі — Держстат

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/enerhoatom-planuye-zapustyty-vyrobnyctvo-obladnannya-dlya-malyh-modul-nyh-reaktoriv
Title: 07:37«Енергоатом» планує запустити виробництво обладнання для малих модульних реакторів

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/enerhorehulyator-zrobyv-shhe-odyn-krok-do-liberalizacii-rynku-elektroenerhii
Title: 06:49Енергорегулятор зробив ще один крок до лібералізації ринку електроенергії

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/skil-ky-shtrafiv-narahuvaly-avtomatychni-kompleksy-zvazhuvannya-vantazhivok
Title: 05:47Скільки штрафів нарахували автоматичні комплекси зважування вантажівок

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/kia-oficiyno-predstavyla-onovlenyy-carnival
Title: 04:29Kia офіційно представила оновлений Carnival

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/porsche-pokazala-salon-novoi-panamera
Title: 03:22Porsche показала салон нової Panamera

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/samsung-prypynyaye-vypusk-onovlen-dlya-p-yaty-populyarnyh-smartfoniv
Title: 02:16Samsung припиняє випуск оновлень для п’яти популярних смартфонів

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/apple-prypynyla-vypusk-shhe-5-produktiv
Title: 01:12Apple припинила випуск ще 5 продуктів

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/gm-cruise-vidklykaye-950-bezpilotnyh-avto-u-ssha
Title: 00:03GM Cruise відкликає 950 безпілотних авто у США

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ciny-na-kartoplyu-v-ukraini-zrosly-na-17-za-tyzhden
Title: 23:38Ціни на картоплю в Україні зросли на 17% за тиждень

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/brytans-ka-kompaniya-mini-predstavyla-novyy-avtomobil-foto
Title: 22:34Британська компанія Mini представила новий автомобіль (фото)

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-yes-zaproponuvaly-kupuvaty-ukrains-ke-zerno-dlya-dopomohy-blyz-komu-shodu
Title: 21:32В ЄС запропонували купувати українське зерно для допомоги Близькому Сходу

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/vlasnykam-zemel-nyh-paiv-mozhut-vidmovyty-v-subsydii
Title: 21:04Власникам земельних паїв можуть відмовити в субсидії

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/nabu-i-sap-vykryly-korupciynu-shemu-na-volyns-kiy-mytnyci
Title: 20:20Finance.uaНАБУ і САП викрили корупційну схему на Волинській митниці

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/chervonyy-hrest-vydaye-bezkoshtovni-nabory-produktiv-yak-mozhna-otrymaty-dopomohu
Title: 20:02Червоний Хрест видає безкоштовні набори продуктів — як можна отримати допомогу

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ciny-na-naftu-vpaly-do-trymisyachnoho-minimumu
Title: 19:45Ціни на нафту впали до тримісячного мінімуму

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-ukraini-vvely-v-ekspluataciyu-dvi-hazovi-sverdlovyny
Title: 19:30В Україні ввели в експлуатацію дві газові свердловини

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/hlava-microstrategy-prohnozuye-zrostannya-bitcoin-do-5-mil-yoniv
Title: 19:14Глава MicroStrategy прогнозує зростання Bitcoin до $5 мільйонів

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/top-5-elektromobiliv-z-naybil-shym-zapasom-hodu-na-ukrains-komu-rynku
Title: 19:00ТОП-5 електромобілів з найбільшим запасом ходу на українському ринку

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/uhorshhyna-ne-hoche-ukrainy-v-yes-bo-z-neyu-pryyde-i-viyna-siyarto
Title: 18:30Угорщина не хоче України в ЄС, бо «з нею прийде і війна» — Сіярто

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-ukraini-zapustyly-sayt-z-perevirkoyu-lehal-nosti-avtopereviznyka-na-nedobrosovisnyh-mozhna-poskarzhytysya
Title: 18:00В Україні запустили сайт з перевіркою легальності автоперевізника: на недобросовісних можна поскаржитися

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/biznes-skarzhyt-sya-na-deficyt-vahoniv-ta-cystern
Title: 17:45Бізнес скаржиться на дефіцит вагонів та цистерн

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/den-finansiv-derzhbyudzhet-2024-kurs-dolara-vydatky-na-oboronu-vvp-ta-inflyaciya
Title: 17:45Finance.uaДень фінансів: держбюджет-2024 — курс долара, видатки на оборону, ВВП та інфляція

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/holovu-sela-na-kyivshhyni-vykryly-na-mil-yonniy-shemi-z-zakupivlyamy-dlya-zsu
Title: 17:15Голову села на Київщині викрили на мільйонній схемі з закупівлями для ЗСУ

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/skil-ky-ukrainciv-pracyuye-v-pol-shhi-rekordnyy-pokaznyk-v-istorii
Title: 17:00Скільки українців працює в Польщі: рекордний показник в історії

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/zelens-kyy-zatverdyv-prodovzhennya-voyennoho-stanu-ta-mobilizacii
Title: 16:50Зеленський затвердив продовження воєнного стану та мобілізації

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/inflyaciya-v-ukraini-spovil-nylasya-do-tryrichnoho-minimumu-derzhstat
Title: 16:43Інфляція в Україні сповільнилася до трирічного мінімуму — Держстат

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/turechchyna-zvynuvatyla-yes-u-nespravedlyvosti-ta-uperedzhenosti-shhodo-ii-zayavky-na-vstup
Title: 16:27Туреччина звинуватила ЄС у несправедливості та упередженості щодо її заявки на вступ

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/putin-pidpysav-ukaz-pro-mozhlyvist-obminu-aktyviv-zamorozhenyh-u-rf-i-za-kordonom
Title: 16:17путін підписав указ про можливість обміну активів, заморожених у рф і за кордоном

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/shho-oznachaye-dlya-krainy-rekordnyy-finansovyy-rezul-tat-bankivs-koho-sektoru-poyasnennya-nbu
Title: 16:02Finance.uaЩо означає для країни рекордний фінансовий результат банківського сектору — пояснення НБУ

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/nazk-vneslo-do-pereliku-sponsoriv-viyny-hruzyns-koho-vyrobnyka-vyn
Title: 15:47Finance.uaНАЗК внесло до переліку спонсорів війни грузинського виробника вин

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/pershyy-misyac-hnuchkosti-kursu-koshtuvav-byudzhetu-ponad-45-mil-yoniv-zmi
Title: 15:34Перший місяць гнучкості курсу «коштував» бюджету понад 45 мільйонів — ЗМІ

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/hlava-yevrorady-my-vzhe-nadaly-ukraini-dopomohu-na-mayzhe-83-mlrd-yevro
Title: 15:16Глава Євроради: ми вже надали Україні допомогу на майже 83 млрд євро

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-uryadi-sprohnozuvaly-koly-ukraina-zmozhe-vstupyty-do-yes
Title: 15:00В уряді спрогнозували, коли Україна зможе вступити до ЄС

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/krainy-g7-shvalyly-vnesennya-rosiys-kyh-almaziv-do-12-ho-paketu-sankciy
Title: 14:32Країни G7 схвалили внесення російських алмазів до 12-го пакету санкцій

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/rada-uhvalyla-derzhbyudzhet-2024
Title: 14:20Рада ухвалила держбюджет-2024

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/pershyy-v-ukraini-mesendzher-dlya-hroshey-sense-bank-reformuvav-systemu-platezhiv-i-perekaziv-1699532264
Title: 14:15Перший в Україні месенджер для грошей: Sense Bank реформував систему платежів і переказів

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-ukraini-skasuvaly-moratoriy-na-podatkovi-perevirky-biznesu
Title: 14:02В Україні скасували мораторій на податкові перевірки бізнесу

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/stiykist-popry-viynu-ta-ruynuvannya-yevrokomisiya-vidznachyla-prohres-ukrainy-v-rozvytku-enerhosektoru
Title: 13:34Finance.uaСтійкість попри війну та руйнування: Єврокомісія відзначила прогрес України в розвитку енергосектору

Search URL Search Domain Scan URL

URL: https://t.finance.ua/FTBJzN
Title: з 01.11.2023-01.12.2023Акція "Депозит в яблучко!" Заробляйте більше

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/rozihriyte-vashi-depozyty-do-zymy-ta-vyhravayte-pryzy
Title: розіграш🔥 Розігрійте ваші депозити до зими та вигравайте призи

Search URL Search Domain Scan URL

URL: https://www.project.minfin.com.ua/plekayemo-svoye
Title: «Плекаємо своє». Проєкт підтримки бізнесу з загальним фондом 1 000 000 грн

Search URL Search Domain Scan URL

URL: https://cutt.ly/SM8L5GH
Title: Інтенсив: антикризові інвестиції

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=-RaYNxHdXQw
Title: відеоІнфляція в Україні сповільнюється, а гривня зміцнюється: що на це вплинуло і чого чекати далі?

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ihor-chernenko-chomu-investory-vtrachayut-interes-do-ofisnoi-neruhomosti
Title: Чому інвестори втрачають інтерес до офісної нерухомостіПандемія коронавірусу Covid-19 офіційно завершилася, і найбільші компанії світу намагаються повернути своїх співробітників до офісів. Ігор Черненко

Search URL Search Domain Scan URL

URL: https://t.finance.ua/KcrCV6kS
Title: Вигідні умови отримання кредитуДетальніше

Search URL Search Domain Scan URL

URL: https://t.finance.ua/Jg9qqCkp
Title: Кредит онлайн на карткуДетальніше

Search URL Search Domain Scan URL

URL: https://t.finance.ua/YVByqHp9
Title: Особливі умови онлайнДетальніше

Search URL Search Domain Scan URL

URL: https://www.project.finance.ua/sendy-currency
Title: Бажаєте знати що з курсом?Finance.ua запускає безкоштовну валютну розсилку

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=vm7Lr8ZtTo4
Title: ВідеоЯким буде курс долара та євро в листопаді 2023. Прогноз курсу долара на тиждень

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=muOYUBWNZqw
Title: відеоЩо буде з депозитами: що вирішить Нацбанк щодо облікової ставки та чому це важливо всім українцям

Search URL Search Domain Scan URL

URL: https://www.project.finance.ua/shljah-do-finansovoi-nezalezhnosti
Title: ІнвестиціїШлях до фінансової незалежності: нерухомість, крипта чи акції

Search URL Search Domain Scan URL

URL: https://www.project.finance.ua/yak-zaroblyaty-na-yutubi-i-shho-dlya-coho-potribno
Title: І що для цього потрібноЯк заробляти на ютубі

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/shi-namalyuvav-ukrains-ki-banky-chy-vhadayete-hto-ye-hto-test
Title: тестШІ намалював українські банки. Чи вгадаєте, хто є хто?

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ukrainci-mozhut-kupyty-strahovyy-stazh-kudy-zvertatysya-ta-yaki-limity
Title: Українці можуть «купити» страховий стаж: куди звертатися та які ліміти

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/ukrainci-masovo-vidkryvayut-fopy-yakyy-biznes-obyrayut-naychastishe
Title: Українці масово відкривають ФОПи: який бізнес обирають найчастіше

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/v-ukraini-znachno-podorozhchala-cybulya-yaka-nyni-ii-vartist
Title: В Україні значно подорожчала цибуля: яка нині її вартість

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/predstavleno-novyy-suzuki-swift-2024-foto
Title: Представлено новий Suzuki Swift 2024 (фото)

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/mensh-nizh-polovyni-startapiv-z-za-kordonu-planuyut-povernennya-v-ukrainu
Title: 47% стартапів планують повернення в Україну

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/top-10-sedaniv-yaki-ne-vymahayut-osoblyvyh-vytrat-na-obsluhovuvannya
Title: ТОП-10 седанів, які не вимагають особливих витрат на обслуговування

Search URL Search Domain Scan URL

URL: https://news.finance.ua/ua/kurs-dolara-v-ukraini-ekspert-poyasnyv-chomu-valyuta-deshevshaye
Title: Курс долара в Україні: експерт пояснив, чому валюта дешевшає

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=5f9066c6-0249-49dc-88ff-a121729128c8

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/finance.ua?languages=all

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.finance.personalcredit

Search URL Search Domain Scan URL

URL: https://t.me/Finance_ukr

Search URL Search Domain Scan URL

URL: https://facebook.com/Finance.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCaK1wF6B3xDCQT0_yyeP9yQ

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@finance.ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/finance.ua.official/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://finance.ua/ HTTP 301
https://finance.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://t.finance.ua/FJCTLBYq?se_referrer=&default_keyword=Finance.ua%20%7C%20%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%7C%20%D0%9A%D1%83%D1%80%D1%81%D0%B8%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%B8%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&&frm62b03cd731fac=script62b03cd731fad&_cid=23019feb-d130-828c-5e93-184b6a75af73 HTTP 302
https://static.finance.ua/banner/banner.gif

Request Chain 56

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=64CBBF6581C94D5EA8C1B9BF29F92B18&RedC=c.clarity.ms&MXFR=0E0BF5D46F05674F284DE6116B05692D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=64CBBF6581C94D5EA8C1B9BF29F92B18&MUID=13625F15080F6A123E0B4CD009846B65

Request Chain 61

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 62

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1d2c53fe-3efe-43c3-a766-1ef089724539

Request Chain 64

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7d5ac6ee7abcedbc

Request Chain 66

https://sync.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D HTTP 308
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-PwzmffhFAyQURx1xVdQYQrac2L7YJ9gAhKjPXrIy&gpp={gpp}&gpp_sid={gpp_sid}

Request Chain 67

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1699627854399 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=8147906605 HTTP 302
https://sync.1rx.io/usersync/turn/9085677422534111407?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-6fa233ca-7b78-4abd-9096-04a379b7448d-003 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003

Request Chain 68

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1130769995846920363

Request Chain 70

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1130769995846920363

Request Chain 71

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=1130769995846920363

Request Chain 72

https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310531%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D%26extuid%3D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=

Request Chain 73

https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ccpa%3D%7Bus_privacy%7D%26coppa%3D%7Bcoppa%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=e9ddcb47-d065-43a1-b298-946396ed9517&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ccpa={us_privacy}&coppa={coppa}

Request Chain 82

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1a6c1baa257569b8%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1a6c1baa257569b8&uid=1130769995846920363

Request Chain 83

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D1a6c1baa257569b8%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=1a6c1baa257569b8&uid=ua-455b0d9f-4973-3a97-ab29-980c30fe4d79

Request Chain 87

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D1a6c1baa257569b8 HTTP 302
https://u-ams03.e-planning.net/um?uid=csuid_df8c6715-3730-4b79-87ed-a2ab2ecffdbc&dc=b337141cfdc8cf59&fi=1a6c1baa257569b8

Request Chain 90

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 92

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1

Request Chain 96

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=UONVFThB0HpxADi38ld6&pi=admatic&tc=1

Request Chain 98

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=2fb90e343648582e

Request Chain 105

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=b67a978d-8011-4bc6-a641-fa53b022a7b2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 112

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d6431f22-d163-4688-64b4-b0cca0d28a08&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d6431f22-d163-4688-64b4-b0cca0d28a08&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=67108912628805331281115705467435627280&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 115

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7299846048329300127&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 117

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361 HTTP 307
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361&bounce=1&random=417487421 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=RAvVA6BV47mTtOchO/vsiu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 119

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d6431f22-d163-4688-64b4-b0cca0d28a08?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 120

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-K9RJv3tE2op3DXmYHUhXxmToTYzHylD7Ng--~A&zpartnerid=570&env=mWeb

Request Chain 121

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=M4bKyNCbUKOZXso9H0HfgVUWgUJyT83k%2BS41iYitP1U%3D

Request Chain 125

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361&_test=ZU5DTwACxYuMWwAm HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZU5DTwACxYuMWwAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 126

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 127

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361&dcc=t

Request Chain 129

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 133

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=aNZUZGrQVGdzggM2P9BNNmyGUWRzhlgxadqiY5pI&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Request Chain 135

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8cee0b2aa8234f15bcea9d67fbb7ca83 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8cee0b2a-a823-4f15-bcea-9d67fbb7ca83 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=4964b447-e9a9-4a06-b8a5-93f91d4939e4%3A1699627855.9119284&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4964b447-e9a9-4a06-b8a5-93f91d4939e4%253A1699627855.9119284%26_%3D1699627855.9147243&cb=1699627855.914784 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730783988414&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4964b447-e9a9-4a06-b8a5-93f91d4939e4%253A1699627855.9119284%26_%3D1699627855.9147243 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=4964b447-e9a9-4a06-b8a5-93f91d4939e4%3A1699627855.9119284&_=1699627855.9147243

Request Chain 136

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5DTkAgII6LlZwF0RvC3AAAFKMAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5DTkAgII6LlZwF0RvC3AAAFKMAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZU5DTkAgII6LlZwF0RvC3AAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZU5DTkAgII6LlZwF0RvC3AAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBMdkchm_K_OKnEk3Nqx9Mc&google_cver=1

Request Chain 139

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283

Request Chain 140

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

Request Chain 144

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=1130769995846920363

Request Chain 145

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_79c2803e-b034-42d3-8c87-b7521b024afb&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_79c2803e-b034-42d3-8c87-b7521b024afb&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6ed445dc-6c08-4b05-bd5b-9aa042d10ea8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6ed445dc-6c08-4b05-bd5b-9aa042d10ea8

Request Chain 147

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-84b5be83-e66f-5bf9-42a5-61d6097496e1$ip$80.255.7.100

Request Chain 149

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=0d41ca6b-e769-456b-8b84-23368907a4c0

Request Chain 151

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_79c2803e-b034-42d3-8c87-b7521b024afb&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 152

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=f72ioHSJEDLQ&ev=1&pid=558355

Request Chain 155

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=7039491008036749499&gdpr=&gdpr_consent=

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWMyODAzZS1iMDM0LTQyZDMtOGM4Ny1iNzUyMWIwMjRhZmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWMyODAzZS1iMDM0LTQyZDMtOGM4Ny1iNzUyMWIwMjRhZmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Request Chain 159

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZU5DT8Co5swAAORIPqcAAAAA

Request Chain 160

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=UONVFThB0HpxADi38ld6&pi=gumgum

Request Chain 161

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

175 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
finance.ua/
Redirect Chain

http://finance.ua/
https://finance.ua/

275 KB
76 KB

190ms
104ms

Document
text/html

2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a54198853b60424a80229c56754bc3926256a310dde4322d15279cb9bdb4e334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 231
alt-svc: h3=":443"; ma=86400
cache-control: max-age=300, public, s-maxage=600, stale-if-error=604800, stale-while-revalidate=604800
cf-cache-status: DYNAMIC
cf-ray: 823f1c425d31690d-FRA
content-encoding: br
content-language: uk
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 14:50:53 GMT
expires: Fri, 10 Nov 2023 14:57:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOkRmEnLVzVd%2Bn3YYEjMx61Bz3Lhl1xio7wN6I0r1H2tGi9iP0rgj1UTWGlCFL9QvrrhpPGUJVzaj6FagNcT96XdFJhTFtN1EA1Tr7%2Fa9uikz6oPmzuVKJ2nK7FfqhK%2B%2FV2rZFVAqS0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 823f1c411a054daa-FRA
Connection: keep-alive
Content-Length: 0
Date: Fri, 10 Nov 2023 14:50:53 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWk8l%2Bk54gtQh6v9FWFZdqE7daXktaOpt%2BBHXNKPCB7k68bxd8%2BXUN58EllnIjJ9uCBPWU4r0%2FTUSqW%2FP4xrOLTDAYTHh51xjW4VuusfcPq5iZSa4bdskl386QoGrKvpl1%2FFlFINOds%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400
location: https://finance.ua/

GET
H2 200 wrapper_hb_302857_5475.js Show response
player.adtcdn.com/prebidlink/ 2 KB
2 KB 325ms
217ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/wrapper_hb_302857_5475.js
Requested by: Host: finance.ua
URL: https://finance.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ea7be5c729f7962aa0f5356040161a5b381966c976171b4b50c0cf59c3885dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 10 Nov 2023 10:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654e06c8-9fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx%2BrdawCJKGj%2B6jgmZehhto%2FpoWTxpdvhZmhxRoqASUFZBSbg%2BZR%2FQaH%2FNs5h1%2F12934V1Uqlcrl1v%2BVQ6ic6AaFkYAri7ItkfyPG7Kugq5kr9DmN%2FUZHXXtj3Sa4TtqXnJN%2FzBMEcOIUxcIxCCtSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 823f1c43caaf1a6d-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 10 Nov 2023 15:05:53 GMT

GET
H2 200 loader.js Show response
placeholder.treeum.net/static/build/v1/ 73 KB
24 KB 152ms
58ms Script
text/javascript 2606:4700:20::681a:3f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://placeholder.treeum.net/static/build/v1/loader.js

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03eb7caf23a4d7381c786a4feea170d5542e1f9a5daa510a9f648277caa5df21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
cf-bgj: minify
last-modified: Fri, 06 Oct 2023 09:33:01 GMT
server: cloudflare
etag: W/"651fd44d-1242d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fm83wIHFTJVPH5QnqF7aUmv2izuq9VXqyOoZNExg%2BYnIJ6tIgX065mFJcujy2JWOyHrL04nzS4YnR11UslqO%2FWlbyAloK1yziRRXzH7OXq%2BTtm%2F2XCiC9nr%2FYmYsigmqTMznEPpmDL6GdcCB%2Fiym4BrgpyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
cache-control: max-age=600, public
cf-ray: 823f1c43ae612c1a-FRA

GET
H2 200 style.4a4dbc24.css
finance.ua/asset/style/frontpage/ 46 KB
8 KB 54ms
53ms Stylesheet
text/css 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/asset/style/frontpage/style.4a4dbc24.css

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea085017b18aca2345d00a41564b507c9f7c7d7f2bbaa2e990cfc3f07f2b211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 799899
cf-polished: origSize=47036
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: minify
last-modified: Mon, 16 Oct 2023 08:23:28 GMT
server: cloudflare
etag: W/"652cf300-b7bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOse6HFvFndYPJN4xe8YE%2B8o4TMEW%2BGKxS8nQCMn2ezyuVGJQ3Fe%2FOwZzpu6cnZ2BQipOaYZLmrhIrU7lqN5fVkqpu0eL9PubZvV1CSv7s8xb8tBDetf%2FooEj6VkeYNITcpRTMMseJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public
cf-ray: 823f1c431e02690d-FRA
expires: Wed, 30 Oct 2024 13:14:29 GMT

GET
H2 200 201901-header.3ff18126.js Show response
themes.finance.ua/asset/script/ 26 KB
8 KB 76ms
65ms Script
application/javascript 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://themes.finance.ua/asset/script/201901-header.3ff18126.js
Requested by: Host: finance.ua
URL: https://finance.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4601449b7b8183fc200440c9cb082869332a545ff00c8d5588792a6387642ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1469143
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 22 Jun 2023 12:36:15 GMT
server: cloudflare
etag: W/"674a-5feb721514dc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BOkGAAQZ2fueT55pkFwfoU5ttL2497UdhR%2BkfVxUI6wBShk2zTh1UtP7Ub2pUbcO7YKWBR8byvY2yN6%2B8GShcu4KiGpMbbkNgVdGSb3p4heZ1iC5L2YqtjnNsFMAFDnIsukPRmS0h8lvaCj5ZCb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 823f1c433e26690d-FRA
expires: Wed, 23 Oct 2024 14:45:10 GMT

GET
H2 200 201901-footer.41a071e2.js Show response
themes.finance.ua/asset/script/ 27 KB
9 KB 66ms
56ms Script
application/javascript 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://themes.finance.ua/asset/script/201901-footer.41a071e2.js
Requested by: Host: finance.ua
URL: https://finance.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86760be00cad1c97475072179e5e63354a683b88e04147300dae6242173d2b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 907439
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 22 Jun 2023 12:36:15 GMT
server: cloudflare
etag: W/"6ddd-5feb721514dc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iucAr47NPLDyP3Mk1k6s2Scc5D5kp2%2BOser2E5eCNUk0X39St%2FqEzyZ0p2mffdj8qjn2HAvLxcKXX%2BfJZ8F7AmtVgEbEsFVxG3Nh7iZ5xOGweO2hUtOzjP03qtugPVjSTZ%2BYmmZCT%2FB3dDuZfzKm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 823f1c433e25690d-FRA
expires: Wed, 30 Oct 2024 02:46:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 311 KB
97 KB 161ms
74ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-524DCZW

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee93eb06f9f5ff81432f09bef1273c60fc37241bee354ed8d2b3ce7d31246ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98601
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 14:50:53 GMT

GET
H2 200 sprite.svg
finance.ua/asset/938/asset/assets/ 62 KB
14 KB 64ms
63ms Other
image/svg+xml 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/asset/938/asset/assets/sprite.svg

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28b035fdbba48599da4d76feb47bd4d923f1ce2b36192552169ecd59fd130e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26331
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
pragma: public
last-modified: Thu, 09 Nov 2023 08:51:08 GMT
server: cloudflare
etag: W/"654c9d7c-f678"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX%2FeScaGnU%2BmdiyiXtPYc4ePZj%2FyECeT8O3r32ydD2wKk%2Bl0KaGskV2MPwJ0Db7dN5jhntVNzKuJtrjTOi6xf2Ey3%2BQgPEtKgRKKYQZC8TRRf8o%2FcUNHiMbu0JOgTYBxB8o0Ta732%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 823f1c432e18690d-FRA
expires: Sat, 09 Nov 2024 07:32:02 GMT

GET
H2 200 blank-rectangle.df93e07c.gif
finance.ua/asset/assets/frontpage/images/ 100 B
536 B 59ms
59ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/asset/assets/frontpage/images/blank-rectangle.df93e07c.gif

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd310938bd7e088d2cb0e499f17468ad7f2915ddc3c78e36e9f865febf79eee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26331
cf-polished: origFmt=gif, origSize=1210
content-disposition: inline; filename="blank-rectangle.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:51:08 GMT
server: cloudflare
etag: "654c9d7c-4ba"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BcMAy%2F97GnYME76QrD9Wo7QGMH1cwE7d3jTDr0uMoDlB1fkoKn9OO4GXaq1VSoHc%2BUc8hDujNT4KvmCYtAezKsAcsYRqs%2B1%2FvHHIEnFqOg0cEQ4CTKDSQbkj%2BfO0npXViSGbuWso6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 823f1c433e1f690d-FRA
expires: Sat, 09 Nov 2024 07:32:02 GMT

GET
H2 200 7670-Chornenko.png
finance.ua/uploads/media/96x96/00/ 2 KB
2 KB 61ms
61ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/96x96/00/7670-Chornenko.png?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc58115c9203629e6ec3655581f6b34ee4306b0f477c616f0a4be3d6d8cd99ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112868
cf-polished: qual=85, origFmt=jpeg, origSize=3173
content-disposition: inline; filename="7670-Chornenko.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1580
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 07:29:45 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdK%2BaOGnRKu5hLkejDlONBzwtF6NcLS5BJJYBczk8oI9DLwZWkKuPa6AD%2FH%2B9x%2BqdpeXbW2SBLlfBWmQ9eEsnPSG7Ln2XRF24lvaV6Un0C9mNXvKhRQWWQt1KpHKyj%2FBIUIrnDPeT5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c433e20690d-FRA
expires: Fri, 08 Dec 2023 18:18:01 GMT

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07b5fd2586c4c51e38d14e17c19fe6a6cf0affb44ca0f1af3e35f781ea0b0159

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c824dd14f32f2f6c307d1a174fe6e4470696b508a274ed719690cf2674e52932

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0327dc4d8fe4bdb4800e1935d378f6cba890203902a9f2b193e6130ffde65a15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0a546c8e686ea370798041cfd3167d6ad91a213688262f42bd8dead21427924

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 catfish.8de141a6.css
finance.ua/asset/style/commercial/ 516 B
657 B 58ms
58ms Stylesheet
text/css 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/asset/style/commercial/catfish.8de141a6.css

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ad732450cba181da81ba48c90836f80c5b6a01ffd4a4df2e9fb88001166a1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26331
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 08:51:08 GMT
server: cloudflare
etag: W/"654c9d7c-204"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCL6edf7CNwOrU24FLFsd7KWGNI%2FG0VyY4DNJHuMJnm6FIw5yJCWjCYpqTzZFpwQeCEKHNQQl3bvI7RqnE4KDRGFeKB7GePbJMfCMNKSgnYA0qkN8zJ4C9OnRxa7vyrsZU7RoZVTVYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public
cf-ray: 823f1c434e3a690d-FRA
expires: Sat, 09 Nov 2024 06:58:45 GMT

GET
H2 200 bottom.6f2474a7.css
finance.ua/asset/style/commercial/ 532 B
577 B 57ms
57ms Stylesheet
text/css 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/asset/style/commercial/bottom.6f2474a7.css

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32668fc938c766cc989a9a40186c27291cd4b1d871fcd1da207240da548feee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4590496
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: minify
last-modified: Mon, 18 Sep 2023 11:30:53 GMT
server: cloudflare
etag: W/"650834ed-214"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YXgcZqcLSwOLa2l7O6nrvJ9nosWnQFMc4p94jsbjeYmP9Q9oS96cX%2FvLB0gfWxgB%2Bc4C0IcrIfvG8ZK9t1F0tsVP1IXaLLTasApDnvlQFQy2WVUDY9x2AtGKZWyKr44AKk0HiuA330%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public
cf-ray: 823f1c434e40690d-FRA
expires: Tue, 17 Sep 2024 11:36:24 GMT

GET
H2 200 runtime.0e32aa93.js Show response
finance.ua/asset/ 3 KB
2 KB 69ms
69ms Script
application/javascript 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/asset/runtime.0e32aa93.js

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f970d539114d9f481f2b87da0432da442a95148b9b3b5e4e8d2cc6c3fdf0bcb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 105872
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 08:51:08 GMT
server: cloudflare
etag: W/"654c9d7c-c44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBLIq4piDIhUIGv%2F%2BtyU2NTVbKIeEwQbn2FZgghMaOWnAMHcwiTtic9BTyTeELqM13pOlVN1V%2BpQUULxFRmn%2B8h7ygEenblkftfU6y8ARBHEo9%2FSoAAze34fHAy6eAAJSK9QVVGjvQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
cf-ray: 823f1c436e5c690d-FRA
expires: Fri, 08 Nov 2024 08:55:15 GMT

GET
H2 200 index.0e32aa93.js Show response
finance.ua/asset/script/frontpage/ 11 KB
5 KB 81ms
81ms Script
application/javascript 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/asset/script/frontpage/index.0e32aa93.js

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a0a0310c2d23fb050d9a1e64dd7325944cc6abbb4852f69edf754e1c12c96ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 105872
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 08:51:08 GMT
server: cloudflare
etag: W/"654c9d7c-2b2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P45dkdXsOfzaH9L1yyTo4fnsq%2BnYwRC3T9zM76okOyDZl6WTf6Xhpa0gFKNnUTsgR3JxCTTK3rq3zMs9XwORDTJrowlkfIG8Kf%2FIWXhHb%2FHi2tQWnDpRcxNBGlsc5ULf3fj0VvJ5lqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
cf-ray: 823f1c436e5d690d-FRA
expires: Fri, 08 Nov 2024 08:57:01 GMT

GET
DATA 200
OK truncated
/ 26 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ca5c2e1545ab6e2ad6fb8b05bcbfb78127359cfb2c1547f281bce3c62481ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 youtube.c894c7a1.png
finance.ua/asset/assets/frontpage/images/ 2 KB
3 KB 63ms
63ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/asset/assets/frontpage/images/youtube.c894c7a1.png

Requested by

Host: finance.ua
URL: https://finance.ua/asset/style/frontpage/style.4a4dbc24.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e4d0d94e5939e2c051da0b872e89d06eaf65b3e0ab8c3e84c163f7bcb375d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/asset/style/frontpage/style.4a4dbc24.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26330
cf-polished: origFmt=png, origSize=3858
content-disposition: inline; filename="youtube.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2512
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:51:07 GMT
server: cloudflare
etag: "654c9d7b-f12"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X27d72NONqX%2FuRTt1ApHTRA83DQrcL9Jj8Zgc5tvlJZUko6wig2ru9WNJVqlKKdtzZi%2BPzUxd85QBErhOO10a8BYOlgVtynDJoQzzJGeCSPR8tdjhrtv7FF3snwN7haa6ZkCb1RSEow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 823f1c437d9b6921-FRA
expires: Sat, 09 Nov 2024 07:32:03 GMT

GET
H2 200 noto-sans-regular.woff2
fonts.treeum.net/fonts/ 21 KB
22 KB 195ms
90ms Font
font/woff2 2606:4700:20::681a:2f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.treeum.net/fonts/noto-sans-regular.woff2
Requested by: Host: finance.ua
URL: https://finance.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0090b026b19a84a009268f318823ccec8aa9f9181758eff88073ce3926cf5d42

Request headers

Referer: https://finance.ua/
Origin: https://finance.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 822405
alt-svc: h3=":443"; ma=86400
content-length: 21932
last-modified: Fri, 26 May 2023 12:50:52 GMT
server: cloudflare
etag: "6470ab2c-55ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6WqxMkoRC1bXMyg3ELFuKqdhOMS17q%2FLID0HALSJCR5Va4fGeXYiCrEgnM2lfjScLvvvqs%2F56R7kvwm%2FAJSIsfcmMvU9WMGUSA9qW%2FTTyCS1smwiUBb%2BLFCpRlbB2eYLompmlf3%2FE0fZWAfaoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=300, stale-if-error=86400
accept-ranges: bytes
cf-ray: 823f1c442eec3a74-FRA
access-control-allow-headers: content-type

GET
H2 200 raleway-regular.woff2
fonts.treeum.net/fonts/ 25 KB
26 KB 155ms
50ms Font
font/woff2 2606:4700:20::681a:2f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.treeum.net/fonts/raleway-regular.woff2
Requested by: Host: finance.ua
URL: https://finance.ua/asset/style/frontpage/style.4a4dbc24.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e78833717065cc02e33e4db42e14f3f52e79f2652b29b9a012a2129c28a196

Request headers

Referer: https://finance.ua/
Origin: https://finance.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14521070
alt-svc: h3=":443"; ma=86400
content-length: 25596
last-modified: Fri, 26 May 2023 12:50:52 GMT
server: cloudflare
etag: "6470ab2c-63fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZJyNBbUAhELkjrdziYIlwUTgai1i751K4wd3wb0JLiWmFnIOqd9fmSsnODU9v9OvBSOmjfhFRJdHCNDdd1clTxIWT0bcv9HxJqSlvTrT38oWzc3nD0Aj6FoMtVQ9xBzcNBCRnWhKRhizMILJKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=300, stale-if-error=86400
accept-ranges: bytes
cf-ray: 823f1c442eed3a74-FRA
access-control-allow-headers: content-type

GET
H2 200 raleway-bold.woff2
fonts.treeum.net/fonts/ 25 KB
25 KB 161ms
58ms Font
font/woff2 2606:4700:20::681a:2f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.treeum.net/fonts/raleway-bold.woff2
Requested by: Host: finance.ua
URL: https://finance.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6937f171f6b538129d8a318f58888243e8b2582418117e9b98b4a51e178c4304

Request headers

Referer: https://finance.ua/
Origin: https://finance.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 718959
alt-svc: h3=":443"; ma=86400
content-length: 25292
last-modified: Fri, 26 May 2023 12:50:52 GMT
server: cloudflare
etag: "6470ab2c-62cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXZl%2FLbdeR6Jb%2FfiFHGcDoZtY%2BwKbfJcGNTiqa7MysiiY0xM6rGqLLDp6J%2BtRPqr4j2E3dnYJYDjFuIPS8lIJqlDEfaIpfFZy%2B3W9N24VokdJmaxTS%2Bc1noEUVcKxthRkmt7g5EQw5czNiIuX88%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=300, stale-if-error=86400
accept-ranges: bytes
cf-ray: 823f1c442eeb3a74-FRA
access-control-allow-headers: content-type

GET
H2 200 noto-sans-bold.woff2
fonts.treeum.net/fonts/ 22 KB
22 KB 160ms
56ms Font
font/woff2 2606:4700:20::681a:2f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.treeum.net/fonts/noto-sans-bold.woff2
Requested by: Host: finance.ua
URL: https://finance.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a95eb95ad04a2ab64d58181345e3bc113dcccb89bce32501dda1b6f7e00257

Request headers

Referer: https://finance.ua/
Origin: https://finance.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14521653
alt-svc: h3=":443"; ma=86400
content-length: 22056
last-modified: Fri, 26 May 2023 12:50:52 GMT
server: cloudflare
etag: "6470ab2c-5628"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FiaaRBb4KYv%2BdDlh04MtFbdNEBbVwP6ChQhfXMw8K5t7tfFG%2F%2Bj2GnjpdpaXxZ%2BhytDyjGPdU0svXb8AzNk2SUdCaGkBsLxYk4lHS2sT0lr%2BGgGzStEMC6dGueDhZbjxB1qUOvaWIm%2Bm5i1DlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=300, stale-if-error=86400
accept-ranges: bytes
cf-ray: 823f1c442ee73a74-FRA
access-control-allow-headers: content-type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R62R0N2V63&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-524DCZW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d7a604657db55ea328e1194ed1c77c8cc632dbbf887654d8bbc9207af989041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 14:50:53 GMT

POST
H2 200 389923493
google.com/pagead/form-data/ 0
0 172ms
53ms Ping
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/389923493?em=tv.1&gtm=45He3b81v76361938&gcd=11l1l1l1l0&dma_cps=sypham&dma=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-524DCZW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

POST
H2 204 389923493
google.com/ccm/form-data/ 0
171 B 178ms
60ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/389923493?em=tv.1&gtm=45He3b81v76361938&gcd=11l1l1l1l0&dma_cps=sypham&dma=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-524DCZW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finance.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ith486aple Show response
www.clarity.ms/tag/ 668 B
1 KB 263ms
147ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ith486aple?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-524DCZW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 54fe035c5088bc1be2644db1e39dc3518b483b20359d949e618f7fcb44afae30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: -1
date: Fri, 10 Nov 2023 14:50:53 GMT
x-azure-ref: 20231110T145053Z-n15e1gs7r50mt889gsdqh895s400000004u0000000016ke9
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 668
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

banner.gif Show response
static.finance.ua/banner/
Redirect Chain

https://t.finance.ua/FJCTLBYq?se_referrer=&default_keyword=Finance.ua%20%7C%20%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%7C%20%D0%9A%D1%83%D...
https://static.finance.ua/banner/banner.gif

43 B
410 B

72ms
60ms

Script
image/gif

2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.finance.ua/banner/banner.gif

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10f9bfa42bb96c99729c9b2fee669803ad9c6fcd434d8d7d60a8dc8f5f7cc331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4553
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 43
x-xss-protection: 1; mode=block;
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Sep 2012 10:31:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZLtLypULHTxYFtZkhj2cxSmjGkD7u08fRHx0GAy%2F3d8%2FKgHhepCIUpIjLEr%2BtrHaRruf8%2FaEOkDYPOKDSNbCmktIg1wM1V9nxiZLBf7VIJCeuUCGQcblA3gffEJqZPiuCeDoXtFlt7riBngm5Nq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 823f1c45e91e690d-FRA

Redirect headers

date: Fri, 10 Nov 2023 14:50:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdoVSQaBEEcdcYwT7Uf8k1KXNRlDuabD6xdrD185gk4djlmMAtTHzkdlcplh7cOVm5k81hUI3%2FIkpzVbAw60%2FhDpEEWPh%2Fag%2BV3c4FnqAn%2Fpi2mUE78cXeNrubUVgDxu7qm6PYD2PyIoeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://static.finance.ua/banner/banner.gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 823f1c45284e690d-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 10 Nov 2023 14:50:53 GMT

GET
H2 200 471588E47D554AE38913A92CE132D923.js Show response
statics.esputnik.com/scripts/ 456 KB
109 KB 206ms
93ms Script
application/javascript 163.172.71.49
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.esputnik.com/scripts/471588E47D554AE38913A92CE132D923.js
Requested by: Host: finance.ua
URL: https://finance.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.71.49 , France, ASN12876 (Online SAS, FR),
Reverse DNS: pics8.esputnik.com
Software: nginx /
Resource Hash: f2c94d4d715d2fa49d23cf35e46aca98902e46686dbcebdb8fb457a9e763831e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 13:43:51 GMT
server: nginx
x-amz-server-side-encryption: AES256
x-proxy-host: statics8
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=30, public, must-revalidate
access-control-allow-headers: Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
x-proxy-cache: HIT

GET
H2 200 hbw_master_302857_5475.js Show response
player.adtelligent.com/prebidlink/EdeSl/ 323 KB
60 KB 204ms
93ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/wrapper_hb_302857_5475.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3d8c3812a071cabfd328c866f220d12ac85d820047fb80e8f0866a88b084c816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Sat, 11 Nov 2023 14:50:53 GMT
date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 10:32:40 GMT
server: nginx
etag: W/"654e06c8-50b00"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 hb_302857_5475.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 2 KB
1 KB 158ms
46ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hb_302857_5475.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/wrapper_hb_302857_5475.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8157ba2b02528621bf91db668e49d6c42c5fd438167eef1ba3f0d82facdcda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Sat, 11 Nov 2023 14:50:53 GMT
date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: gzip
last-modified: Thu, 09 Nov 2023 11:39:59 GMT
server: nginx
etag: W/"654cc50f-602"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
761 B 555ms
176ms Script
application/javascript 2400:52e0:1a01::994:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: themes.finance.ua
URL: https://themes.finance.ua/asset/script/201901-footer.41a071e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a01::994:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-LA1-994 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
content-encoding: br
cdn-edgestorageid: 1000
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-LA1-994
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 1545ca4da02d04789265665c2becdf3f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 135ms
41ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: themes.finance.ua
URL: https://themes.finance.ua/asset/script/201901-footer.41a071e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Nov 2023 02:50:48 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 43206
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: kkY4qjSLjEz45DmdiEno_uTYjKd6k1ndqe_5qPTKgRCjaDZ6ZKAhgg==

GET
H3 200 loader.js Show response
finance.ua/my/assets/ 11 KB
5 KB 67ms
67ms Script
application/javascript 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/my/assets/loader.js

Requested by

Host: themes.finance.ua
URL: https://themes.finance.ua/asset/script/201901-header.3ff18126.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c059efba77adaae3757d5c9c7083919041dfd2aa161cf4b8d782aeceae83ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 366
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
cf-bgj: minify
last-modified: Thu, 22 Jun 2023 09:36:20 GMT
server: cloudflare
etag: W/"2acb-188e2763e20"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbbjfghGQ8b9lLoOilt4y0UtjdRmN9PeLao1SeljnIXTc4Epr6S0VXbRNX7sB9YPzjDUnYty%2Bk6UgGGr6zfArgfX%2FxQGQjuviYjBPPxG%2Bohu%2FOsKmAHbSfdX0zFyznCrHzFLLOkNfd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=600
cf-ray: 823f1c453f7c6921-FRA

GET
H2 200 collect Show response
tg.finance.ua/g/ 697 B
1 KB 179ms
74ms XHR
text/plain 34.160.203.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.finance.ua/g/collect?v=2&tid=G-R62R0N2V63&gtm=45je3b81v884706211z876361938&_p=1699627853285&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1787334258.1699627854&ul=en-us&sr=1600x1200&_fplc=0&ir=1&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1699627853285&_s=1&sid=1699627853&sct=1&seg=0&dl=https%3A%2F%2Ffinance.ua%2F&dt=Finance.ua%20%7C%20%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%7C%20%D0%9A%D1%83%D1%80%D1%81%D0%B8%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%B8%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=801&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R62R0N2V63&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.203.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

91.203.160.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

b38e26df7589c0a4ff41a10e140ae3764f8ed86cb15edd4efc5c747e8a413b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://finance.ua
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H3 200 firebase.1687426543177.js Show response
finance.ua/my/assets/ 782 KB
234 KB 83ms
83ms Script
application/javascript 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance.ua/my/assets/firebase.1687426543177.js

Requested by

Host: finance.ua
URL: https://finance.ua/my/assets/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b78f2be3ed5992883a3a35491efb0a77127c9e203e53677c68324ae01fbd90d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 904769
cf-polished: origSize=863890
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
cf-bgj: minify
last-modified: Thu, 22 Jun 2023 09:36:20 GMT
server: cloudflare
etag: W/"d2e92-188e2763e20"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdWuWuDx510GvHqGEn5QeqzNzuv7%2FG%2FJSth7sqzrZBmEYCbbUQROEYn7j%2BpZImfzI3DkOe6vkgTs1d6BtL68gv6PngMDTUpP6zBNIWiCc0XCWH%2FRRoqpBS6Rmavx4wSLd3llGuMSd8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 823f1c45e8316921-FRA

GET
H3 200 4440-112-10.jpg
finance.ua/uploads/media/624x299/00/ 38 KB
38 KB 208ms
208ms Image
image/jpeg 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/00/4440-112-10.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4e5d5055f8974625299e583e9093001f18115d795437e1173149240acc7844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9175
cf-polished: degrade=85, origSize=73279, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 38772
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 12:17:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xdi9zPOpZubk56ZkdK44CePh0UMsAiQkiLO09cjKl%2BEnXjSDFWC8QRuAj1z4tSP%2BDRNAkE6niVplHiNiQDQOOZb1IgRGraLSvEAnN7Hm9YQOHfCOf6nbX2AiDq7J5PeTM5g%2BZdQcdvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c4618736921-FRA
expires: Sun, 10 Dec 2023 14:11:11 GMT

GET
H3 200 7660-3453.png
finance.ua/uploads/media/624x299/00/ 105 KB
106 KB 210ms
208ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/00/7660-3453.png?v=1-4

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b049b3c08722caec371469437576df2c46d0cfef88a34ad1476b29d327d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21414
cf-polished: origFmt=png, origSize=189974
content-disposition: inline; filename="7660-3453.webp"
alt-svc: h3=":443"; ma=86400
content-length: 107550
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 08:53:59 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxGtjFEh4EwAf516iteppa5Hsjs6hMIATMs8PPcdNtFFJs3U1hKdOylu%2B3c4ESy3CpXfzHrUtH1SCW8smaWvf3Xe8oD9RSy2%2FceKI%2FKWPzQG%2FAOfBUU8GIKRPo8ris9T3rMFvdO3KFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c4618756921-FRA
expires: Sun, 10 Dec 2023 10:29:32 GMT

GET
H3 200 7666-image32.jpg
finance.ua/uploads/media/624x299/06/ 18 KB
18 KB 246ms
245ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/06/7666-image32.jpg?v=1-3

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f04cb15dcacd0abafb6100da0274ea26bfc15952e1cce2b6f4ec2eb958d451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615067
cf-polished: qual=85, origFmt=jpeg, origSize=44558
content-disposition: inline; filename="7666-image32.webp"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 11:59:46 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38MkIfgir8c0qCVUuKCcvhlU0NGMLR3AVyS3OR0T2UPioMWJbW9pFZ3pD8CCQJpnfrYpqVf0HqyE73D5exlYg8zU43BGvin8mDLjIN3z3ZCn%2FdRJL1i%2BMK06q%2F1CryUoeY3GDfVjnuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
cf-ray: 823f1c4618786921-FRA
expires: Sun, 03 Dec 2023 13:59:46 GMT

GET
H3 200 7704-original.jpg
finance.ua/uploads/media/624x299/04/ 21 KB
22 KB 246ms
245ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/04/7704-original.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642baf86710502de54a24cce174407b9811a287940e341b71488eec3af307517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37517
cf-polished: qual=85, origFmt=jpeg, origSize=37350
content-disposition: inline; filename="7704-original.webp"
alt-svc: h3=":443"; ma=86400
content-length: 21548
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 04:25:36 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNtlgUnh1oYu8mIbeMgSAjXfjhVoCwN71wTrEeoNGmWLZpDJEY42y8fIQVXtA5ThNSJnojToTK3Ua4n17ZfCU8fa3VhXw69qmjY52Yuh5DuygrVGtP9zItMAw9nKW6nsdZtCkmWddu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c4618796921-FRA
expires: Sat, 09 Dec 2023 16:03:02 GMT

GET
H3 200 946-ukraina_8.jpg
finance.ua/uploads/media/624x299/06/ 22 KB
23 KB 247ms
247ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/06/946-ukraina_8.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d7cbb2ad70e4ba876f6234008220064bbc552512943059a8f36724dc550cea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4436
cf-polished: qual=85, origFmt=jpeg, origSize=63985
content-disposition: inline; filename="946-ukraina_8.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22764
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Nov 2020 09:13:56 GMT
server: cloudflare
etag: "5fb788d4-f9f1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYtXgAh1e4gOiGzf%2B1NI7EXxeG%2BwD5ueB6I7J9c8aWJQMQ0lWCIJlc8ycxJJ2LOYMid0sM1F5K%2Fqgn9eYe9Gj64zuIoM%2FhawscMKou7waQ9c9sT431CVr4I%2BWBQW2dd9MuNL1rLx%2BAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 823f1c46187b6921-FRA
expires: Sat, 09 Nov 2024 13:25:19 GMT

GET
H3 200 1363-%D0%9A%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%D1%8B_%E2%84%961.jpg
finance.ua/uploads/media/312x149/03/ 15 KB
16 KB 249ms
248ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/312x149/03/1363-%D0%9A%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%D1%8B_%E2%84%961.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a19719fef5eccf9aada3196ebc9a6138eb4d3522a82d04c98359bbc3a20444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 201242
cf-polished: qual=85, origFmt=jpeg, origSize=21494
content-disposition: inline; filename="1363-%D0%9A%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%D1%8B_%E2%84%961.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15344
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 06:56:51 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqANujSXBf8V%2B7VI8QKmcPFVUjoubrclf6COL4KLFA%2BgZXADuMlI%2BDHjTLRd6hi75%2BJ9ncufzEwQJA2pPCnlQk0dutR7MOOU4fO4moagwUz0kHyhXRq9QVNT7u3igHS%2FtsWl0gPOs8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c46187d6921-FRA
expires: Thu, 07 Dec 2023 20:44:42 GMT

GET
H3 200 7586-IMG_20230926_155908_167.jpg
finance.ua/uploads/media/312x149/06/ 8 KB
9 KB 249ms
249ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/312x149/06/7586-IMG_20230926_155908_167.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2f91ebfce349c199b7f405d3e883c51693f2260c4c3fe0f58d9f8378385230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127657
cf-polished: qual=85, origFmt=jpeg, origSize=40951
content-disposition: inline; filename="7586-IMG_20230926_155908_167.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8278
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 03:23:16 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jU9s8hystGwHUm5opWV6k16dL6CBAk2ijKpGNymEtUs9ZEM3QmyCVwM%2FuzlU9XEXimEQ7%2B%2BI7IaG527bOXdN6JL4pjEnv%2BKSkmiGMBOXPhRwNhSsiPztIrA7ou%2BW1OvFo%2BPp%2FzA0vEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c46187e6921-FRA
expires: Fri, 08 Dec 2023 18:21:25 GMT

GET
H3 200 6518-ukr.jpg
finance.ua/uploads/media/312x149/08/ 12 KB
13 KB 250ms
249ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/312x149/08/6518-ukr.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dc0c4420283a419c67e1fc91ff3edb51cb6b08f3c2675db7a1fd9ffe723cfb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2260658
cf-polished: qual=85, origFmt=jpeg, origSize=64117
content-disposition: inline; filename="6518-ukr.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12214
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 15 Oct 2023 10:53:15 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFVceNFkkSsTy%2BKTkIiom0BikuRMQlhyBWZ36E0d6Vu9XNgyC5Vm%2Br1H9NoXlt3%2FUzt8eC%2BPtpj0GQ7zZx2KtPv1%2BFkpSLfIIMkaBmUqOUAxtUGp1aI15IIPBCvRnj57s%2FnRD2%2BiV%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c46187f6921-FRA
expires: Tue, 14 Nov 2023 23:48:24 GMT

GET
H2 200 hbp_master_302857_5475.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 492 KB
157 KB 112ms
112ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_302857_5475.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hb_302857_5475.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a91b0139ae57f5b0116296600258d175197ff2e2e60183f32b251abc10d61b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Sat, 11 Nov 2023 14:50:53 GMT
date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: gzip
last-modified: Tue, 24 Oct 2023 00:59:50 GMT
server: nginx
etag: W/"65371706-7ae17"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.16/ 59 KB
25 KB 81ms
81ms Script
application/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.16/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ith486aple?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 11:11:51 GMT
etag: W/"0x8DBE04B8283FFCB"
vary: Accept-Encoding
x-azure-ref: 20231110T145053Z-n15e1gs7r50mt889gsdqh895s400000004u0000000016kfs
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: dfaff4bd-f01e-006d-7950-129a90000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 140 B
406 B 202ms
54ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d81488c411cab61303ad8004031b8f2ae9c31d1d4e880bb52663f9509883c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://finance.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 140

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
427 B 214ms
66ms XHR
image/gif 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=302857&site_id=5475&full_page_url=https%3A%2F%2Ffinance.ua%2F&adid=sqjh9u.v0&features=147488&vpbv=N197&tte=278&lifecycle_tte=986
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://finance.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

POST
H2 204 collect
region1.analytics.google.com/g/s/ 0
241 B 139ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e3b81v884706211z876361938z9892972280&_gsid=R62R0N2V63dhiOh2Ydis-7LX_ZaUKGCg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R62R0N2V63&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finance.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 148ms
48ms Ping
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=sypham&tid=G-R62R0N2V63&cid=1787334258.1699627854&gtm=45j91e3b81v884706211z876361938z9892972280&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R62R0N2V63&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finance.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 169ms
78ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-R62R0N2V63&cid=1787334258.1699627854&gtm=45j91e3b81v884706211z876361938z9892972280&aip=1&z=843435449

Requested by

Host: finance.ua
URL: https://finance.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 event
site-script.esputnik.com/site-script/v1/ Frame 0
0 177ms
57ms Preflight 52.210.111.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://site-script.esputnik.com/site-script/v1/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.111.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-111-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://finance.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
date: Fri, 10 Nov 2023 14:50:54 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 event Show response
site-script.esputnik.com/site-script/v1/ 34 B
294 B 70ms
70ms XHR
application/json 52.210.111.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://site-script.esputnik.com/site-script/v1/event
Requested by: Host: statics.esputnik.com
URL: https://statics.esputnik.com/scripts/471588E47D554AE38913A92CE132D923.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.111.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-111-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6f69de9cdb32a508852b2e7be4bdc73a185368f54114aca80c588b4144d52241

Request headers

Referer: https://finance.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
content-length: 34

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/302837/ 2 KB
1 KB 154ms
51ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/302837/config.json?cb=https%3A%2F%2Ffinance.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_302857_5475.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f563fbc9ea8d0fcd569959df4576609bef02e4b854ff538c8f6b82d52d2ebcd8

Request headers

Referer: https://finance.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 11 Nov 2023 14:50:54 GMT
date: Fri, 10 Nov 2023 14:50:54 GMT
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 12:01:18 GMT
server: nginx
etag: W/"654e1b8e-8f2"
content-type: application/json
access-control-allow-origin: https://finance.ua
cache-control: max-age=86400
x-proxy-cache: HIT

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
290 B 446ms
148ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://finance.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://finance.ua
Date: Fri, 10 Nov 2023 14:50:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 3 KB
1 KB 55ms
55ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=479992&aid2=852559
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 014bcda404b7321bdd9933e511053ac80b0b7c0bf40c329b9abff51230d36069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://finance.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 927

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=64CBBF6581C94D5EA8C1B9BF29F92B18&RedC=c.clarity.ms&MXFR=0E0BF5D46F05674F284DE6116B05692D
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=64CBBF6581C94D5EA8C1B9BF29F92B18&MUID=13625F15080F6A123E0B4CD009846B65

42 B
443 B

56ms
55ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=64CBBF6581C94D5EA8C1B9BF29F92B18&MUID=13625F15080F6A123E0B4CD009846B65
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A488C5EAFF4E4F2C94DBA094577D2AAC Ref B: FRA31EDGE0511 Ref C: 2023-11-10T14:50:54Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=64CBBF6581C94D5EA8C1B9BF29F92B18&MUID=13625F15080F6A123E0B4CD009846B65
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 06D9 2 KB
1 KB 295ms
39ms Document
text/html 2a01:4f8:242:57ce::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:242:57ce::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Adtelligent /
Resource Hash: e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018

Request headers

Referer: https://finance.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://finance.ua
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 832
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Nov 2023 14:50:54 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 57F0 15 KB
6 KB 139ms
45ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://finance.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=125422
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 10 Nov 2023 14:50:54 GMT
expires: Sun, 12 Nov 2023 01:41:16 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame ADEE 0
0 427ms
138ms Document
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP010 /
Resource Hash

Request headers

Referer: https://finance.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
server: 33XP010
x-33x-status: 2000208

GET
H2 204 /
onetag-sys.com/usync/ Frame 4B1F 0
0 130ms
40ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://finance.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame E3BC
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

2 KB
1 KB

41ms
41ms

Document
text/html

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/EdeSl/hbw_master_302857_5475.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 3d7d08f816c98272e7c3b6836337361123baf3adc9d879cfbe1fae2d1331e23c

Request headers

Referer: https://finance.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 10 Nov 2023 14:50:54 GMT
expires: Fri, 10 Nov 2023 14:50:54 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-929

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Fri, 10 Nov 2023 14:50:54 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-929

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1d2c53fe-3efe-43c3-a766-1ef089724539

43 B
473 B

122ms
117ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1d2c53fe-3efe-43c3-a766-1ef089724539
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1d2c53fe-3efe-43c3-a766-1ef089724539
date: Fri, 10 Nov 2023 14:50:54 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 480ms
48ms Image
text/plain 216.52.2.91
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 10 Nov 2023 14:50:54 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7d5ac6ee7abcedbc

35 B
349 B

216ms
39ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7d5ac6ee7abcedbc
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 10 Nov 2023 14:50:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7d5ac6ee7abcedbc
Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 0

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 366ms
116ms Image
text/html 34.200.14.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.14.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-14-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://sync.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-PwzmffhFAyQURx1xVdQYQrac2L7YJ9gAhKjPXrIy&gpp={gpp}&gpp_sid={gpp_sid}

43 B
484 B

129ms
50ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-PwzmffhFAyQURx1xVdQYQrac2L7YJ9gAhKjPXrIy&gpp={gpp}&gpp_sid={gpp_sid}
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-PwzmffhFAyQURx1xVdQYQrac2L7YJ9gAhKjPXrIy&gpp={gpp}&gpp_sid={gpp_sid}
access-control-allow-origin
date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 183
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1699627854399
https://ad.turn.com/r/cs?pid=45&rndcb=8147906605
https://sync.1rx.io/usersync/turn/9085677422534111407?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-6fa233ca-7b78-4abd-9096...
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003

43 B
480 B

120ms
120ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:54 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003
date: Fri, 10 Nov 2023 14:50:55 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX6fa233ca7b784abd909604a379b7448d003
content-type: text/html

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1130769995846920363

43 B
456 B

196ms
125ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1130769995846920363
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
an-x-request-uuid: f6beea76-3918-4dd4-be75-6e69515e72ad
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1130769995846920363
x-proxy-origin: 80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
vid.vidoomy.com/ 0
0 302ms
38ms Image
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1130769995846920363

43 B
456 B

205ms
119ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1130769995846920363
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
an-x-request-uuid: 1e2b9b05-6634-4741-88be-7a6ff6bab066
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1130769995846920363
x-proxy-origin: 80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=1130769995846920363

43 B
456 B

148ms
49ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=1130769995846920363
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
an-x-request-uuid: eaccee5f-5427-4c39-a852-d875a7ed96d4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=1130769995846920363
x-proxy-origin: 80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310531%26gdpr%3D%7Bgdpr%7...
https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=

43 B
320 B

49ms
49ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:53 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
date: Fri, 10 Nov 2023 14:50:54 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%...
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=e9ddcb47-d065-43a1-b298-946396ed9517&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ccpa={us_privacy}&coppa={coppa}

43 B
473 B

51ms
51ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=e9ddcb47-d065-43a1-b298-946396ed9517&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ccpa={us_privacy}&coppa={coppa}
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:54 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:54 GMT
Transfer-Encoding: chunked
Location: https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=e9ddcb47-d065-43a1-b298-946396ed9517&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ccpa={us_privacy}&coppa={coppa}
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H3 200 6518-ukr.jpg
finance.ua/uploads/media/312x149/08/ 12 KB
13 KB 65ms
64ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/312x149/08/6518-ukr.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/asset/script/frontpage/index.0e32aa93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dc0c4420283a419c67e1fc91ff3edb51cb6b08f3c2675db7a1fd9ffe723cfb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2260659
cf-polished: qual=85, origFmt=jpeg, origSize=64117
content-disposition: inline; filename="6518-ukr.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12214
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 15 Oct 2023 10:53:15 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waCsHtJzgM2JfTmWUorohaxuGfBpaPb0OEU9jVcJW5SBkaCYYed6UMZSdpLsHZtHMvm7RVmT7Yfon5Ymy03JRrimu3HOpDmKvH02aUWIa2AWXmCYH4x78JNguPcoTjvkczsH5y2JRcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c490b4e6921-FRA
expires: Tue, 14 Nov 2023 23:48:24 GMT

GET
H3 200 4440-112-10.jpg
finance.ua/uploads/media/624x299/00/ 38 KB
38 KB 69ms
68ms Image
image/jpeg 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/00/4440-112-10.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/asset/script/frontpage/index.0e32aa93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4e5d5055f8974625299e583e9093001f18115d795437e1173149240acc7844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9176
cf-polished: degrade=85, origSize=73279, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 38772
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 12:17:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4DxeJ%2Bo6iBXRun%2BLUvOi8s5LNNYWVmsS7uft4tYo8AuuEXjj1NrBZdfPthVUnvxggNMvGEYbR9QS0VamizNzP7NYoaYmwXA8y87fdm6PdDi1uTySfjKQYO5jZlDEBviasySeCkeoUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c49fc786921-FRA
expires: Sun, 10 Dec 2023 14:11:11 GMT

GET
H3 200 7660-3453.png
finance.ua/uploads/media/624x299/00/ 105 KB
106 KB 78ms
75ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/00/7660-3453.png?v=1-4

Requested by

Host: finance.ua
URL: https://finance.ua/asset/script/frontpage/index.0e32aa93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b049b3c08722caec371469437576df2c46d0cfef88a34ad1476b29d327d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21415
cf-polished: origFmt=png, origSize=189974
content-disposition: inline; filename="7660-3453.webp"
alt-svc: h3=":443"; ma=86400
content-length: 107550
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 08:53:59 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SvDlVXB2iE8gP1TLA%2BeDxytdfSsZOx2TZ8Kq4BRqTB5tUhX4dZZazmAqGj1riUjfiIMnmJbChwqvjrzy%2Ft0QMmMmu8Se5QV07KOXEAeyoZaFxTaxEsODP6BusrhApJKF1EPQbKBDQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c49fc7d6921-FRA
expires: Sun, 10 Dec 2023 10:29:32 GMT

GET
H3 200 7666-image32.jpg
finance.ua/uploads/media/624x299/06/ 18 KB
18 KB 70ms
68ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/06/7666-image32.jpg?v=1-3

Requested by

Host: finance.ua
URL: https://finance.ua/asset/script/frontpage/index.0e32aa93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f04cb15dcacd0abafb6100da0274ea26bfc15952e1cce2b6f4ec2eb958d451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615068
cf-polished: qual=85, origFmt=jpeg, origSize=44558
content-disposition: inline; filename="7666-image32.webp"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 11:59:46 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyB2%2BZ3AmKyRDuamRIKhmb2%2BE7AmJ6%2FK8qKDqxSO094DHdH0QEf2Igi5ldoWuy0hSMCFcEfxiFk8aqgRECP7Ybpbbyf98ELSUOzvwMhyLxxDKJIFyx%2BHt%2Fef9DKmtri4D8n0%2FKAa1QI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
cf-ray: 823f1c49fc806921-FRA
expires: Sun, 03 Dec 2023 13:59:46 GMT

GET
H3 200 7704-original.jpg
finance.ua/uploads/media/624x299/04/ 21 KB
22 KB 58ms
56ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/04/7704-original.jpg?v=1-0

Requested by

Host: finance.ua
URL: https://finance.ua/asset/script/frontpage/index.0e32aa93.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642baf86710502de54a24cce174407b9811a287940e341b71488eec3af307517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37518
cf-polished: qual=85, origFmt=jpeg, origSize=37350
content-disposition: inline; filename="7704-original.webp"
alt-svc: h3=":443"; ma=86400
content-length: 21548
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 04:25:36 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MXWlh%2F0aiMW5n3j0ZJHuTkxzzFeAMhKi8nooUXmSMEzbp9RK0pyF0UE1F4cjhfI9rjU81%2Fnk7c03ro5EGzKxgnQt9mjmQBOb8gIqbHXHodZie9vot1veCJuDWD9yown%2BtUrv3romSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c49fc816921-FRA
expires: Sat, 09 Dec 2023 16:03:02 GMT

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
290 B 630ms
408ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://finance.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://finance.ua
Date: Fri, 10 Nov 2023 14:50:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H/1.1 204
No Content pbs.gif
sync.admanmedia.com/ Frame E3BC 0
119 B 597ms
327ms Image
text/plain 8.2.110.17
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D1a6c1baa257569b8%26uid%3D%5BUID%5D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 10 Nov 2023 14:50:55 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame E3BC 566 B
521 B 125ms
38ms Script
application/x-javascript 193.3.178.2
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:53 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Wed, 08 Nov 2028 14:50:53 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame E3BC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1a6c1baa257569b8%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1a6c1baa257569b8&uid=1130769995846920363

42 B
104 B

125ms
40ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1a6c1baa257569b8&uid=1130769995846920363
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

server: openresty
date: Fri, 10 Nov 2023 14:50:54 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
an-x-request-uuid: c55f1e99-909d-4a66-beb7-07620d8e291d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1a6c1baa257569b8&uid=1130769995846920363
x-proxy-origin: 80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame E3BC
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D1a6c1baa257569b8%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=1a6c1baa257569b8&uid=ua-455b0d9f-4973-3a97-ab29-980c30fe4d79

42 B
103 B

39ms
38ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=1a6c1baa257569b8&uid=ua-455b0d9f-4973-3a97-ab29-980c30fe4d79
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

server: openresty
date: Fri, 10 Nov 2023 14:50:55 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=1a6c1baa257569b8&uid=ua-455b0d9f-4973-3a97-ab29-980c30fe4d79
pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame E3BC 0
35 B 139ms
41ms Image
text/plain 3.65.142.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.142.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-142-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT

GET
H2 200 us
sync.go.sonobi.com/ Frame E3BC 0
401 B 390ms
124ms Image
text/plain 69.166.1.66
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D1a6c1baa257569b8%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-159
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame E3BC 43 B
245 B 136ms
47ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D1a6c1baa257569b8%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

um
u-ams03.e-planning.net/ Frame E3BC
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=csuid_df8c6715-3730-4b79-87ed-a2ab2ecffdbc&dc=b337141cfdc8cf59&fi=1a6c1baa257569b8

42 B
103 B

57ms
41ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=csuid_df8c6715-3730-4b79-87ed-a2ab2ecffdbc&dc=b337141cfdc8cf59&fi=1a6c1baa257569b8
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

server: openresty
date: Fri, 10 Nov 2023 14:50:54 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=csuid_df8c6715-3730-4b79-87ed-a2ab2ecffdbc&dc=b337141cfdc8cf59&fi=1a6c1baa257569b8
date: Fri, 10 Nov 2023 14:50:54 GMT
server: fasthttp
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame E3BC 43 B
146 B 151ms
51ms Image
image/gif 18.195.142.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=eplanning
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 57F0 0
42 B 154ms
42ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49221361&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 89F3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
555 B

146ms
40ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Nov 2023 14:50:54 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Nov 2023 14:50:54 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 85C8 15 KB
6 KB 48ms
48ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1a6c1baa257569b8%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=125422
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 10 Nov 2023 14:50:54 GMT
expires: Sun, 12 Nov 2023 01:41:16 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum.casalemedia.com/ Frame F96E
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1

2 KB
861 B

62ms
62ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 455ecffa9c3085b83459ed8a0e1bcc0968e6ad27576368d4d476b4d3043fa64c

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 823f1c4c8dd25d7b-FRA
content-encoding: br
content-type: text/html
date: Fri, 10 Nov 2023 14:50:54 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdYwlnP6UAcYhcy4si8d5c1S6jTkcehcW85TuzoAVJv%2Ftclvd7H7dcM65Qi4L43Qx2vCTisbvVOZ5XwGjnAOC6pW22h8CVqvb0iNLMUuAHLdzqHF%2FMZrwIlqXTSsnzuWHFTflFP7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 823f1c4c2d465d7b-FRA
content-length: 0
date: Fri, 10 Nov 2023 14:50:54 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsnjC4QYcaowxUhE61LuRbOugILYlWroaKfL%2FcVAiGN2SNPJ730i6P20AAvoMuj%2FVya%2FXKcqWfLCOXdXgEvkVJsve0300%2FdB9BRYyaYyTBzOrpU0v9glTVdx7qkTASUnc%2Frb9N4R"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame C34E 1 KB
1000 B 148ms
39ms Document
text/html 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 35110
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Fri, 10 Nov 2023 14:50:54 GMT
etag: W/"61ddbb71-5f5"
expires: Sun, 29 Oct 2028 20:46:09 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: e885406f757181086f262cd2cf27dd57
x-cf-tsc: 1698820281
x-cf1: 29080:fI.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: H
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 97A5 0
0 42ms
41ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 5A5E 9 KB
2 KB 159ms
57ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19c959be7a1be80761f4faa2283776e4304cc27a9839316ebb947b58833a17b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 823f1c4c3d9a9b21-FRA
content-encoding: br
content-type: text/html
date: Fri, 10 Nov 2023 14:50:54 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame BF53
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=UONVFThB0HpxADi38ld6&pi=admatic&tc=1

43 B
473 B

133ms
118ms

Document
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=UONVFThB0HpxADi38ld6&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Fri, 10 Nov 2023 14:50:54 GMT
Etag: 2fb90e343648582e
Server: Adtelligent

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 10 Nov 2023 14:50:54 GMT Fri, 10 Nov 2023 14:50:54 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=UONVFThB0HpxADi38ld6&pi=admatic&tc=1
pragma: no-cache

GET
H2 200 cookie Show response
cm.adform.net/ Frame E82C 43 B
106 B 128ms
40ms Document
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Fri, 10 Nov 2023 14:50:54 GMT
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 06D9
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=2fb90e343648582e

43 B
453 B

120ms
120ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=2fb90e343648582e
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:54 GMT
Server: Adtelligent
Etag: 7d5ac6ee7abcedbc
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=2fb90e343648582e
Date: Fri, 10 Nov 2023 14:50:54 GMT
Server: Adtelligent
Etag: 2fb90e343648582e
Content-Length: 0

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame E3BC 59 KB
18 KB 143ms
46ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:49:26 GMT
content-encoding: gzip
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:32:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 36089
x-amz-server-side-encryption: AES256
etag: W/"54c61a0ae34474e317dc273453fb9ccd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: sg3TrCbtxy08Gvd6EodlzA9eBW_yiHIkODZ_aqv6v_bRV0tug2eEXw==

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 544D 3 KB
1 KB 176ms
55ms Document
text/html 99.81.151.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.151.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-151-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1f0114827d30dc9462d7d2f64f35e919427fa9b1aea4cd28316eeeeeea93c149

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 10 Nov 2023 14:50:54 GMT
etag: W/"0d2daf03f67985ee42bc21cbbe4db4109"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame D3B9 37 B
140 B 130ms
42ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 10 Nov 2023 14:50:54 GMT

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame B08C 43 B
453 B 123ms
122ms Document
image/gif 185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AO3GoeRCPVN74DZV
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Fri, 10 Nov 2023 14:50:54 GMT
Etag: 7d5ac6ee7abcedbc
Server: Adtelligent

GET
H2 400 getuid
ib.adnxs.com/ Frame 5A5E 0
0 39ms
39ms Image
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5A5E 170 B
409 B 168ms
49ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=b67a978d-8011-4bc6-a641-fa53b022a7b2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b...

95 B
154 B

64ms
64ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=b67a978d-8011-4bc6-a641-fa53b022a7b2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4de8029b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=b67a978d-8011-4bc6-a641-fa53b022a7b2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 5A5E 0
454 B 164ms
41ms Image
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5A5E 70 B
149 B 180ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 5A5E 0
202 B 215ms
90ms Image
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms: 33
date: Fri, 10 Nov 2023 14:50:54 GMT
via: 1.1 varnish
x-served-by: cache-sof1510029-SOF
server: nginx
x-timer: S1699627855.953897,VS0,VE33
x-fastly-to-nlb-rtt: 32460
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 5A5E 0
460 B 576ms
125ms Image
text/html 2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
X-Fw-Request-Id: umo1a91_1699627855634658524
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5A5E 0
163 B 47ms
41ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 10 Nov 2023 14:50:54 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET genericusersync.ashx
sync.tidaltv.com/ Frame 5A5E 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d6431f22-d163-4688-64b4-b0cca0d28a08&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d6431f22-d163-4688-64b4-b0cca0d28a08&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=67108912628805331281115705467435627280&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-...

95 B
154 B

79ms
78ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=67108912628805331281115705467435627280&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4e38779b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

dcs: dcs-prod-irl1-1-v054-08e40c941.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: R0vvksJ+QIs=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://mwzeom.zeotap.com/mw?cid=67108912628805331281115705467435627280&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 5A5E 0
324 B 185ms
40ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame 5A5E 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7299846048329300127&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-...

95 B
188 B

70ms
62ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7299846048329300127&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4d9f8b9b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7299846048329300127&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Date: Fri, 10 Nov 2023 14:50:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame 5A5E 95 B
437 B 53ms
51ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=d6431f22-d163-4688-64b4-b0cca0d28a08

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://mwzeom.zeotap.com/mw?webouuid=RAvVA6BV47mTtOchO/vsiu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e...

95 B
154 B

58ms
55ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=RAvVA6BV47mTtOchO/vsiu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4f097a9b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
via: 1.1 google
last-modified: Fri, 10 Nov 2023 14:50:55 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=RAvVA6BV47mTtOchO/vsiu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame 5A5E 0
84 B 155ms
43ms Image
text/plain 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=d6431f22-d163-4688-64b4-b0cca0d28a08&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d6431f22-d163-4688-64b4-b0cca0d28a08?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

95 B
154 B

55ms
54ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4f097c9b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
cache-control: no-cache
x-server: 10.45.22.161
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-K9RJv3tE2op3DXmYHUhXxmToTYzHylD7Ng--~A&zpartnerid=570&env=mWeb

95 B
154 B

83ms
83ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=y-K9RJv3tE2op3DXmYHUhXxmToTYzHylD7Ng--~A&zpartnerid=570&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4e88d99b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-K9RJv3tE2op3DXmYHUhXxmToTYzHylD7Ng--~A&zpartnerid=570&env=mWeb
date: Fri, 10 Nov 2023 14:50:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=M4bKyNCbUKOZXso9H0HfgVUWgUJyT83k%2BS41iYitP1U%3D

95 B
154 B

57ms
57ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=M4bKyNCbUKOZXso9H0HfgVUWgUJyT83k%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4ee9579b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=M4bKyNCbUKOZXso9H0HfgVUWgUJyT83k%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 5A5E 42 B
204 B 152ms
54ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 5A5E 0
338 B 199ms
55ms Image
text/plain 54.155.252.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.252.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-252-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Fri, 10 Nov 2023 14:50:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1699627855
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 5A5E 95 B
375 B 597ms
42ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/png
date: Fri, 10 Nov 2023 14:45:29 GMT
server: nginx
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZU5DTwACxYuMWwAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1...

95 B
177 B

54ms
54ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZU5DTwACxYuMWwAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c53f89c9b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-fra-eddf8230046-FRA
pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1699627856.841780,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZU5DTwACxYuMWwAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 5A5E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f...

0
337 B

55ms
55ms

Image
text/plain

54.155.252.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 54.155.252.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-252-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Fri, 10 Nov 2023 14:50:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=114 t=1699627855
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
date: Fri, 10 Nov 2023 14:50:55 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a018-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 5A5E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b...

43 B
568 B

63ms
63ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 677N0VZW5MF21GCJS11K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PSGNK7AA5SD0TRXQ951B
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 5A5E 0
145 B 639ms
186ms Image
text/plain 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd64...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

95 B
154 B

53ms
53ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c527e6e9b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
date: Fri, 10 Nov 2023 14:50:55 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ Frame 5A5E 0
214 B 517ms
41ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=41544&puid=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 syncd
x.bidswitch.net/ Frame 5A5E 43 B
145 B 42ms
40ms Image
image/gif 18.195.142.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd6431f22-d163-4688-64b4-b0cca0d28a08%26reqId%3Dbc7bed60-72a2-4e3b-4951-aa1ca82f1ac4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5A5E 95 B
154 B 54ms
54ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4f8a459b21-FRA
access-control-allow-headers: *
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5A5E
Redirect Chain

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
https://mwzeom.zeotap.com/mw?cid=aNZUZGrQVGdzggM2P9BNNmyGUWRzhlgxadqiY5pI&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=d6431f22-d163-468...

95 B
154 B

58ms
58ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=aNZUZGrQVGdzggM2P9BNNmyGUWRzhlgxadqiY5pI&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c526e5b9b21-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://mwzeom.zeotap.com/mw?cid=aNZUZGrQVGdzggM2P9BNNmyGUWRzhlgxadqiY5pI&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=d6431f22-d163-4688-64b4-b0cca0d28a08&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 5A5E 557 B
469 B 69ms
68ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b170f881327e94549853dea47121247de1e653dfa1aff95999c98aafca7c88a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 823f1c4cae2d9b21-FRA
access-control-allow-headers: *

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame F96E
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8cee0b2aa8234f15bcea9d67fbb7ca83
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8cee0b2a-a823-4f15-bcea-9d67fbb7ca83
https://p.rfihub.com/cm?pub=39342&in=1&userid=4964b447-e9a9-4a06-b8a5-93f91d4939e4%3A1699627855.9119284&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4964b447-e9a9-4a06-b8a5-93f91d4...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730783988414&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4964b447-e9a9-4a06-b8...
https://idsync.rlcdn.com/501709.gif?partner_uid=4964b447-e9a9-4a06-b8a5-93f91d4939e4%3A1699627855.9119284&_=1699627855.9147243

0
98 B

144ms
49ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4964b447-e9a9-4a06-b8a5-93f91d4939e4%3A1699627855.9119284&_=1699627855.9147243
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 10 Nov 2023 14:50:56 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=4964b447-e9a9-4a06-b8a5-93f91d4939e4%3A1699627855.9119284&_=1699627855.9147243
content-length: 447
x-amz-cf-id: Wr-_azpl7AtxQ4GTJWWFfE_euT9sENk9utEpPsXyOvXGLJGMqAmG7g==

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F96E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5DTkAgII6LlZwF0RvC3AAAFKMAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5DTkAgII6LlZwF0RvC3AAAFKMAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

152ms
152ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5DTkAgII6LlZwF0RvC3AAAFKMAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VSHXFWCD61MJESPQV3PB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DFPDCH40RM94VMEFM8X1
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5DTkAgII6LlZwF0RvC3AAAFKMAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F96E 70 B
148 B 130ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame F96E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZU5DTkAgII6LlZwF0RvC3AAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZU5DTkAgII6LlZwF0RvC3AAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBMdkchm_K_OKnEk3Nqx9Mc&google_cver=1

43 B
735 B

58ms
57ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBMdkchm_K_OKnEk3Nqx9Mc&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr5N3aGHn%2FEVjRPWtab%2BvSiJ9Qvl5sUhlIw%2B%2Fq829Iwz8fQyHQalDj1lWsBfTtMMS8QoxvhAN8himnxh5SJKWWP51Ju0psRgDefYYAtO%2FoN7i94H6QeamBJUojkPtseYGiboJ4q3YiOD4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823f1c4e08059a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBMdkchm_K_OKnEk3Nqx9Mc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame F96E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283

42 B
717 B

59ms
58ms

Image
image/gif

52.49.90.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1

Protocol

Server

52.49.90.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-90-12.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-09a33b2f9.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: /phMIO0ITGc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-045ff60d9.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: PeAhMEFiSgk=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU5DTkAgII6LlZwF0RvC3AAA%265283
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame F96E
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

43 B
769 B

69ms
68ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXmTJcALLKKemnjLmgXn7IMD9nxniP69LGOp%2BlKSIq96vmhK2HRSIsu8c2a3EoIk6KDtOwRVMv1XCMYqSFkWuxMQBvIg38kVYHLBRP5ZA5jHRrCKmeU3a57eOzLVEZgSkKh9fBwdicVmEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823f1c4ddfd49a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date: Fri, 10 Nov 2023 14:50:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
content-type: text/html; charset=utf-8

GET
H2 200 ix
ad4m.at/ad/sim/ Frame F96E 0
0 151ms
56ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame F96E 0
125 B 134ms
42ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZU5DTkAgII6LlZwF0RvC3AAAFKMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 um
u-ams03.e-planning.net/ Frame F96E 42 B
103 B 39ms
39ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=1a6c1baa257569b8&uid=ZU5DTkAgII6LlZwF0RvC3AAA%265283
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1a6c1baa257569b8%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

server: openresty
date: Fri, 10 Nov 2023 14:50:54 GMT
content-type: image/gif

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 544D
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=1130769995846920363

35 B
250 B

196ms
64ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=1130769995846920363
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:54 GMT
an-x-request-uuid: c0c2a252-f399-4fb3-9492-fb0ce21a2c51
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=1130769995846920363
x-proxy-origin: 80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 544D
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_79c2803e-b034-42d3-8c87-b7521b024afb&gdpr=&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_79c2803e-b034-42d3-8c87-b7521b024afb&gdpr=&gdpr_consent=&us_privacy=
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6ed445dc-6c08-4b05-bd5b-9aa042d10ea8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6ed445dc-6c08-4b05-bd5b-9aa042d10ea8

43 B
145 B

40ms
40ms

Image
image/gif

18.195.142.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6ed445dc-6c08-4b05-bd5b-9aa042d10ea8
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: H2
Server: 18.195.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6ed445dc-6c08-4b05-bd5b-9aa042d10ea8
date: Fri, 10 Nov 2023 14:50:55 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 544D 43 B
304 B 140ms
48ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 14:50:55 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 544D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-84b5be83-e66f-5bf9-42a5-61d6097496e1$ip$80.255.7.100

35 B
250 B

55ms
55ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-84b5be83-e66f-5bf9-42a5-61d6097496e1$ip$80.255.7.100
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-84b5be83-e66f-5bf9-42a5-61d6097496e1$ip$80.255.7.100
Date: Fri, 10 Nov 2023 14:50:55 GMT
Connection: keep-alive
Content-Length: 126
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 544D 43 B
426 B 192ms
56ms Image
image/gif 2a05:d018:d29:3605:b2f6:43fb:c655:2341
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:b2f6:43fb:c655:2341 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 544D
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=0d41ca6b-e769-456b-8b84-23368907a4c0

35 B
250 B

57ms
57ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=0d41ca6b-e769-456b-8b84-23368907a4c0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=0d41ca6b-e769-456b-8b84-23368907a4c0
Date: Fri, 10 Nov 2023 14:50:55 GMT
Connection: keep-alive
X-CI-RTID: 07d3164e-bf3e-42b5-80d9-b30227ac1757
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 544D 0
44 B 408ms
126ms Image
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
content-length: 0
server: c

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 544D
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_79c2803e-b034-42d3-8c87-b7521b024afb&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

56ms
56ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 544D
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=f72ioHSJEDLQ&ev=1&pid=558355

35 B
250 B

118ms
53ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=f72ioHSJEDLQ&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 14:50:55 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=f72ioHSJEDLQ&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b57df6cd5-cbcjn
expires: -1

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 544D 0
45 B 318ms
49ms Image
text/plain 5.135.209.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:54 GMT
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame 544D 42 B
104 B 126ms
38ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=1a6c1baa257569b8&uid=e_79c2803e-b034-42d3-8c87-b7521b024afb
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

server: openresty
date: Fri, 10 Nov 2023 14:50:55 GMT
content-type: image/gif

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame BDE2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=7039491008036749499&gdpr=&gdpr_consent=

35 B
208 B

59ms
59ms

Document
image/gif

99.81.151.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=7039491008036749499&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.151.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-151-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Fri, 10 Nov 2023 14:50:55 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 10 Nov 2023 14:50:55 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=7039491008036749499&gdpr=&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

pixel Show response
cm.g.doubleclick.net/ Frame 3090
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWMyODAzZS1iMDM0LTQyZDMtOGM4Ny1iNzUyMWIwMjRhZmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWMyODAzZS1iMDM0LTQyZDMtOGM4Ny1iNzUyMWIwMjRhZmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...

170 B
232 B

56ms
55ms

Document
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWMyODAzZS1iMDM0LTQyZDMtOGM4Ny1iNzUyMWIwMjRhZmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 14:50:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 435
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 14:50:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWMyODAzZS1iMDM0LTQyZDMtOGM4Ny1iNzUyMWIwMjRhZmI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F4BE 15 KB
6 KB 47ms
43ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=125422
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 10 Nov 2023 14:50:54 GMT
expires: Sun, 12 Nov 2023 01:41:16 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 375C 70 B
148 B 58ms
55ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Fri, 10 Nov 2023 14:50:54 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 2649
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZU5DT8Co5swAAORIPqcAAAAA

35 B
250 B

56ms
56ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZU5DT8Co5swAAORIPqcAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 10 Nov 2023 14:50:56 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Fri, 10 Nov 2023 14:50:55 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZU5DT8Co5swAAORIPqcAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40319.dc2p.scaleout.jp
X-SO-IP: 80.255.7.100
X-SO-Key: ZU5DT8Co5swAAORIPqcAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"80.255.7.100","key":"ZU5DT8Co5swAAORIPqcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40319"}
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-Upstream-ID: a-ad40319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame FB93
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=UONVFThB0HpxADi38ld6&pi=gumgum

35 B
250 B

196ms
68ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=UONVFThB0HpxADi38ld6&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 10 Nov 2023 14:50:55 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 10 Nov 2023 14:50:54 GMT Fri, 10 Nov 2023 14:50:54 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=UONVFThB0HpxADi38ld6&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BA2F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

41ms
39ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D1a6c1baa257569b8%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Nov 2023 14:50:55 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Nov 2023 14:50:54 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 89F3 46 KB
13 KB 41ms
41ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 04:29:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49073
Connection: keep-alive
Content-Length: 13280
Expires: Sat, 11 Nov 2023 04:28:47 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 89F3 7 B
380 B 175ms
44ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BA2F 46 KB
13 KB 47ms
47ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 14:50:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 04:29:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49072
Connection: keep-alive
Content-Length: 13280
Expires: Sat, 11 Nov 2023 04:28:47 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame BA2F 7 B
380 B 142ms
42ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
290 B 159ms
159ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://finance.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://finance.ua
Date: Fri, 10 Nov 2023 14:50:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 200 check Show response
site-script.esputnik.com/async-rules/v2/ 103 B
317 B 59ms
59ms Fetch
application/json 52.210.111.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://site-script.esputnik.com/async-rules/v2/check

Requested by

Host: statics.esputnik.com
URL: https://statics.esputnik.com/scripts/471588E47D554AE38913A92CE132D923.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.111.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-111-70.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4219c0fcc861a68262c4da3b16efd3d6c589ae2c5e5593449ede132a148d3e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://finance.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
cl-customer-id: F163C0C9-5005-9E30-F5AB-EAC05C2382A1
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 14:50:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

OPTIONS
H2 200 check
site-script.esputnik.com/async-rules/v2/ Frame 0
0 59ms
58ms Preflight 52.210.111.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://site-script.esputnik.com/async-rules/v2/check

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.111.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-111-70.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: cl-customer-id
Access-Control-Request-Method: POST
Origin: https://finance.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: cl-customer-id
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 10 Nov 2023 14:50:56 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 eyJmb3JtSWQiOjc2ODgsInZhcmlhbnRJZCI6NzY4OCwibGFuZyI6InVrIiwiYnJvd3Nlckxhbmd1YWdlIjoidWsiLCJjb250YWN0SWQiOm51bGwsImFjY291bnRJZCI6NDIzODksImlpZCI6IjIwRjBBNTlFLTYzRkEtRjg2Ny1GQkFELUJCQzMzMTdDQTYzRiIsI... Show response
esputnik.com/forms/v3/page/ 6 KB
2 KB 60ms
59ms Fetch
application/json 2a05:d018:ac8:b900:110:d8d7:bd0e:715a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esputnik.com/forms/v3/page/eyJmb3JtSWQiOjc2ODgsInZhcmlhbnRJZCI6NzY4OCwibGFuZyI6InVrIiwiYnJvd3Nlckxhbmd1YWdlIjoidWsiLCJjb250YWN0SWQiOm51bGwsImFjY291bnRJZCI6NDIzODksImlpZCI6IjIwRjBBNTlFLTYzRkEtRjg2Ny1GQkFELUJCQzMzMTdDQTYzRiIsImNoZWNrVGhpc1dpZGdldE9ubHkiOmZhbHNlLCJ0cmlnZ2VyZWRCeSI6IlJ1bGVzIn0=

Requested by

Host: statics.esputnik.com
URL: https://statics.esputnik.com/scripts/471588E47D554AE38913A92CE132D923.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:ac8:b900:110:d8d7:bd0e:715a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cd2c939988ea60b70d4e1199817d0360ae31a856fcf97daf2dcccc3bb61cb0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://finance.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
cl-customer-id: F163C0C9-5005-9E30-F5AB-EAC05C2382A1
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 14:50:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json

OPTIONS
H2 200 eyJmb3JtSWQiOjc2ODgsInZhcmlhbnRJZCI6NzY4OCwibGFuZyI6InVrIiwiYnJvd3Nlckxhbmd1YWdlIjoidWsiLCJjb250YWN0SWQiOm51bGwsImFjY291bnRJZCI6NDIzODksImlpZCI6IjIwRjBBNTlFLTYzRkEtRjg2Ny1GQkFELUJCQzMzMTdDQTYzRiIsI...
esputnik.com/forms/v3/page/ Frame 0
0 200ms
59ms Preflight 2a05:d018:ac8:b900:110:d8d7:bd0e:715a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:ac8:b900:110:d8d7:bd0e:715a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: cl-customer-id
Access-Control-Request-Method: GET
Origin: https://finance.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *, Accept, Content-Type, Content-Length, Accept-Encoding, cl-customer-id
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Nov 2023 14:50:57 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 e23ee630-6ca1-4533-a046-84a8e1a9aa8b.png
forms.esputnik.com/img/42389/forms/6207/ 2 MB
2 MB 134ms
39ms Image
image/png 94.130.55.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forms.esputnik.com/img/42389/forms/6207/e23ee630-6ca1-4533-a046-84a8e1a9aa8b.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.55.46 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.55.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 3702682f2edfcdef48e238724b02a0e6faac385e773827248884b2afb91392d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Sat, 11 Nov 2023 14:50:57 GMT
date: Fri, 10 Nov 2023 14:50:57 GMT
last-modified: Fri, 23 Jun 2023 08:22:34 GMT
server: nginx
x-amz-server-side-encryption: AES256
x-proxy-host: forms10
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, nofollow
access-control-allow-headers: Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
content-length: 2452948
x-proxy-cache: HIT

POST
H2 200 event Show response
esputnik.com/forms/v1/ 0
186 B 61ms
61ms Fetch 2a05:d018:ac8:b900:110:d8d7:bd0e:715a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esputnik.com/forms/v1/event

Requested by

Host: statics.esputnik.com
URL: https://statics.esputnik.com/scripts/471588E47D554AE38913A92CE132D923.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:ac8:b900:110:d8d7:bd0e:715a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://finance.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
cl-customer-id: F163C0C9-5005-9E30-F5AB-EAC05C2382A1
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 14:50:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
esputnik.com/forms/v1/ Frame 0
0 58ms
58ms Preflight 2a05:d018:ac8:b900:110:d8d7:bd0e:715a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esputnik.com/forms/v1/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:ac8:b900:110:d8d7:bd0e:715a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: cl-customer-id
Access-Control-Request-Method: POST
Origin: https://finance.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *, Accept, Content-Type, Content-Length, Accept-Encoding, cl-customer-id
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Nov 2023 14:50:57 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 946-ukraina_8.jpg
finance.ua/uploads/media/624x299/06/ 22 KB
23 KB 63ms
62ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/06/946-ukraina_8.jpg?v=1-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d7cbb2ad70e4ba876f6234008220064bbc552512943059a8f36724dc550cea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:57 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4440
cf-polished: qual=85, origFmt=jpeg, origSize=63985
content-disposition: inline; filename="946-ukraina_8.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22764
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Nov 2020 09:13:56 GMT
server: cloudflare
etag: "5fb788d4-f9f1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsg5byez0I0eKPEFLgUXTNBP9i6HFzRZNf1rssi8VIJ3yShdY4ZuUCXOsm0JYQeD9IDBrwuOXPhApzY7gvwPVJCXl0OjDY6khxCwN9j8qGOwuHilIQ9ST9YfPsQcESBFYocEBVMxBL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 823f1c5c79f86921-FRA
expires: Sat, 09 Nov 2024 13:25:19 GMT

GET
H3 200 7703-tiktok.png
finance.ua/uploads/media/624x299/03/ 18 KB
18 KB 56ms
55ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/03/7703-tiktok.png?v=1-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44ac6e76ee299bd4c97dae5028997a495261b85c01a803b094e142ea8e3a2567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:57 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93305
cf-polished: qual=85, origFmt=jpeg, origSize=35368
content-disposition: inline; filename="7703-tiktok.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18078
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 12:55:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XCLU8cGBra955LeGeBYQglL3iw0lZY49Gf65qSLHnnnt4Cw9L99EnDV8Q%2BEz1WnbPYchuiXEyelcWrxNKLrpfiU4b5lf1Jwm67%2Bv9MMCDRsRskg62mAvKSYQO1j%2FPq6o%2Bn3nEQYfAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public
accept-ranges: bytes
cf-ray: 823f1c5c79f96921-FRA
expires: Sat, 09 Dec 2023 14:32:02 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/-RaYNxHdXQw/ 63 KB
64 KB 165ms
49ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/-RaYNxHdXQw/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

521bcd96088f2189c2fb8d29a737932208e83f7c916db06855565ca0f7e0d98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64752
x-xss-protection: 0
server: sffe
etag: "1699519876"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 14:55:57 GMT

GET
H3 200 822-bitkoin_1.jpg
finance.ua/uploads/media/624x299/02/ 27 KB
28 KB 63ms
63ms Image
image/jpeg 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/02/822-bitkoin_1.jpg?v=1-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18390e3f733325a33b70433533aa8d4507ff2f659dbd1a278dcb3530785f7b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:57 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 190599
cf-polished: degrade=85, origSize=74591, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 28027
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 01 Nov 2020 13:22:04 GMT
server: cloudflare
etag: "5f9eb67c-1235f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IST8Ty43fyZPN5r2L6REvTqG3DEexPBMfWSyFLjMlEt0ozvN3maEnzbe9iW4YIR7XbE5By6Gf6YykhW%2Bg8NoQwu4lb%2BPIWn8WoVfD5VD7SUgpq3KfE6qj%2Fqxyy3PqjfADvn6Q99SSvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 823f1c5c79fb6921-FRA
expires: Thu, 07 Nov 2024 09:53:24 GMT

GET
H3 200 1071-dollar_dollar3.jpg
finance.ua/uploads/media/624x299/01/ 23 KB
24 KB 98ms
98ms Image
image/webp 2606:4700:20::681a:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/uploads/media/624x299/01/1071-dollar_dollar3.jpg?v=1-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

306d7f68cbe946a50475f818547666131816c7cf85d292ad353b02fe08c61a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finance.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:50:57 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9161
cf-polished: qual=85, origFmt=jpeg, origSize=54363
content-disposition: inline; filename="1071-dollar_dollar3.webp"
alt-svc: h3=":443"; ma=86400
content-length: 23984
x-xss-protection: 1; mode=block;
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 15 Nov 2020 12:31:59 GMT
server: cloudflare
etag: "5fb11fbf-d45b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwbofTl5IoHXkuaS4G1sI5DCQraH52LC729f5jYIXqUcYwaOkccjiLY0pgtmQV1wsJcO1gO5qIlAfB3qo3S61olJE00KGvmtu%2B22fV%2BDtjMJDcASL5v3z9VONTf1HxPf15INrBlKWoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 823f1c5c79fe6921-FRA
expires: Sat, 09 Nov 2024 12:08:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.tidaltv.com
URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Domain: bn01.er.bemail.it
URL: https://bn01.er.bemail.it/zeotap.php?_bid=d6431f22-d163-4688-64b4-b0cca0d28a08&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 16:50:19	Name: _li_ss Value: CggKBgiiARC7Fg
.finance.ua/	1970-01-21 01:43:07	Name: _ga_R62R0N2V63 Value: GS1.1.1699627853.1.0.1699627853.0.0.0
.finance.ua/	1970-01-21 01:43:07	Name: _ga Value: GA1.1.1787334258.1699627854
.finance.ua/	1970-01-20 16:50:19	Name: fn-subid Value: dohvhm13n85h
www.clarity.ms/	1970-01-21 00:52:43	Name: CLID Value: e1aaf153bbf047338c36e91b62858244.20231110.20241109
.finance.ua/	1970-01-21 01:43:07	Name: FPID Value: FPID2.2.OUeYYqve85Pab1biaYTLRP9DQwxu%2FrMVey5nENmzJ%2Fo%3D.1699627854
.finance.ua/	1970-01-20 16:08:19	Name: FPLC Value: IvHdKZrrRRbATZdIcALEHr3Wauu490DJ7BXyffffSL8bRr8LAf%2BOTRZnXlECEdlfdlHWmaqFDWwplyKkiObYiMahVGCnAA%2BIKjKaclsR54MZe9L8Vgnv4udAy4d%2B%2BA%3D%3D
.finance.ua/	1970-01-20 18:16:43	Name: FPAU Value: 1.2.1536340618.1699627854
.finance.ua/	1970-01-20 16:07:09	Name: FPGSID Value: 1.1699627853.1699627853.G-R62R0N2V63.dhiOh2Ydis-7LX_ZaUKGCg
.finance.ua/	1970-01-21 01:43:07	Name: sc Value: F163C0C9-5005-9E30-F5AB-EAC05C2382A1
.finance.ua/	1970-01-21 00:52:43	Name: _clck Value: 42l9iz\|2\|fgl\|0\|1409
finance.ua/	1970-01-20 16:50:19	Name: _pbjs_userid_consent_data Value: 3524755945110770
.finance.ua/	1970-01-21 00:52:43	Name: _pubcid Value: 6caac0dc-a135-4f2e-aaee-bccb805f5e5c
.adnxs.com/	1970-01-20 18:16:43	Name: uuid2 Value: 1130769995846920363
a4p.adpartner.pro/	1970-01-20 17:33:31	Name: apuid Value: 1d2c53fe-3efe-43c3-a766-1ef089724539
.adtelligent.com/	1970-01-20 17:36:24	Name: vmuid Value: 7d5ac6ee7abcedbc
.adsinteractive.com/	1970-01-20 17:27:46	Name: uids Value: adsint-PwzmffhFAyQURx1xVdQYQrac2L7YJ9gAhKjPXrIy
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.finance.ua/	1970-01-20 16:08:34	Name: _clsk Value: 17oxhm7\|1699627854524\|1\|1\|k.clarity.ms/collect
.e-planning.net/	1970-01-21 01:43:07	Name: E Value: AO3GoeRCPVN74DZV
cookies.nextmillmedia.com/	1970-01-20 16:17:12	Name: NMUID Value: csuid_df8c6715-3730-4b79-87ed-a2ab2ecffdbc
.adtelligent.com/	1970-01-20 17:36:24	Name: a307558 Value: 1d2c53fe-3efe-43c3-a766-1ef089724539
.adtelligent.com/	1970-01-20 17:36:24	Name: a751004 Value: 1130769995846920363
.adtelligent.com/	1970-01-20 17:36:24	Name: a750634 Value: adsint-PwzmffhFAyQURx1xVdQYQrac2L7YJ9gAhKjPXrIy
.trafmag.com/	1970-01-21 01:43:07	Name: vid Value: 4319997668370623
.adtelligent.com/	1970-01-20 17:36:24	Name: a297253 Value: 1130769995846920363
.adtelligent.com/	1970-01-20 17:36:24	Name: a584890 Value: 1130769995846920363
.bing.com/	1970-01-21 01:28:43	Name: MUID Value: 13625F15080F6A123E0B4CD009846B65
.c.bing.com/	1970-01-20 16:17:12	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:28:43	Name: SRM_B Value: 13625F15080F6A123E0B4CD009846B65
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:28:43	Name: MUID Value: 13625F15080F6A123E0B4CD009846B65
.c.clarity.ms/	1970-01-20 16:17:12	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:07:08	Name: ANONCHK Value: 0
.casalemedia.com/	1970-01-21 00:52:43	Name: CMID Value: ZU5DTkAgII6LlZwF0RvC3AAA
.casalemedia.com/	1970-01-20 18:16:43	Name: CMPS Value: 5283
.casalemedia.com/	1970-01-20 18:16:43	Name: CMPRO Value: 5283
.zeotap.com/	1970-01-21 00:52:43	Name: zc Value: d6431f22-d163-4688-64b4-b0cca0d28a08
.zeotap.com/	1970-01-20 16:08:34	Name: zsc Value: %A6%2Fl%85v.%CC%A9%188o%E2%11%9B%A2%E7%1D3c-C%C6%8EK3%1Ea%B5%12%FE%F1m%EB%3C0%10V%B8%D2%EA%EF%40%27%F7%CF%C1t%F5%A5%D9%0C%A5%11%282%2A%89%B8tkN%DD%0C8d%A6%17IM%05%C5%0F%99%90%A7y%9CNpn%3FHf%27%26%83q%5C%D70%CA%1D%BDr%C8%C8%C5%90%AD%0F%2A%1CS%C1Y%CE%90o%FFb4%26%DD%DB%B5%25%E9%0F%A7%05%84%00VG%CE%17z%E8%2B%A5%CB%AD%1C%1D%2BN7%2A%0A%9A_%D0C%1A%01QF%9C%06%FF%E1%D2%0CnvC%EF%CE%29%BF%B4%8Ffb%F0n%90%AA%13
.creativecdn.com/	1970-01-21 00:52:43	Name: u Value: UONVFThB0HpxADi38ld6
.creativecdn.com/	1970-01-21 00:52:43	Name: ts Value: 1699627854
.console.adtarget.com.tr/	1970-01-20 17:36:24	Name: vmuid Value: 2fb90e343648582e
.adtelligent.com/	1970-01-20 17:36:24	Name: a307971 Value: AO3GoeRCPVN74DZV
.gumgum.com/	1970-01-21 00:52:43	Name: vst Value: e_79c2803e-b034-42d3-8c87-b7521b024afb
.tapad.com/	1970-01-20 17:33:31	Name: TapAd_TS Value: 1699627854922
.tapad.com/	1970-01-20 17:33:31	Name: TapAd_DID Value: b67a978d-8011-4bc6-a641-fa53b022a7b2
.adfarm1.adition.com/	1970-01-20 18:16:43	Name: UserID1 Value: 7299846048329300127
.bidswitch.net/	1970-01-21 00:52:43	Name: tuuid Value: 6ed445dc-6c08-4b05-bd5b-9aa042d10ea8
.bidswitch.net/	1970-01-21 00:52:43	Name: c Value: 1699627854
.console.adtarget.com.tr/	1970-01-20 17:36:24	Name: a307080 Value: UONVFThB0HpxADi38ld6
.adtelligent.com/	1970-01-20 17:36:24	Name: a318342 Value: 2fb90e343648582e
.adform.net/	1970-01-20 16:50:19	Name: C Value: 1
.demdex.net/	1970-01-20 20:26:19	Name: demdex Value: 67108912628805331281115705467435627280
.tapad.com/	1970-01-20 17:33:31	Name: TapAd_3WAY_SYNCS Value:
.doubleclick.net/	1970-01-21 01:28:43	Name: IDE Value: AHWqTUktKhkjBAXjNQQX519C6p4Qts3QSDDaop-qxDGJmoQr1-B24or8vQP0TSBLko0
.disqus.com/	1970-01-21 00:52:43	Name: zeta-ssp-user-id Value: ua-455b0d9f-4973-3a97-ab29-980c30fe4d79
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86159\|ZU5DU
.adform.net/	1970-01-20 17:33:31	Name: uid Value: 7039491008036749499
.bidswitch.net/	1970-01-21 00:52:43	Name: tuuid_lu Value: 1699627855
.mgid.com/	1970-01-20 16:27:17	Name: lmg_usr Value: e9ddcb47-d065-43a1-b298-946396ed9517
.mgid.com/	1970-01-20 16:27:17	Name: lmg_r Value: 25
.dpm.demdex.net/	1970-01-20 20:26:19	Name: dpm Value: 67108912628805331281115705467435627280
.yahoo.com/	1970-01-21 00:53:05	Name: A3 Value: d=AQABBE9DTmUCEEnLNBr_c1OAncq5v6wDDGcFEgEBAQGUT2VYZeAJyiMA_eMAAA&S=AQAAAuJuNbMWLBZes36N2dZSDIk
.adtelligent.com/	1970-01-20 17:36:24	Name: a753378 Value: e9ddcb47-d065-43a1-b298-946396ed9517
.analytics.yahoo.com/	1970-01-21 00:52:43	Name: IDSYNC Value: 19ah~2ez2
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: ab598f368abe20a2
.weborama.fr/	1970-01-21 01:33:03	Name: AFFICHE_W Value: -FuyIAFbG2L842
.agkn.com/	1970-01-21 00:52:43	Name: ab Value: 0001%3AH4us1IpP4SIHwjdv60zv2MfARVJp4Oae
.turn.com/	1970-01-20 20:26:19	Name: uid Value: 9085677422534111407
.1rx.io/	1970-01-21 00:52:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003%22%2C%22nxtrdr%22%3Afalse%7D
.krxd.net/	1970-01-20 20:26:19	Name: _kuid_ Value: P6F6-ooZ
.liadm.com/	1970-01-21 01:43:07	Name: lidid Value: 8cee0b2a-a823-4f15-bcea-9d67fbb7ca83
.fwmrm.net/	1970-01-20 20:26:19	Name: _uid Value: umo1a91_7299855400366571636
.amazon-adsystem.com/	1970-01-20 21:44:05	Name: ad-id Value: A8KAyJ90s0RNrcMlPfJibWg
.amazon-adsystem.com/	1970-01-21 01:43:07	Name: ad-privacy Value: 0
.ipredictive.com/	1970-01-21 00:52:43	Name: cu Value: 0d41ca6b-e769-456b-8b84-23368907a4c0\|1699627855360
sync.srv.stackadapt.com/	1970-01-21 00:52:43	Name: sa-user-id Value: s%3A0-84b5be83-e66f-5bf9-42a5-61d6097496e1.BoC1xr%2BePVZXCPAw9LgphswV6a8dqLfCP7mSR%2FBnJLM
.srv.stackadapt.com/	1970-01-21 00:52:43	Name: sa-user-id Value: s%3A0-84b5be83-e66f-5bf9-42a5-61d6097496e1.BoC1xr%2BePVZXCPAw9LgphswV6a8dqLfCP7mSR%2FBnJLM
sync.srv.stackadapt.com/	1970-01-21 00:52:43	Name: sa-user-id-v2 Value: s%3AhLW-g-ZvW_lCpWHWCXSW4VD_B2Q.3%2FKLeTqdmpXqYoQDze6yRdtyHbxq591lVL38FvBaUzU
.srv.stackadapt.com/	1970-01-21 00:52:43	Name: sa-user-id-v2 Value: s%3AhLW-g-ZvW_lCpWHWCXSW4VD_B2Q.3%2FKLeTqdmpXqYoQDze6yRdtyHbxq591lVL38FvBaUzU
sync.srv.stackadapt.com/	1970-01-21 00:52:43	Name: sa-user-id-v3 Value: s%3AAQAKIKrwxJMwEc-o56xp8vU6hQdRzR9-gyuuQbHJQBs3cHGXEHwYBCDPhrmqBjABOgRzygDyQgSGVHsx.ELVJNyZQylpO94%2Bl%2FUmHoq2n%2BCgV80n30lONKnIC52c
.srv.stackadapt.com/	1970-01-21 00:52:43	Name: sa-user-id-v3 Value: s%3AAQAKIKrwxJMwEc-o56xp8vU6hQdRzR9-gyuuQbHJQBs3cHGXEHwYBCDPhrmqBjABOgRzygDyQgSGVHsx.ELVJNyZQylpO94%2Bl%2FUmHoq2n%2BCgV80n30lONKnIC52c
.richaudience.com/	1970-01-20 18:16:43	Name: avcid-zeo-uid Value: d6431f22-d163-4688-64b4-b0cca0d28a08
.targeting.unrulymedia.com/	1970-01-21 00:52:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003%22%7D
.quantserve.com/	1970-01-20 18:16:43	Name: d Value: EBYBDQGyKuvLswA
.quantserve.com/	1970-01-21 01:37:22	Name: mc Value: 654e434f-ac7a3-72e1e-e8079
.everesttech.net/	1970-01-21 00:52:43	Name: everest_g_v2 Value: g_surferid~ZU5DTwACxYuMWwAm
.adtelligent.com/	1970-01-20 17:36:24	Name: a541630 Value: RX-6fa233ca-7b78-4abd-9096-04a379b7448d-003
.socdm.com/	1970-01-21 01:43:07	Name: SOC Value: ZU5DT8Co5swAAORIPqcAAAAA
.rezync.com/	1970-01-20 20:26:19	Name: zync-uuid Value: 4964b447-e9a9-4a06-b8a5-93f91d4939e4:1699627855.9119284
.rfihub.com/	1970-01-21 01:28:43	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjC3MLa0sDAxNBHiM9T1S3b0LjcKKywKN0kGAGaqh2clAAAA
.rfihub.com/	1970-01-21 01:28:43	Name: eud Value: H4sIAAAAAAAA_1XIsQ2AMAwEwAmoMocRTj62n20cEQaipGRSOiTKu6s4aBiAy2RSkJvJiOzCdlIPsHFiVyOtevS-UpU1cJflS6thz9_-An7bi-BaAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjC3MLa0sDAxNBHiM9T1S3b0LjcKKywKN0kGAGaqh2clAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRGAIAxFwYvtxDHwCXl2E0YsxMrd_Y4pQkuatilMdYWtrGH0F39EZ-v2gGgzxzhxp6V-Iw1l3joAAAA
live.rezync.com/	1970-01-20 20:26:19	Name: sd-session-id Value: .eJwNzFsOgjAQRuG9zDM1HTq9_N0MKTImjYKGwovEvdvHk5x8F00f3dey6XZQPvZTB7q_aq9G-aJWv6s-KZNnm7xHdDYmh5SEhX4DNW2tvrepLv0RBJlFolEUGCk2mDkVb-Ae4EXgoJI5AGGMHbuBGWPqzh-juyVL.ZU5DUA.rTHkowuFDXD95v6uOGGjYx2lP5U

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://finance.ua/ Message: Refused to execute script from 'https://static.finance.ua/banner/banner.gif' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=d6431f22-d163-4688-64b4-b0cca0d28a08&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=d6431f22-d163-4688-64b4-b0cca0d28a08&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d6431f22-d163-4688-64b4-b0cca0d28a08&reqId=bc7bed60-72a2-4e3b-4951-aa1ca82f1ac4&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4964b447-e9a9-4a06-b8a5-93f91d4939e4%3A1699627855.9119284&_=1699627855.9147243 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
c.bing.com
c.clarity.ms
c1.adform.net
cm-x.mgid.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
cookies.nextmillmedia.com
creativecdn.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
esputnik.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
finance.ua
fonts.treeum.net
forms.esputnik.com
ghb.adtelligent.com
google.com
i.e-planning.net
i.liadm.com
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
images.dmca.com
img.youtube.com
k.clarity.ms
live.rezync.com
loadeu.exelator.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pixel.rubiconproject.com
pixel.tapad.com
placeholder.treeum.net
player.adtcdn.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
region1.analytics.google.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
secure-assets.rubiconproject.com
secure.adnxs.com
site-script.esputnik.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum.casalemedia.com
static.finance.ua
statics.esputnik.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.adsinteractive.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.finance.ua
t.trafmag.com
tags.bluekai.com
tags.crwdcntrl.net
tg.finance.ua
tg.socdm.com
themes.finance.ua
token.rubiconproject.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
vid.vidoomy.com
widget.trustpilot.com
www.clarity.ms
www.google.de
www.googletagmanager.com
x.bidswitch.net
bn01.er.bemail.it
sync.tidaltv.com
104.18.36.155
13.248.245.213
13.32.27.99
145.40.97.67
151.101.194.49
157.245.23.44
162.55.236.224
163.172.71.49
18.195.142.87
18.197.230.215
18.198.69.109
185.15.245.83
185.184.8.90
185.83.71.234
193.0.160.130
193.200.65.5
193.3.178.2
193.3.178.3
193.3.178.4
198.47.127.19
20.96.88.162
2001:4860:4802:34::36
205.234.175.175
208.93.169.131
211.120.53.201
216.52.2.91
216.58.206.34
23.213.164.238
23.35.229.251
23.56.202.187
2400:52e0:1a01::994:1
2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a
2606:4700:10::6816:1857
2606:4700:20::681a:2f2
2606:4700:20::681a:3f2
2606:4700:20::681a:607
2606:4700:20::681a:707
2606:4700:20::681a:ad1
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:bdf::67
2620:1ec:c11::200
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c03::9b
2a01:4f8:242:57ce::2
2a02:6ea0:c700::11
2a04:4e42::300
2a05:d018:ac8:b900:110:d8d7:bd0e:715a
2a05:d018:d29:3605:b2f6:43fb:c655:2341
2a06:98c1:3120::3
2a0c:5c87:5241::2
3.222.95.59
3.65.142.57
3.75.62.37
34.111.113.62
34.111.131.239
34.160.203.91
34.160.236.64
34.200.14.96
34.247.205.196
34.255.67.121
34.95.81.168
35.186.253.211
35.210.239.72
35.244.159.8
35.244.174.68
37.157.3.20
37.157.4.29
37.252.171.149
44.209.183.242
45.133.44.4
46.228.164.11
46.228.174.117
5.135.209.100
51.83.220.94
51.89.9.254
52.2.255.128
52.209.20.66
52.210.111.70
52.222.236.71
52.223.40.198
52.46.130.91
52.49.90.12
52.70.1.191
52.71.54.14
52.95.115.255
54.155.252.188
65.9.66.122
67.202.105.21
68.219.88.97
69.166.1.66
69.173.144.138
69.192.160.219
70.42.32.95
8.18.47.7
8.2.110.161
8.2.110.17
85.114.159.118
94.130.55.46
99.81.151.243
0090b026b19a84a009268f318823ccec8aa9f9181758eff88073ce3926cf5d42
014bcda404b7321bdd9933e511053ac80b0b7c0bf40c329b9abff51230d36069
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
0327dc4d8fe4bdb4800e1935d378f6cba890203902a9f2b193e6130ffde65a15
03eb7caf23a4d7381c786a4feea170d5542e1f9a5daa510a9f648277caa5df21
07b5fd2586c4c51e38d14e17c19fe6a6cf0affb44ca0f1af3e35f781ea0b0159
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10f9bfa42bb96c99729c9b2fee669803ad9c6fcd434d8d7d60a8dc8f5f7cc331
18390e3f733325a33b70433533aa8d4507ff2f659dbd1a278dcb3530785f7b72
19c959be7a1be80761f4faa2283776e4304cc27a9839316ebb947b58833a17b4
1a0a0310c2d23fb050d9a1e64dd7325944cc6abbb4852f69edf754e1c12c96ed
1b4e5d5055f8974625299e583e9093001f18115d795437e1173149240acc7844
1ca5c2e1545ab6e2ad6fb8b05bcbfb78127359cfb2c1547f281bce3c62481ed1
1ea7be5c729f7962aa0f5356040161a5b381966c976171b4b50c0cf59c3885dd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f0114827d30dc9462d7d2f64f35e919427fa9b1aea4cd28316eeeeeea93c149
2d7cbb2ad70e4ba876f6234008220064bbc552512943059a8f36724dc550cea8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
306d7f68cbe946a50475f818547666131816c7cf85d292ad353b02fe08c61a36
32668fc938c766cc989a9a40186c27291cd4b1d871fcd1da207240da548feee2
354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa
3702682f2edfcdef48e238724b02a0e6faac385e773827248884b2afb91392d4
3d7d08f816c98272e7c3b6836337361123baf3adc9d879cfbe1fae2d1331e23c
3d8c3812a071cabfd328c866f220d12ac85d820047fb80e8f0866a88b084c816
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4219c0fcc861a68262c4da3b16efd3d6c589ae2c5e5593449ede132a148d3e38
44ac6e76ee299bd4c97dae5028997a495261b85c01a803b094e142ea8e3a2567
455ecffa9c3085b83459ed8a0e1bcc0968e6ad27576368d4d476b4d3043fa64c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c059efba77adaae3757d5c9c7083919041dfd2aa161cf4b8d782aeceae83ff5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4d0d94e5939e2c051da0b872e89d06eaf65b3e0ab8c3e84c163f7bcb375d4e
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
51a19719fef5eccf9aada3196ebc9a6138eb4d3522a82d04c98359bbc3a20444
521bcd96088f2189c2fb8d29a737932208e83f7c916db06855565ca0f7e0d98e
52e78833717065cc02e33e4db42e14f3f52e79f2652b29b9a012a2129c28a196
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fe035c5088bc1be2644db1e39dc3518b483b20359d949e618f7fcb44afae30
5ea085017b18aca2345d00a41564b507c9f7c7d7f2bbaa2e990cfc3f07f2b211
642baf86710502de54a24cce174407b9811a287940e341b71488eec3af307517
6937f171f6b538129d8a318f58888243e8b2582418117e9b98b4a51e178c4304
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f69de9cdb32a508852b2e7be4bdc73a185368f54114aca80c588b4144d52241
7dc0c4420283a419c67e1fc91ff3edb51cb6b08f3c2675db7a1fd9ffe723cfb8
8157ba2b02528621bf91db668e49d6c42c5fd438167eef1ba3f0d82facdcda7a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
85b049b3c08722caec371469437576df2c46d0cfef88a34ad1476b29d327d2ae
86760be00cad1c97475072179e5e63354a683b88e04147300dae6242173d2b75
8ad732450cba181da81ba48c90836f80c5b6a01ffd4a4df2e9fb88001166a1fe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91f04cb15dcacd0abafb6100da0274ea26bfc15952e1cce2b6f4ec2eb958d451
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d7a604657db55ea328e1194ed1c77c8cc632dbbf887654d8bbc9207af989041
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
a4601449b7b8183fc200440c9cb082869332a545ff00c8d5588792a6387642ef
a54198853b60424a80229c56754bc3926256a310dde4322d15279cb9bdb4e334
a91b0139ae57f5b0116296600258d175197ff2e2e60183f32b251abc10d61b8f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b170f881327e94549853dea47121247de1e653dfa1aff95999c98aafca7c88a4
b1a95eb95ad04a2ab64d58181345e3bc113dcccb89bce32501dda1b6f7e00257
b38e26df7589c0a4ff41a10e140ae3764f8ed86cb15edd4efc5c747e8a413b26
b78f2be3ed5992883a3a35491efb0a77127c9e203e53677c68324ae01fbd90d3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc2f91ebfce349c199b7f405d3e883c51693f2260c4c3fe0f58d9f8378385230
c0a546c8e686ea370798041cfd3167d6ad91a213688262f42bd8dead21427924
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c824dd14f32f2f6c307d1a174fe6e4470696b508a274ed719690cf2674e52932
cc58115c9203629e6ec3655581f6b34ee4306b0f477c616f0a4be3d6d8cd99ac
cd2c939988ea60b70d4e1199817d0360ae31a856fcf97daf2dcccc3bb61cb0f1
cd310938bd7e088d2cb0e499f17468ad7f2915ddc3c78e36e9f865febf79eee6
d28b035fdbba48599da4d76feb47bd4d923f1ce2b36192552169ecd59fd130e8
d81488c411cab61303ad8004031b8f2ae9c31d1d4e880bb52663f9509883c8bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ee93eb06f9f5ff81432f09bef1273c60fc37241bee354ed8d2b3ce7d31246ed0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c94d4d715d2fa49d23cf35e46aca98902e46686dbcebdb8fb457a9e763831e
f563fbc9ea8d0fcd569959df4576609bef02e4b854ff538c8f6b82d52d2ebcd8
f970d539114d9f481f2b87da0432da442a95148b9b3b5e4e8d2cc6c3fdf0bcb1
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

finance.ua Open in urlscan Pro 2606:4700:20::681a:707 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

77 %HTTPS

24 %IPv6

80 Domains

115 Subdomains

74 IPs

10 Countries

4133 kBTransfer

6639 kBSize

95 Cookies

126 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

finance.ua Open in urlscan Pro
2606:4700:20::681a:707 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

77 %
HTTPS

24 %
IPv6

80
Domains

115
Subdomains

74
IPs

10
Countries

4133 kB
Transfer

6639 kB
Size

95
Cookies

175 HTTP transactions
5 data transactions