dtkt.com.ua Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dtkt.com.ua/
Effective URL:
https://dtkt.com.ua/
Submission: On April 14 via api (April 14th 2022, 8:54:52 am UTC) from GB — Scanned from GB

Summary HTTP 276 Redirects Links 173 Behaviour Indicators

Summary

This website contacted 86 IPs in 15 countries across 99 domains to perform 276 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is dtkt.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2022. Valid for: a year.

This is the only time dtkt.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700:20:... 2606:4700:20::681a:adf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
16	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	94.130.152.107 94.130.152.107	24940 (HETZNER-AS) (HETZNER-AS)
5	212.113.34.153 212.113.34.153	6849 (UKRTELNET) (UKRTELNET)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
13	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
2	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
3	2606:4700:20:... 2606:4700:20::ac43:47c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	212.113.34.136 212.113.34.136	6849 (UKRTELNET) (UKRTELNET)
1 10	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
3	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
2 2	188.42.29.166 188.42.29.166	7979 (SERVERS-COM) (SERVERS-COM)
5 5	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2 2	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
2	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1 2	138.201.34.238 138.201.34.238	24940 (HETZNER-AS) (HETZNER-AS)
4 4	3.126.125.87 3.126.125.87	16509 (AMAZON-02) (AMAZON-02)
4 6	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	31.28.167.114 31.28.167.114	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	52.22.9.187 52.22.9.187	14618 (AMAZON-AES) (AMAZON-AES)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
2 2	23.88.75.187 23.88.75.187	24940 (HETZNER-AS) (HETZNER-AS)
1 22	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
5	92.122.147.28 92.122.147.28	16625 (AKAMAI-AS) (AKAMAI-AS)
6 7	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
4 5	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	99.81.29.206 99.81.29.206	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2 2	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.89.20.125 104.89.20.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.108.101.160 23.108.101.160	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
4 8	54.236.81.149 54.236.81.149	14618 (AMAZON-AES) (AMAZON-AES)
2	5.178.65.252 5.178.65.252	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 3	168.119.149.178 168.119.149.178	24940 (HETZNER-AS) (HETZNER-AS)
2	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
17	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2600:9000:224... 2600:9000:224a:1400:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 13	18.158.238.206 18.158.238.206	16509 (AMAZON-02) (AMAZON-02)
8 9	142.251.36.66 142.251.36.66	15169 (GOOGLE) (GOOGLE)
2 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
5 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f602:96e:5500:bf36:df5c	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2a05:d018:24:... 2a05:d018:24:b002:c30a:8a9a:b9ec:c13a	16509 (AMAZON-02) (AMAZON-02)
2 2	52.213.35.75 52.213.35.75	16509 (AMAZON-02) (AMAZON-02)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
2 2	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
4 5	54.154.13.151 54.154.13.151	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	18.185.251.21 18.185.251.21	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	52.208.185.108 52.208.185.108	16509 (AMAZON-02) (AMAZON-02)
3 3	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	18.66.192.67 18.66.192.67	16509 (AMAZON-02) (AMAZON-02)
1 1	34.231.116.207 34.231.116.207	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.94.220.185 52.94.220.185	16509 (AMAZON-02) (AMAZON-02)
1	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.51.64.75 52.51.64.75	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.66.248.77 18.66.248.77	16509 (AMAZON-02) (AMAZON-02)
1 1	194.213.62.37 194.213.62.37	13036 (TMOBILE-) (TMOBILE-)
1	51.158.28.83 51.158.28.83	12876 (Online SAS) (Online SAS)
2	3.127.178.105 3.127.178.105	() ()
2 2	178.250.0.163 178.250.0.163	() ()
3 3	216.200.232.249 216.200.232.249	() ()
1 1	37.252.173.214 37.252.173.214	() ()
2 2	72.251.244.140 72.251.244.140	() ()
16	185.64.190.80 185.64.190.80	() ()
2 2	213.155.156.185 213.155.156.185	() ()
6	104.36.113.107 104.36.113.107	() ()
1 1	54.166.244.71 54.166.244.71	() ()
2 3	52.215.92.65 52.215.92.65	() ()
1	162.55.120.196 162.55.120.196	() ()
1 2	2606:4700:440... 2606:4700:4400::6812:230b	() ()
1	195.5.165.20 195.5.165.20	() ()
1	63.251.232.170 63.251.232.170	() ()
1 1	141.95.171.141 141.95.171.141	() ()
2 2	146.59.148.16 146.59.148.16	() ()
4 4	213.19.147.45 213.19.147.45	() ()
1	151.101.1.44 151.101.1.44	() ()
2	204.237.133.121 204.237.133.121	() ()
4 4	141.94.170.64 141.94.170.64	() ()
2 2	18.198.126.47 18.198.126.47	() ()
1 2	169.50.137.182 169.50.137.182	() ()
1 1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	() ()
1	2a05:d018:d29... 2a05:d018:d29:3601:11a:a397:8c8e:9db5	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1 1	159.65.197.210 159.65.197.210	() ()
1 1	34.102.253.54 34.102.253.54	() ()
1 1	185.33.221.88 185.33.221.88	() ()
1	66.155.71.25 66.155.71.25	() ()
1 1	35.156.6.177 35.156.6.177	() ()
1	38.91.45.7 38.91.45.7	() ()
2 2	35.157.226.32 35.157.226.32	() ()
1	38.27.122.126 38.27.122.126	() ()
2 2	35.201.96.126 35.201.96.126	() ()
1	104.36.113.68 104.36.113.68	() ()
1 2	77.243.60.138 77.243.60.138	() ()
1	52.17.2.116 52.17.2.116	() ()
1 1	54.146.66.83 54.146.66.83	() ()
2	198.47.127.20 198.47.127.20	() ()
276	86

11 2a06:98c1:3120::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dtkt.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:20::681a:adf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.dtkt.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
advert.dtkt.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.dtkt.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.152.107 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.107.152.130.94.clients.your-server.de

reader.dtkt.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.113.34.153 (Kyiv, Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: 212.113.34.153.dc.ukrtelecom.ua

cdn.yottos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:47c2 (United States)

ASN13335 (CLOUDFLARENET, US)

informer.minfin.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.113.34.136 (Kyiv, Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: 212.113.34.136.dc.ukrtelecom.ua

rg.yottos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.0.227.109 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.29.166 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.102.29.65 (Milan, Italy) 5 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.26 (Ukraine) 1 redirects

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 137.74.6.209 (Warsaw, Poland) 2 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.34.238 (Nagold, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.34.201.138.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.125.87 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-125-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.5.142 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.28.167.114 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 167-114.admixercdn-s2.cc.colocall.com

content.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.9.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-9-187.compute-1.amazonaws.com

cdn.adm.admixer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.75.187 (Gunzenhausen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 23.227.139.243 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 92.122.147.28 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-28.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.52 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.253.211 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.29.206 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-29-206.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.74.8 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.101.160 (Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

b1h-apac1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.236.81.149 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-81-149.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.252 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.119.149.178 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (Leesburg, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:1400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.158.238.206 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.36.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f602:96e:5500:bf36:df5c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:c30a:8a9a:b9ec:c13a (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.35.75 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-35-75.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Rheinfelden, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.113 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.154.13.151 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-151.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.251.21 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-251-21.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.185.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-185-108.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.67 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-67.muc50.r.cloudfront.net

engine.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.116.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-116-207.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.220.185 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.42.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.64.75 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-64-75.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-77.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.213.62.37 (Novy Jicin, Czech Republic) 1 redirects

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid4.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.178.105 (None, )

ASN- ()

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (None, ) 2 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.200.232.249 (None, ) 3 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.214 (None, ) 1 redirects

ASN- ()

adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.140 (None, ) 2 redirects

ASN- ()

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.64.190.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.36.113.107 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.166.244.71 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.92.65 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.120.196 (None, )

ASN- ()

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, )

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.141 (None, ) 1 redirects

ASN- ()

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (None, ) 2 redirects

ASN- ()

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.45 (None, ) 4 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (None, )

ASN- ()

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.237.133.121 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.94.170.64 (None, ) 4 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (None, ) 2 redirects

ASN- ()

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.182 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (None, ) 1 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:11a:a397:8c8e:9db5 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.88 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.6.177 (None, ) 1 redirects

ASN- ()

docker.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.226.32 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.126 (None, )

ASN- ()

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (None, ) 2 redirects

ASN- ()

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.68 (None, )

ASN- ()

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (None, ) 1 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.2.116 (None, )

ASN- ()

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.66.83 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 461 image6.pubmatic.com — Cisco Umbrella Rank: 622 simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com aud.pubmatic.com simage4.pubmatic.com	51 KB
26	dtkt.ua cdn.dtkt.ua reader.dtkt.ua advert.dtkt.ua my.dtkt.ua	196 KB
25	admixer.net 1 redirects cdn.admixer.net — Cisco Umbrella Rank: 45202 inv-nets.admixer.net — Cisco Umbrella Rank: 2574 content.admixer.net — Cisco Umbrella Rank: 236047	393 KB
17	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1718 mwzeom.zeotap.com — Cisco Umbrella Rank: 1566	5 KB
16	adscale.de 1 redirects js.adscale.de — Cisco Umbrella Rank: 7114 ih.adscale.de — Cisco Umbrella Rank: 5512	16 KB
14	adtelligent.com 1 redirects s.adtelligent.com — Cisco Umbrella Rank: 5850 sync.adtelligent.com — Cisco Umbrella Rank: 3858	7 KB
11	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 589 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 332	211 KB
11	dtkt.com.ua 1 redirects dtkt.com.ua	50 KB
10	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1117 eus.rubiconproject.com — Cisco Umbrella Rank: 567 token.rubiconproject.com — Cisco Umbrella Rank: 675 pixel.rubiconproject.com — Cisco Umbrella Rank: 350 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2538	22 KB
10	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	1 KB
9	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 248 adscale-emea.adnxs.com secure.adnxs.com	7 KB
9	adtarget.com.tr s.console.adtarget.com.tr — Cisco Umbrella Rank: 5421 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5813	4 KB
9	yottos.com cdn.yottos.com — Cisco Umbrella Rank: 797140 rg.yottos.com — Cisco Umbrella Rank: 905514	112 KB
8	audrte.com 4 redirects a.audrte.com — Cisco Umbrella Rank: 2378	9 KB
8	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 577 cm.adform.net — Cisco Umbrella Rank: 2148 dmp.adform.net — Cisco Umbrella Rank: 2577 track.adform.net — Cisco Umbrella Rank: 4449	3 KB
7	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 5400 s.e-planning.net — Cisco Umbrella Rank: 7051 u-ams02.e-planning.net — Cisco Umbrella Rank: 71417 i.e-planning.net — Cisco Umbrella Rank: 7123	4 KB
6	onaudience.com 6 redirects pixel-eu.onaudience.com pixel.onaudience.com	3 KB
6	crwdcntrl.net 4 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 858 tags.crwdcntrl.net — Cisco Umbrella Rank: 1523 sync.crwdcntrl.net	13 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	3 KB
5	openx.net 4 redirects rtb.openx.net — Cisco Umbrella Rank: 1537	917 B
5	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 300 cms.analytics.yahoo.com — Cisco Umbrella Rank: 883 pr-bh.ybp.yahoo.com	3 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556 ssum.casalemedia.com — Cisco Umbrella Rank: 1353	4 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	15 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 46301 ls.hit.gemius.pl — Cisco Umbrella Rank: 11850	16 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	285 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 289	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	1rx.io 3 redirects sync.1rx.io	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 576	1 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 440 usermatch.krxd.net — Cisco Umbrella Rank: 1217	942 B
3	exelator.com 2 redirects loadeu.exelator.com — Cisco Umbrella Rank: 7475 loada.exelator.com	2 KB
3	taboola.com 1 redirects trc.taboola.com — Cisco Umbrella Rank: 656 match.taboola.com	612 B
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 434	1 KB
3	richaudience.com 1 redirects sync.richaudience.com — Cisco Umbrella Rank: 1666	744 B
3	spotim.market sync.spotim.market — Cisco Umbrella Rank: 2594	1 KB
3	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 677	959 B
3	gstatic.com www.gstatic.com fonts.gstatic.com	166 KB
3	minfin.com.ua informer.minfin.com.ua	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	165 KB
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	simpli.fi 1 redirects um.simpli.fi	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	criteo.com 2 redirects dis.criteo.com	966 B
2	eyeota.net ps.eyeota.net	2 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1212	1 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 962	430 B
2	smartadserver.com 2 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1463	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 37912	672 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1548	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 216	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1129	791 B
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3311 pixel-sync.sitescout.com	382 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 655	656 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 860	2 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 985	416 B
2	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18062	543 B
2	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 124817	702 B
2	adpartner.pro 2 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 6554	539 B
2	tns-ua.com 1 redirects pa.tns-ua.com — Cisco Umbrella Rank: 126675	467 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 607	554 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1795	1 KB
2	mixadvert.com m.mixadvert.com — Cisco Umbrella Rank: 150189	4 KB
2	google.com www.google.com — Cisco Umbrella Rank: 4	1 KB
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	gumgum.com rtb.gumgum.com	209 B
1	bnmla.com match.bnmla.com	112 B
1	deepintent.com match.deepintent.com	44 B
1	creative-serving.com 1 redirects docker.creative-serving.com	475 B
1	playground.xyz 1 redirects ads.playground.xyz	465 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	turn.com 1 redirects ad.turn.com	518 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	quantserve.com 1 redirects pixel.quantserve.com	538 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	erne.co 1 redirects green.erne.co	366 B
1	adgrx.com cm.adgrx.com	408 B
1	iprom.net core.iprom.net	277 B
1	truffle.bid matching.truffle.bid
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	617 B
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 6757	535 B
1	ibillboard.com 1 redirects bbnaut.ibillboard.com — Cisco Umbrella Rank: 18336	550 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 52912	214 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 453	225 B
1	widespace.com 1 redirects engine.widespace.com — Cisco Umbrella Rank: 74289	483 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 431	383 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 12014	411 B
1	zemanta.com 1 redirects b1h-apac1.zemanta.com — Cisco Umbrella Rank: 16413	326 B
1	tynt.com ic.tynt.com — Cisco Umbrella Rank: 4493
1	admixer.com cdn.adm.admixer.com — Cisco Umbrella Rank: 385396	909 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3132	501 B
1	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 116504	809 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	66 KB
276	99

	Domain	Requested by
16	simage2.pubmatic.com	ads.pubmatic.com
15	mwzeom.zeotap.com	spl.zeotap.com
15	cdn.dtkt.ua	dtkt.com.ua cdn.dtkt.ua advert.dtkt.ua cdnjs.cloudflare.com
13	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
13	cdn.admixer.net	dtkt.com.ua cdn.admixer.net advert.dtkt.ua
11	sync.adtelligent.com	1 redirects s.adtelligent.com ads.us.e-planning.net ads.pubmatic.com
11	dtkt.com.ua	1 redirects dtkt.com.ua
10	inv-nets.admixer.net	1 redirects cdn.admixer.net dtkt.com.ua
9	cm.g.doubleclick.net	8 redirects spl.zeotap.com
9	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
9	advert.dtkt.ua	dtkt.com.ua advert.dtkt.ua
8	sync.console.adtarget.com.tr	s.console.adtarget.com.tr js.adscale.de
8	a.audrte.com	4 redirects ads.us.e-planning.net a.audrte.com s.adtelligent.com
7	ib.adnxs.com	6 redirects spl.zeotap.com
6	image2.pubmatic.com	ads.pubmatic.com
6	image6.pubmatic.com	2 redirects ads.pubmatic.com
5	match.adsrvr.org	5 redirects
5	rtb.openx.net	4 redirects ads.us.e-planning.net
5	ads.pubmatic.com	s.adtelligent.com ads.us.e-planning.net s.console.adtarget.com.tr
5	www.facebook.com	dtkt.com.ua connect.facebook.net
5	cdn.yottos.com	dtkt.com.ua cdn.yottos.com
5	connect.facebook.net	dtkt.com.ua connect.facebook.net cdn.dtkt.ua
4	pixel.onaudience.com	4 redirects
4	eus.rubiconproject.com	s.adtelligent.com ads.us.e-planning.net eus.rubiconproject.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	x.bidswitch.net	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	rg.yottos.com	dtkt.com.ua rg.yottos.com
4	gaua.hit.gemius.pl	1 redirects dtkt.com.ua gaua.hit.gemius.pl
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com dtkt.com.ua
3	sync.1rx.io	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	sync.mathtag.com	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
3	pixel.tapad.com	2 redirects spl.zeotap.com
3	js.adscale.de	s.console.adtarget.com.tr js.adscale.de ih.adscale.de
3	sync.richaudience.com	1 redirects ads.us.e-planning.net spl.zeotap.com
3	sync.spotim.market	s.adtelligent.com
3	ups.analytics.yahoo.com	3 redirects
3	creativecdn.com	2 redirects dtkt.com.ua
3	s.adtelligent.com	inv-nets.admixer.net dtkt.com.ua s.adtelligent.com
3	informer.minfin.com.ua	dtkt.com.ua informer.minfin.com.ua
3	www.googletagmanager.com	dtkt.com.ua www.googletagmanager.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	uipglob.semasio.net	1 redirects
2	visitor.fiftyt.com	2 redirects
2	pm.w55c.net	2 redirects
2	um.simpli.fi	1 redirects
2	loada.exelator.com	2 redirects
2	image4.pubmatic.com
2	sync.crwdcntrl.net	2 redirects
2	pixel-eu.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	tracking.m6r.eu	2 redirects
2	dis.criteo.com	2 redirects
2	ps.eyeota.net	s.adtelligent.com
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	beacon.krxd.net	spl.zeotap.com
2	odr.mookie1.com	spl.zeotap.com
2	sync.smartadserver.com	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	trc.taboola.com	1 redirects spl.zeotap.com
2	dmp.adform.net	1 redirects spl.zeotap.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	spl.zeotap.com	ads.us.e-planning.net
2	u-ams02.e-planning.net	ads.us.e-planning.net ads.pubmatic.com
2	s.e-planning.net	ads.us.e-planning.net
2	secure-assets.rubiconproject.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	ad.360yield.com	2 redirects
2	onetag-sys.com	s.adtelligent.com ads.us.e-planning.net
2	csync.loopme.me	2 redirects
2	ads.us.e-planning.net	1 redirects s.adtelligent.com
2	content.admixer.net	dtkt.com.ua
2	exchange.buzzoola.com	1 redirects dtkt.com.ua
2	m.trafmag.com	dtkt.com.ua
2	a4p.adpartner.pro	2 redirects
2	pa.tns-ua.com	1 redirects dtkt.com.ua
2	ap.lijit.com	dtkt.com.ua s.adtelligent.com
2	ads.betweendigital.com	2 redirects
2	scontent.xx.fbcdn.net	www.facebook.com
2	m.mixadvert.com	dtkt.com.ua m.mixadvert.com
2	www.google.com	dtkt.com.ua
1	sync.ipredictive.com	1 redirects
1	rtb.gumgum.com
1	aud.pubmatic.com
1	match.bnmla.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	docker.creative-serving.com	1 redirects
1	pixel-sync.sitescout.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com
1	pr-bh.ybp.yahoo.com
1	pixel.quantserve.com	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	green.erne.co	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	adscale-emea.adnxs.com	1 redirects
1	track.adform.net	1 redirects
1	ssum.casalemedia.com	1 redirects
1	js.cookieless-data.com	s.e-planning.net
1	bbnaut.ibillboard.com	1 redirects
1	tags.crwdcntrl.net	s.e-planning.net
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	pixel.rubiconproject.com	eus.rubiconproject.com
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	engine.widespace.com	1 redirects
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	cm.adform.net	s.console.adtarget.com.tr
1	i.e-planning.net	ads.us.e-planning.net
1	pixel.sitescout.com	ads.us.e-planning.net
1	b1h-apac1.zemanta.com	1 redirects
1	s.console.adtarget.com.tr	s.adtelligent.com
1	ic.tynt.com	s.adtelligent.com
1	cdn.adm.admixer.com	dtkt.com.ua
1	fonts.googleapis.com	cdn.dtkt.ua
1	www.google.co.uk	dtkt.com.ua
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.gstatic.com	www.google.com
1	my.dtkt.ua	cdnjs.cloudflare.com
1	c.bigmir.net	dtkt.com.ua
1	reader.dtkt.ua	dtkt.com.ua
1	cdnjs.cloudflare.com	dtkt.com.ua
276	142

This site contains links to these domains. Also see Links.

Domain
subscribe.dtkt.ua
my.dtkt.ua
news.dtkt.ua
docs.dtkt.ua
blank.dtkt.ua
consulting.dtkt.ua
services.dtkt.ua
webinary.dtkt.ua
online.dtkt.ua
seminars.dtkt.ua
promo.dtkt.ua
www.facebook.com
t.me
www.instagram.com
advert.dtkt.ua
inform.in.ua
www.bigmir.net
club.dtkt.ua
job.dtkt.ua
minrd.gov.ua
www.dtkt.com.ua
consulting.dtkt.com.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-09` - `2023-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.dtkt.ua E1	`2022-02-20` - `2022-05-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.yottos.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-03`	a year	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
m.mixadvert.com R3	`2022-03-13` - `2022-06-11`	3 months	crt.sh
c.bigmir.net R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-02` - `2022-07-01`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.adm.admixer.com AlphaSSL CA - SHA256 - G2	`2021-04-12` - `2022-05-14`	a year	crt.sh
ads.us.e-planning.net R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-03-30` - `2022-06-28`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2022-03-29` - `2022-06-27`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
sync.spotim.market R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.audrte.com Amazon	`2022-02-24` - `2023-03-24`	a year	crt.sh
*.e-planning.net R3	`2022-03-09` - `2022-06-07`	3 months	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-23` - `2023-02-03`	a year	crt.sh
*.adscale.de Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
sync.console.adtarget.com.tr R3	`2022-03-28` - `2022-06-26`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.cookieless-data.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-23` - `2023-03-22`	a year	crt.sh
*.eyeota.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
truffle.bid R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.iprom.net R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh

This page contains 59 frames:

Primary Page: https://dtkt.com.ua/
Frame ID: 79FC618EECE83E097CBBF5CEE6EB9837
Requests: 71 HTTP requests in this frame

Frame: https://informer.minfin.com.ua/ua/gen/nbu/?color=green
Frame ID: B0240ACCBB7501A4C28F7CC78EADB9C0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45306/c.html?b=45306
Frame ID: D76951A42AE6F3D880A43CE63FF9FEDF
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: B751012C5805FCDE006C704F67C4435D
Requests: 1 HTTP requests in this frame

Frame: https://rg.yottos.com/v2/pub?mod=20191116215720
Frame ID: 8BB87C70E8A8FACDB5705CD917431A8B
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3db7de58aeb98%26domain%3Ddtkt.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdtkt.com.ua%252Ff3945ab741b4068%26relation%3Dparent.parent&container_width=0&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25B5%25D0%25B1%25D0%25B5%25D1%2582-%25D0%259A%25D1%2580%25D0%25B5%25D0%25B4%25D0%25B8%25D1%2582%2F241220009229564&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=240
Frame ID: 497C4B3BD8D028E27203AFC0B18DEFDB
Requests: 12 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/loader2.js
Frame ID: E1AE291D13275B0493CD626FF3AFEB91
Requests: 26 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45306/c.html?b=45306
Frame ID: 57C04CF97C5DD4A6E6ABC3247F49A183
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: B13F4C02B4A6A00B565516938F88AC7E
Requests: 7 HTTP requests in this frame

Frame: https://content.admixer.net/test1/5f91aca0-ed77-4325-a1d9-441b141ba658/751885ad-d0f8-434d-a03c-d0571762fe5e.gif
Frame ID: 2EDE0F1B7FA1333D7E4534E1B0841151
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: DF4DBDD2AAD6B152F3E23031090C4B49
Requests: 12 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 68E6409642082ACB4CF7AB3FE33EAC08
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b1f21b03-d2e6-4493-a73e-36bcbf07ee9a
Frame ID: AE994BC1BB705E1EB3C67A1AB48D2371
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 47368037AEB15A3A5B2782C3C8AA379A
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=712122
Frame ID: ACFAE3ECA51C4221301C800E35E48294
Requests: 4 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 49C224318CA63D4CC5396B371175F1F2
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 76F1370D5E786A103585D82AC875D074
Requests: 2 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=6819468111060809687
Frame ID: FA9B0F51479E9DAD1BA3CD050C7CB914
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: F4AE785B129169B1AEEE1D083E4C13F9
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 23C6078A7B68318BC8CD14D12F0F6953
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 0FD587DBD061133625726867A9ACCDE2
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Frame ID: DFCB4982FA98B37C534306ABD1976425
Requests: 9 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 80904F1DF749A6F899C682F8B95E4E02
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: AC2E685D8C659248CF45C74057A200AF
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 018331CC27E7FA8408414ECE7059AFFF
Requests: 28 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 22D12EF2D328B964606639444FAD17D3
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 39723744DA040CED71B0AB3510D31BF3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Frame ID: F863EA588BBC86A04FAA21A6FF3BB821
Requests: 2 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 70F979B83D539E8ABB1C130BCF5F6C57
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 49F90789C69F142C94A7AC0640177619
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: EA72A45A27C7E981F1DFE1B02652D7C4
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G9ZFvjnGFuTr7hoPpche&pi=admatic
Frame ID: 1DD2A40F227F6F0C603BF4C4920443ED
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 8E148F0C134ACA19EDDAE5A9B1049B46
Requests: 11 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 548DE6E68D249EAEAA23762E8A39BB86
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKzFHzNjIzQSzRaA
Frame ID: 223AA11B2E8C7D38D5E506139A538F99
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A
Frame ID: E18083A97D828A66EC5A5FD1450DE142
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=
Frame ID: B57842825CB8FD6E2EBD4EB49DE339BE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1893958418449481925
Frame ID: DA7096367F8328CDF86661BD34A76468
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: AA02A246CA60570A59A4917618656B20
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086380293892077710
Frame ID: 3F7DB2DDFC1726C325ADCE5F3E502C9F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlfhVQAB4cKS-wAZ&gdpr=0&gdpr_consent=
Frame ID: F12502675D43BB9211ACD26DAEE4EB07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 37588B2321F893B70B9215412460A012
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8ovWlsTZSxB9pOjsOwQ2KNmKxGY
Frame ID: EFB71E1CF546EA80313E8063AAA2C241
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 79B3AD13A1E88E9302B9E94676C84005
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E106F49D36265A3BB2DCECE967D5D0C0
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C5D0DA0D7D6C02D91BBEBF29FB930B30
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 9A1ADB2ECDB4941550988DE023F6C80D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 761DBFBF56600897D0F8FDA5B85F95E4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznURgVQSaYRbWUTnW
Frame ID: 2E4A7865DCDDC4202B515515EB519C38
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0c2194e0-3d4d-4b5a-9961-8971a9818d0d-003
Frame ID: 104EE27577C73C8F9C446F14AAE518AB
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4a317b4d-c12a-4f86-9a79-b87953d7f35e-tuct95166d8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 72EF30ABA31EB8A3E296DF5DB794F5F0
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A
Frame ID: 6B58364AE0DD16FCDC7E3E1E43DAC47B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a7daeb35-9adc-44d0-a355-c7186e7be9e2
Frame ID: EFBBCFDF616236D092B586315AED85C0
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 7AFF9918BA7131D381177FB9EA9C71FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qoV0L7o61NEVfy5&gdpr=0&gdpr_consent=
Frame ID: 09012998293B749A27CBE1965F54845F
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 75F5253681058E90E6BF15041411F42E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C9B5DBB8DCD74C3A8AAC91D9BA18C70E
Frame ID: DDD3F632219D89DBF976324BF573B550
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=6fed9948ec3e5e7c&uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A
Frame ID: 05B3AB70576744D95B4D4D9A2974F36E
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=882445034/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Frame ID: ECC38563D003100D885228DCEABE178C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дебет-Кредит: Український бухгалтерський портал

Page URL History Show full URLs

http://dtkt.com.ua/ HTTP 301
https://dtkt.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

276
Requests

77 %
HTTPS

21 %
IPv6

99
Domains

142
Subdomains

86
IPs

15
Countries

1847 kB
Transfer

4824 kB
Size

98
Cookies

173 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.dtkt.ua/trial
Title: Спробувати безкоштовно

Search URL Search Domain Scan URL

URL: https://subscribe.dtkt.ua/
Title: Передплата

Search URL Search Domain Scan URL

URL: https://my.dtkt.ua/
Title: Профіль

Search URL Search Domain Scan URL

URL: https://my.dtkt.ua/mailing
Title: Мої розсилки

Search URL Search Domain Scan URL

URL: https://my.dtkt.ua/subscriptions
Title: Моя передплата

Search URL Search Domain Scan URL

URL: https://my.dtkt.ua/logout
Title: Вийти

Search URL Search Domain Scan URL

URL: https://my.dtkt.ua/register
Title: реєстрацію

Search URL Search Domain Scan URL

URL: https://my.dtkt.ua/restore
Title: Забули пароль?

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/
Title: Новини

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/
Title: Документи

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/
Title: Бланки

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/
Title: Консультації

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/
Title: Сервіси

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/
Title: Вебінари

Search URL Search Domain Scan URL

URL: https://online.dtkt.ua/
Title: Дт-Кт online

Search URL Search Domain Scan URL

URL: https://seminars.dtkt.ua/
Title: Семінари

Search URL Search Domain Scan URL

URL: https://promo.dtkt.ua/weeklyletter
Title: Щотижнева розсилка «Головне за тиждень»

Search URL Search Domain Scan URL

URL: https://promo.dtkt.ua/bestletters_trial
Title: Тематичні листи від редакції

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/push
Title: Отримувати пуш-повідомлення

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dtkt.ua/
Title: Приєднатись у Facebook

Search URL Search Domain Scan URL

URL: https://t.me/dtkt_ua
Title: Підписатись на Telegram-канал

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/debet-kredit/portal-news/62567
Title: Отримувати новини у Viber

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dtkt.ua/
Title: Долучитись у Instagram

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/tax-profits
Title: Податок на прибуток

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/tax-pdv
Title: ПДВ

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/tax-single
Title: Єдиний податок

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/labor-salary
Title: Трудові відносини. Зарплата і кадри

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/reporting
Title: Звітність

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/non-profit
Title: Неприбуткові організації

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/cash-register
Title: Каса і РРО

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/controller
Title: Контролюючі органи і перевірки

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/excise
Title: Акцизи

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/agriculture
Title: Сільське господарство

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/zed
Title: ЗЕД

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/tematic/individual
Title: Фізособи-підприємці

Search URL Search Domain Scan URL

URL: https://promo.dtkt.ua/bestletters_new
Title: Підписатись

Search URL Search Domain Scan URL

URL: https://advert.dtkt.ua/delivery/cl.php?bannerid=1028&zoneid=22&source=%7Bobfs%3A%7D&OXLCA=1&sig=cda453b70f8f7e6e558cec47c389a1df83e1e42f296a3b681a56ada5f2e8580d&oadest=https%3A%2F%2Fservices.dtkt.ua%2Fclassifiers%3F

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/featured
Title: Актуально!

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/debet-kredit/partner-news/75734
Title: Як швидко освоїти бухгалтерську програму?

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/debet-kredit/portal-news/75615
Title: Новації квітня: що і для кого зміниться?

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/taxation/common/75585
Title: З 5 квітня діють зміни для «єдинників» зі ставкою 2%, митна реформа та звільнення від податку на нерухомість!

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/taxation/common/75609
Title: Щомісячна єдина звітність, скасування лімітів доходів для ЄП, зміни у перевірках: ВРУ підтримала закони!

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/debet-kredit/portal-news/75752
Title: «Дебет-Кредит» за тиждень. Найкоротші бухгалтерські новини за 4 - 10 квітня

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/state/other/75741
Title: Індекс інфляції за березень – 104,5%

Search URL Search Domain Scan URL

URL: http://inform.in.ua/gogovorvuk1
Title: Договірні відносини в 2021 році. Новели 2022 у регулюванні, господарській договірній практиці та спорах. Нові вимоги до договорів згідно судової реформи та ...

Search URL Search Domain Scan URL

URL: http://inform.in.ua/bezpekaoxorona
Title: Безпечна робота підприємства в умовах пандемії(COVID-19). Актуальні питання охорони праці та промислової безпеки. Зміни в законодавстві, в порядку регулювання промислової безпеки, ...

Search URL Search Domain Scan URL

URL: http://inform.in.ua/finstroy
Title: ФІНАНСУВАННЯ БУДІВНИЦТВА: управління ризиками і викликами 2021 року Практика застосування / незастосування Закону України «Про ринки капіталу і ...

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/?cl=1412
Title:

Search URL Search Domain Scan URL

URL: https://online.dtkt.ua/newest/ua
Title: Свіжий номер

Search URL Search Domain Scan URL

URL: https://online.dtkt.ua/?sub=all&pub=dk-ua
Title: Архіви 2011-2021

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/54
Title: Акцизний податок

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/52
Title: Перевірки

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/catalogues/penalty
Title: Відповідальність

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/50
Title: РРО та каса

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/48
Title: Все для спрощенців!

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/49
Title: Відрядження

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/46
Title: Відпустки

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/45
Title: Зарплата та кадри

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/all_zvit
Title: Звітність

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/43
Title: Єдиний соцвнесок

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/47
Title: ПДВ

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/53
Title: ПДФО, ф. №1ДФ, ...

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/55
Title: Податок на прибуток

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/102
Title: ЗЕД

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/103
Title: Транспорт

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/catalogues/indexes
Title: Індекси, мінімуми

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/catalogues
Title: Норми, реквізити

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/ua/forms
Title: Типові форми

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/forms/contracts
Title: Договори

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/ua/
Title: Консультації

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/index.php
Title: Форуми ДК

Search URL Search Domain Scan URL

URL: https://job.dtkt.ua/index.php?search=&category=3
Title: Вакансії

Search URL Search Domain Scan URL

URL: https://job.dtkt.ua/resumes.php
Title: Резюме

Search URL Search Domain Scan URL

URL: http://docs.dtkt.ua/doc/1011.47.0

Search URL Search Domain Scan URL

URL: http://minrd.gov.ua/

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/society/economics/75822
Title: Бізнес підтримує низку спрощень в аграрній сфері 31

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/society/economics/75821
Title: Уряд розширив коло сільгоспвиробників, які мають право на держпідтримку 34

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/simple/individual-overall/75820
Title: Фізособа-«єдинник» ІІІ групи перейшла на ставку 2%: як розраховується граничний дохід у 2022 році? 151

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/labor-relations/75819
Title: Чи може роботодавець відмовити працівнику у відпустці через бойові дії? 890

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/social-protection/75818
Title: Влада планує обговорити з країнами ЄС питання сплати ЄСВ за переселенців 77

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/finance/bank-system/75817
Title: З 13 квітня запрацював закон про 100% гарантію за банківськими вкладами фізосіб: подробиці від НБУ 960

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/finance/bank-system/75816
Title: Як планують зберігати фінстабільність під час війни: результати засідання НБУ 117

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/labor-relations/75815
Title: На виплату компенсації роботодавцям за працевлаштування переселенців виділено 200 млн грн 213

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/pensions/75810
Title: Як виплачують пенсію у квітні через війну? 2508

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/labor-relations/75809
Title: Призупинення діяльності та простій: які відмінності? 4141

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/state/other/75807
Title: Уряд спростив реєстрацію сільгоспмашин та механізмів на період війни 44

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/labor-relations/75806
Title: Працівника мобілізовано: чи робити запис у трудовій? 2939

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/simple/corporate-single-tax/75805
Title: Займаєтесь видобуванням води: чи можна перейти на ЄП за ставкою 2%? 77

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/labor-relations/75804
Title: Держпраці забезпечує проведення розслідування нещасних випадків в умовах війни 36

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/state/other/75803
Title: Аналітика Як застосовувати граничні торговельні націнки на соціально значущі товари? 123

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/labor-relations/75802
Title: Бронювання військовозобов’язаних: нове роз'яснення Мінагро 2869

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/labor/labor-relations/75801
Title: Аналітика Бронювання працівника: якого листа написати? 971

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/state/other/75800
Title: З 12 квітня діють нові середні вартості пального: як зміняться ціни на дизпаливо та бензин? 2346

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/society/economics/75799
Title: Бізнес закликає не допустити неконтрольоване зростання цін на тютюнові вироби 1995

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/society/economics/75798
Title: Комітет ВРУ підтримав законопроєкт щодо безперебійного виробництва та постачання с/г продукції під час війни 112

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/
Title: Форум

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866960,1866960#msg-1866960
Title: Бронювання працівників

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866939,1866939#msg-1866939
Title: Покупка валюты сейчас - SOS

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866925,1866925#msg-1866925
Title: РК при заповнені Декларації ПДВ

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866922,1866922#msg-1866922
Title: Робота громадської організації спортивний клуб

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866919,1866919#msg-1866919
Title: Екологічний податок

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866910,1866910#msg-1866910
Title: Метод участі в капіталі - як застосувати?

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866893,1866893#msg-1866893
Title: Відносини з контрагентами, які перейшли на ЄП 2%

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866889,1866889#msg-1866889
Title: Підприємство не працювало в березні.Як бути з зарплатою?

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866872,1866872#msg-1866872
Title: Кто подавал уточненку по земле в связи с военным положением?

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866866,1866866#msg-1866866
Title: Втрата товару під час воєного стану

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866865,1866865#msg-1866865
Title: Розхід палива

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866864,1866864#msg-1866864
Title: Нерезидент хоче надіслати допомогу в Україну юр.особі: обладнання без оплати. Як зараз розмитнюється таке обладнання?

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866863,1866863#msg-1866863
Title: Продаж товарів за межами України

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866856,1866856#msg-1866856
Title: Призыв в армию

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866829,1866829#msg-1866829
Title: ФОП 2 группа на 3 группу с 1 апреля сейчас

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866823,1866823#msg-1866823
Title: Відпустка

Search URL Search Domain Scan URL

URL: https://club.dtkt.ua/read.php?13,1866807,1866807#msg-1866807
Title: Спрощена система оподаткування з особливостями - 2%

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/labor/social-protection/18371
Title: Самостійна сплата найманим працівником ЄСВ: чи можливо?

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/taxation/pdv/18370
Title: Особливості нарахування ПЗ з ПДВ за ст. 199 ПКУ

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/labor/compensation/18369
Title: Працівники за контрактом: підтвердження та нарахування середньої зарплати

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/taxation/excise/18367
Title: Як складати акцизні накладні при перевантаженні пального з одного бензовоза до іншого?

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/taxation/excise/18366
Title: Ліцензування торгівлі пальним під час воєнного стану

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/labor/labor-relations/18368
Title: Підстави для звільнення під час воєнного стану

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/state/cash-handling/18365
Title: Не зареєстрували вчасно КОРО: яка відповідальність?

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/taxation/excise/18363
Title: Чи можна продавати пальне за ціною закупівлі без торгових надбавок?

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/taxation/pdv/18364
Title: Надання послуг на спец-ЄП після отримання передоплати платником ПДВ

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/labor/compensation/18362
Title: Зарплата працівникам та оподаткування у резидентів «Дія. Сіті»

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/labor/labor-relations/18361
Title: Оформлення закордонного відрядження засновнику для доставки гуманітарної допомоги

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.ua/accounting/individual-transactions/18358
Title: Використання авто підприємства працівниками для допомоги військовим

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/v1713913-22
Title: Щодо окремих питань митного оформлення у звязку з внесенням змін до Митного кодексу України

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2168-20
Title: Про внесення змін до деяких законів України щодо забезпечення допоміжними засобами реабілітації осіб, постраждалих внаслідок військової агресії Російської Федерації проти України

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2169-20
Title: Про внесення змін до деяких законів України щодо звільнення від військової служби деяких категорій громадян

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2171-20
Title: Про внесення зміни до статті 11 Закону України "Про соціальний і правовий захист військовослужбовців та членів їх сімей" щодо вдосконалення порядку надання медичної допомоги військовослужбовцям в умовах воєнного стану

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2174-20
Title: Про захист інтересів осіб у сфері інтелектуальної власності під час дії воєнного стану, введеного у зв’язку із збройною агресією Російської Федерації проти України

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2175-20
Title: Про внесення зміни до пункту 5-2 розділу 9 "Прикінцеві та перехідні положення" Закону України "Про державну допомогу суб’єктам господарювання" щодо застосування його положень під час дії воєнного стану

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2178-20
Title: Про внесення змін до статті 114-2 Кримінального кодексу України щодо удосконалення відповідальності за несанкціоноване розповсюдження інформації про засоби протидії збройній агресії Російської Федерації

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2180-20
Title: Про внесення змін до деяких законів України щодо забезпечення стабільності системи гарантування вкладів фізичних осіб

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2181-20
Title: Про внесення змін до Закону України "Про оренду державного та комунального майна"

Search URL Search Domain Scan URL

URL: https://docs.dtkt.ua/doc/2047-20
Title: Про внесення змін до Закону України "Про захист суспільної моралі" щодо захисту прав та найкращих інтересів дитини

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/589
Title: Заява про реєстрацію роботодавця у відділенні Фонду соціального захисту інвалідів

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/588
Title: Уточнюючий розрахунок до Спрощеної декларації з ПДВ

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/587
Title: Спрощена податкова декларація з податку на додану вартість

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/586
Title: Розрахунок з рентної плати за користування надрами для видобування вуглеводневої сировини під час виконання угоди про розподіл продукції

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/585
Title: Розрахунково-платіжна відомість працівника (Форма №П-6)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/584
Title: Форма №1-ЗЕЗ (буд) (річна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/583
Title: Форма №1-електроенергія (піврічна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/582
Title: Форма №1-газ (піврічна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/581
Title: Форма №1-інновація (один раз на два роки)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/580
Title: Форма №2-тп (мисливство) (річна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/579
Title: Форма №1-екологічні витрати (річна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/578
Title: Форма №1-ПО (місячна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/577
Title: Форма №5-НО (зведена) (квартальна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/576
Title: Форма №5-НО (наука/оборона) (квартальна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/575
Title: Форма №1-ПО (зведена) (місячна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/574
Title: Форма №1-ПО (поставка/оборона) (місячна)

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/573
Title: Форма ведення обліку товарних запасів

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/572
Title: Повідомлення про участь у міжнародній групі компаній

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/571
Title: Декларація з податку на прибуток підприємств за угодою про розподіл продукції

Search URL Search Domain Scan URL

URL: https://blank.dtkt.ua/blank/570
Title: Заява щодо підтвердження відомостей про кінцевого бенефіціарного власника юридичної особи (форма 6)

Search URL Search Domain Scan URL

URL: https://online.dtkt.ua/2022/9-10
Title: Читайте в черговому числі тижневика «Дебет-Кредит» «ДК» №09-10-2022 від 28.02.2022:

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/126
Title: Аналіз змін – 2022: податок на прибуток, ПДВ , єдиний податок

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/125
Title: Найголовніші зміни 2022 року в зарплаті та кадрах

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/124
Title: Реклама і маркетинг: як уникнути податкових ризиків

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/123
Title: Бюджет прийнято: новий прожитковий мінімум та МЗП – 2022 та інші важливі величини для бухгалтера

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/122
Title: Постанову про перевірки Держпраці скасовано: що далі?

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/120
Title: Оперативна оренда: НП(с)БО та податковий облік

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/119
Title: Електронні трудові книжки, лікарняні та кадрові документи

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/118
Title: Необоротні активи: бухгалтерський та податковий облік

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/117
Title: Відпустки: актуально для бухгалтера й кадровика у 2021 році

Search URL Search Domain Scan URL

URL: https://webinary.dtkt.ua/view/116
Title: Оновлена звітність з ЄСВ та ПДФО: готові до виконання

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/ua/state/laws-and-regulations
Title: Новини держрегулювання

Search URL Search Domain Scan URL

URL: https://services.dtkt.ua/tematic_roz/tematic_roz/51
Title: Основи бухобліку

Search URL Search Domain Scan URL

URL: http://www.dtkt.com.ua/
Title: © 2022 "Дебет-Кредит"

Search URL Search Domain Scan URL

URL: https://www.dtkt.com.ua/
Title: DTKT.com.ua

Search URL Search Domain Scan URL

URL: https://news.dtkt.ua/ua
Title: NEWS.dtkt.ua

Search URL Search Domain Scan URL

URL: https://consulting.dtkt.com.ua/
Title: CONSULTING.dtkt.ua

Search URL Search Domain Scan URL

URL: https://subscribe.dtkt.ua/april2022
Title: Скористатися

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dtkt.com.ua/ HTTP 301
https://dtkt.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://gaua.hit.gemius.pl/_1649926482775/rexdot.js?l=100&id=dv2adocKY3xerqZevumxhvTGnO3FoIxrJnshzjbx6un.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdtkt.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=224&lsdata=jwwX8ipfvwYQk.g7w_IRwKpO7ZoYChPKgehYlMcovpb.i7wIOxDCEt49qWdxvlL0M0LX07WzR2NPAR3OtnBGzlE6I6yO/_ADoHcQgbJ3SV/&fpdata=yga8tcqtRYvZgpzdfWjs5_JLxyqXrvt5qV9hRVMQ9ED.C7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1649926482775/rexdot.js?l=100&id=dv2adocKY3xerqZevumxhvTGnO3FoIxrJnshzjbx6un.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdtkt.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=224&lsdata=jwwX8ipfvwYQk.g7w_IRwKpO7ZoYChPKgehYlMcovpb.i7wIOxDCEt49qWdxvlL0M0LX07WzR2NPAR3OtnBGzlE6I6yO/_ADoHcQgbJ3SV/&fpdata=yga8tcqtRYvZgpzdfWjs5_JLxyqXrvt5qV9hRVMQ9ED.C7&vis=1&fpcap=

Request Chain 101

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bafd6f86-d349-5168-bd55-5903df02b857

Request Chain 102

https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YlfhVfspoaPUSvI_cIL5UAAAASsAAAAB

Request Chain 104

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=421bc1ba6b2c4bc092dd9d7d40fd936e HTTP 302
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z55AB2E0CC8B4249A69BDA48C29EC5A3&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=421bc1ba6b2c4bc092dd9d7d40fd936e

Request Chain 105

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=952d5049-4887-4481-bba5-77647ee1927a

Request Chain 107

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=421bc1ba6b2c4bc092dd9d7d40fd936e HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=421bc1ba6b2c4bc092dd9d7d40fd936e

Request Chain 108

https://x.bidswitch.net/sync?ssp=admixer&user_id=421bc1ba6b2c4bc092dd9d7d40fd936e&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=421bc1ba6b2c4bc092dd9d7d40fd936e&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=4376685925668799560&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=5596c982-906a-4c1f-8db7-a45985a85690&gdpr=&consent=&gdpr_pd=

Request Chain 109

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 110

https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-YVF3WENE2uEi4t2G7rdzCqWpAXdlrIPI1IJ_ZOs-~A

Request Chain 117

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 119

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b1f21b03-d2e6-4493-a73e-36bcbf07ee9a

Request Chain 125

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7899110617540344407

Request Chain 126

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e478e986-c08e-450d-8139-97733516a30c

Request Chain 127

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=cd7876d8-598c-45c9-9c73-cd8341488050

Request Chain 128

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=aa1ef2c2-b99a-4e6d-84c1-cf4e9069c95d

Request Chain 129

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=421bc1ba6b2c4bc092dd9d7d40fd936e

Request Chain 134

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID HTTP 302
https://sync.spotim.market/csync?t=a&ep=323548&extuid=6819468111060809687

Request Chain 136

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184-d

Request Chain 137

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D&ox_sc=1 HTTP 302
https://sync.spotim.market/csync?t=a&ep=482928&extuid=

Request Chain 138

https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20 HTTP 302
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0

Request Chain 139

https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YlfhVfspoaPUSvI-cIL5UwAA%26204

Request Chain 145

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D6fed9948ec3e5e7c HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F

Request Chain 146

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D6fed9948ec3e5e7c%26uid%3D%24UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=6fed9948ec3e5e7c&uid=6819468111060809687

Request Chain 147

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 159

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G9ZFvjnGFuTr7hoPpche&pi=admatic

Request Chain 166

https://ih.adscale.de/uu?cbfn=receive&t=1649926485 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1649926485&nut&uu=bc6bd79d27e44b79be2e9fb195ec1c32

Request Chain 170

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=d338f7c6-dbaa-4574-9b26-be0ee55a2d53&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 172

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=e9e4a4ea-d546-4eed-b679-2c3e495589a0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 175

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361&rdf=1 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 176

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=98b2d0f1-93d4-4870-9e72-3c5740fe2144&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 177

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2da90be3-9827-41bd-7fdc-df1aa4eae972&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2da90be3-9827-41bd-7fdc-df1aa4eae972&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=85228404113419344621438696045548191187&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 179

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7086380293892077710&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 181

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2da90be3-9827-41bd-7fdc-df1aa4eae972&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2da90be3-9827-41bd-7fdc-df1aa4eae972&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361&bounce=1&random=971380962 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=OqB87YXP6tlMJ3vJsn8/h.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 182

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361&cklb=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=

Request Chain 183

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2da90be3-9827-41bd-7fdc-df1aa4eae972?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2da90be3-9827-41bd-7fdc-df1aa4eae972?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 184

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-Npa4EFZE2oqb.9mGBwfxj8gqvqcb5_bm6A--~A&zpartnerid=570&env=mWeb

Request Chain 185

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=XPYYWYzWK40NOfJcuZm5qlo6raNgDcU5%2BS41iYitP1U%3D

Request Chain 189

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361&_test=YlfhVQAB4cKS-wAZ HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YlfhVQAB4cKS-wAZ&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361&_test=YlfhVQAB4cKS-wAZ

Request Chain 190

https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.973395f8-4465-431d-995c-a1e0a4d7a824&zdid=1361

Request Chain 191

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 192

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2da90be3-9827-41bd-7fdc-df1aa4eae972&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2da90be3-9827-41bd-7fdc-df1aa4eae972&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361&dcc=t

Request Chain 194

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9b223b4c-c9dc-4f6b-7330-162ee3103e76%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Request Chain 206

https://bbnaut.ibillboard.com/match/AdScale?partneruid=bc6bd79d27e44b79be2e9fb195ec1c32&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=101&tpuid=BBID-01-03246404859053940-16576632

Request Chain 209

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=434f6b2aca690432108d168fb109a9628c6645e5ec96356263684936b2cbad03&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlfhVfspoaPUSvI-cIL5UwAA%26204

Request Chain 212

https://track.adform.net/serving/cookie/match/?party=9&uid=1aa31b60f0e459c64d18bb71b235ad4cb2a964df4249ee3590b4601fda0d0d2b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=42&gdpr=0&tpuid=4376685925668799560

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=&google_gid=CAESEDpKAsaoFbEa4isY2EEQ4j4&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 215

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=4376685925668799560 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEMlx64FR9NW5YLLMD7NytfQ&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=

Request Chain 216

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=ee73141e4979662ca97f67e0ce46cab8ef6ed978b6f13fd038ed099c6cd1f168&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa3875a0-2868-47b7-9d33-862774629629&gdpr=0

Request Chain 217

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=e067c3e727f99c307861705478e8dc5659613c327016ed4af783a35474b250c9&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=4f8b1d1ef7465883646a1effb1936d100aa1bf10f31cdb86ab08f2d2ae97eef2&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?uid=4f8b1d1ef7465883646a1effb1936d100aa1bf10f31cdb86ab08f2d2ae97eef2&tpid=38&gdpr=0&tpuid=CAESEJp7ix-Gr3jYwYuBRcpPYxY&google_cver=1

Request Chain 219

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=75&tpuid=7899110617540344407&gdpr=0

Request Chain 220

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=fa177704a7929adc06b5c0d9ca6a3180ea2a066ee31b5915b9de1fd1eeca66d9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fjs&gdpr=0 HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=fa177704a7929adc06b5c0d9ca6a3180ea2a066ee31b5915b9de1fd1eeca66d9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/js?tpid=48&tpuid=2b83c3b813d627c127896f96bf16b7a2

Request Chain 225

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=

Request Chain 226

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1893958418449481925

Request Chain 227

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 228

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086380293892077710

Request Chain 229

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlfhVQAB4cKS-wAZ&gdpr=0&gdpr_consent=

Request Chain 230

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 231

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8ovWlsTZSxB9pOjsOwQ2KNmKxGY

Request Chain 232

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGTEVrN0VyOE1BQURoMFh2Z3RkQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 234

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 237

https://green.erne.co/pubmatic/cm HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznURgVQSaYRbWUTnW HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=5792449fe3eea995d279461b3c302c16&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DkODCF8PznURgVQSaYRbWUTnW HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznURgVQSaYRbWUTnW

Request Chain 238

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1649926488291 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=471554130 HTTP 302
https://sync.1rx.io/usersync/tradedesk/e9e4a4ea-d546-4eed-b679-2c3e495589a0 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0c2194e0-3d4d-4b5a-9961-8971a9818d0d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-0c2194e0-3d4d-4b5a-9961-8971a9818d0d-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0c2194e0-3d4d-4b5a-9961-8971a9818d0d-003

Request Chain 239

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4a317b4d-c12a-4f86-9a79-b87953d7f35e-tuct95166d8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rcyCsAimRRisweAN-Vm2Sg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 242

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cff66257-e157-4400-a076-bca0b9e3bb91

Request Chain 243

https://pixel.onaudience.com/?partner=214&mapped=ADCC82B0-08A6-4518-ACC1-E00DF959B64A HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7569cd9f31c68907/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=e9e4a4ea-d546-4eed-b679-2c3e495589a0&icm HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e51e07ab70cbbbcc3643cd310500172d&gdpr=0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=e69a5d80391467e4

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QURDQzgyQjAtMDhBNi00NTE4LUFDQzEtRTAwREY5NTlCNjRB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO5MU2dncRzIUJcvZZnIRgM&google_cver=1

Request Chain 247

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4376685925668799560

Request Chain 248

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e9e4a4ea-d546-4eed-b679-2c3e495589a0

Request Chain 249

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7899110617540344407&gdpr=0&gdpr_consent=

Request Chain 250

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=72o20rxpNt30bTHV7W4u1OxhNtH0bTXXvWHNIRF4

Request Chain 252

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4jJiG4NE2uV6PfRc_pcce2Zeph5JNOc-~A&gdpr=0&gdpr_consent=

Request Chain 253

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5596c982-906a-4c1f-8db7-a45985a85690&ssp=pubmatic&gdpr=0&gdpr_consent=

Request Chain 255

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2897285617857666245&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 256

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b7e701dc-edb6-41bc-839d-06d4545828d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 257

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7899110617540344407

Request Chain 259

https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a7daeb35-9adc-44d0-a355-c7186e7be9e2

Request Chain 261

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qoV0L7o61NEVfy5&gdpr=0&gdpr_consent=

Request Chain 263

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C9B5DBB8DCD74C3A8AAC91D9BA18C70E

Request Chain 265

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&addseg=11,34,40

Request Chain 266

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 268

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A HTTP 302
https://a.audrte.com/p

Request Chain 270

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8a336b65-bbd0-11ec-9e73-7926e53915dc&gdpr=0&gdpr_consent=

276 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dtkt.com.ua/
Redirect Chain

http://dtkt.com.ua/
https://dtkt.com.ua/

98 KB
17 KB

447ms
307ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtkt.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40-pl6-gentoo
Resource Hash: 48f93604ca99d133998e994a6866fcb375247096ec6f052441ed98b3c3628d7a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fbb37de2d745a01-MXP
content-encoding: br
content-type: text/html; charset=windows-1251
date: Thu, 14 Apr 2022 08:54:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrAA%2BZveAf3Ahp5zaLam1jTkY6qorTIVPPyxmv0qI4b%2FM0pOFHgQRc8Np8i%2B1pE3EzFD7sW3%2F43zgVzZmBsuTlSRbKeT1rPhtAnEMUL1gzfu%2Bxl8cZyBiboU3q2PhCbxXa4gadjJEhzBjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache-status: HIT
x-powered-by: PHP/5.6.40-pl6-gentoo

Redirect headers

CF-RAY: 6fbb37dbcf543761-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 14 Apr 2022 08:54:41 GMT
Expires: Thu, 14 Apr 2022 09:54:41 GMT
Location: https://dtkt.com.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfXVwDns57BYDeSjT5m7EyliMekEjP5cSCcsHmApoYNEKQWAw1g6VssgeMYA0qm1MgmKzpXkEYJLoEHhtYeNOG72qojqrsBSyedxaD0rot2pCOYC4kUm4621%2BVbUO9SI8QibO84nrRC1rw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 146ms
52ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6531827-1

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

500d593b78f161d79d95944bc465a36c92c52477e3c16b66f8110aac8dab8723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38364
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Apr 2022 08:54:42 GMT

GET
H2 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 265 KB
66 KB 206ms
77ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dtkt.com.ua/
Origin: https://dtkt.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 825514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66920
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-42587"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVX1WRHyb3bj%2BRtZNIcScJk7OVQ%2BFhy%2Ba3mkxMVBUhunvEifv562Qelrxtfr1PJFwFOYiaBVOEQaqBjsYw6qoZuIlX6CB9sFrCtWhCCJgFgrFhGSLf%2B2XfQfzFbA2Xkr4Yuuhs3yjbCw0auYIbN4c78m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fbb37e13d050f72-MXP
expires: Tue, 04 Apr 2023 08:54:42 GMT

GET
H2 200 auth.js Show response
cdn.dtkt.ua/fallback/ 16 KB
5 KB 268ms
126ms Script
application/javascript 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dtkt.ua/fallback/auth.js?20180905
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a47a318611034d2e424a5113485d2a4fca1eafd9bae600c45a17784781f591

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 11:43:11 GMT
server: cloudflare
etag: W/"5f3fb34f-3f3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbcPeoNdg1Dbo%2B8wu5R8ZHeh32eAbSkH08FP9CsnqWjLk2maS34B3WRBeK3RmuM0wQWCGXzDyVuKj0cEPVO3xBQNS5K%2BUZcr7QWEQVrBDcSA6CUw%2BO3VcNplFDg7FMj4f1euIcpBP0On"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fbb37e15c02d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Apr 2022 08:59:00 GMT

GET
H2 200 styles1.css
dtkt.com.ua/engine/ 6 KB
2 KB 316ms
315ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dtkt.com.ua/engine/styles1.css

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63a7e3a36685585fc2d3b5f1369caf1c74e913cb5f9a7d8d5bc253f13fa45a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Nov 2015 09:59:34 GMT
server: cloudflare
etag: W/"563c7a06-194e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbyiZ246R4UcqbyocSZFulktkGNQjyZIY94%2FttxUxb%2BP1MAkERswlkaC3EMXFbBDIXCO7mAsGVYhJir069V6d4OMFzlqc9ptMZyQwhp%2BpBue9n%2FfH24CF3Jc1OQl0%2BrjLsQiJAWLBQDQeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=1800; includeSubDomains
cf-ray: 6fbb37e07a9c5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 www.css
cdn.dtkt.ua/fallback/ 71 KB
14 KB 292ms
151ms Stylesheet
text/css 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dtkt.ua/fallback/www.css
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 414912e7a0f7d7710940ba4aa759b11a479ad5e73358795cca2ba091fe16bc9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 15:58:01 GMT
server: cloudflare
etag: W/"604a3e09-11af3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7q3olnFJqioy8Q20KhoeEc36bNJU63Ku7m5LEPRcKTZe18XVLDD8n6gTyHZHhJd2M78WyJ7EMqw41sNtiA%2FGjsGr4OwTMpa5WR2xJKBNskISauiTDEKKlEI6nFKqsJ3vVnWY%2BBiuDlTb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fbb37e15bfbd618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Apr 2022 08:59:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 145ms
49ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=uk

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e249bbaac36cd21e4443d04168c2d586fd2994cd2c2eb86ee7e5bcfc2fb08af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Thu, 14 Apr 2022 08:54:42 GMT

GET
H2 200 thematics-links.css
cdn.dtkt.ua/css/thematics-links/ 2 KB
1 KB 255ms
114ms Stylesheet
text/css 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dtkt.ua/css/thematics-links/thematics-links.css?v5
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 518eab235062c77af91aae15741d1a2e87af9fac42d02abcdfd34a1ab86ff897

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Jan 2020 07:41:56 GMT
server: cloudflare
etag: W/"5e27fcc4-957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZsOshR7kjO5JFo6AXN9Hj8wJawCTuhpR1VLLFWnvFmB99Jn48KXEwewTlJSH5DsMM6N%2FO78SzV1XEg1SgOqs8UX5%2FujYt9aoHancOPKIoyuL%2FomflzIG3QISvJl3zIIX56ELqT%2BWoXx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fbb37e15bfed618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Apr 2022 08:59:00 GMT

GET
H3 200 semin_1-40.png
dtkt.com.ua/images/ 1 KB
2 KB 140ms
140ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtkt.com.ua/images/semin_1-40.png

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f93bfd74e879bc8dfc0bb411a957bfc9027792801e859d33b1cc7439d15f9a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1110
last-modified: Tue, 08 May 2018 13:07:33 GMT
server: cloudflare
etag: "5af1a115-456"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7g3Jw4kbCIAqZ12dXVEXg%2Fyjo8iTFl317rNLDGp52mZ%2FZwjPi5C26XQnUEZ%2Fxevk3HXnz1obaPGmO8BFdadFYhDN%2FX10vykEe%2FCLNz5uHEO4mYzqEGXnfJAxksmAya16YBvTM%2F1LCmxhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fbb37e27e700f6e-MXP

GET
H2 200 all.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 125ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0b3547f78bcdb747bf017a5db979c3bd26b874a2d9a8b1f55eda361d30bd86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WNNRQW8M8UZu96UVL0aVuw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: x94Z076ah7X6Ukj+fjbmGMiWmIt56DOyuJAfSvqWyTeJRbmYxB41zPe9afTWAi23GMO+4R5coSYo20B1XWprQw==
x-fb-trip-id: 917726464
x-fb-content-md5: d4886f651ce739c3726b34c989477bc4
x-frame-options: DENY
date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ac4a1d83bb83de480def0c80f492ccb8"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Apr 2022 09:12:12 GMT

GET
H3 200 dk_gr_logo_160.jpg
dtkt.com.ua/engine/images/ 6 KB
7 KB 73ms
72ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtkt.com.ua/engine/images/dk_gr_logo_160.jpg

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af90bcfeb2a779884610c8f71a9d2c186497331d43f32f8ad3d1d0c9be5dff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6436
last-modified: Fri, 22 Apr 2011 06:48:04 GMT
server: cloudflare
etag: "4db124a4-1924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAfiyvmXRwoCYV3qOqYZUo9gPdYSk7iWhN1nxjo1jJ32k7LocrMloOSrnJ8POdRUZJYgLkAev8EB8RcgIcHUMLfDhsxN47QamhR1WydkU51ipk1OAn%2FXiAQJXy9t3X3I43%2Bt%2Bin%2BVNMe%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fbb37e27e720f6e-MXP

GET
H3 200 ukr2.png
dtkt.com.ua/engine/images/ 2 KB
2 KB 136ms
135ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtkt.com.ua/engine/images/ukr2.png

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0177c4c654375b658400c8b8eb80bb4d5f586adfada0a082571ddb1dd7583bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1841
last-modified: Fri, 13 Nov 2015 09:49:13 GMT
server: cloudflare
etag: "5645b219-731"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tT4T9d6wpfpFisBgTd8iJV2OYhG0SjosnUZ5u1HhlZ3wuZKxn61aWNT4cr%2FZmnFA%2BnJY0iwSygMnZiLNEx%2Fc5egLADLRKPi4Bb3a1GtsXx5oM0HGpze3HXP1vmDpRw0T9cE%2B2F9%2FNxp7gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fbb37e27e770f6e-MXP

GET
H3 200 rus1-1.png
dtkt.com.ua/engine/images/ 1 KB
2 KB 75ms
73ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtkt.com.ua/engine/images/rus1-1.png

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

209a921037cc5885918ba5dd2948a2dea4ffe1a3d347a2262678cad2063f6025

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1076
last-modified: Thu, 26 Nov 2015 14:55:09 GMT
server: cloudflare
etag: "56571d4d-434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDJkz6d5qp9CjZ%2FvwWIybkL56SybK5zbz3UBV3Cib4oXTqrpBCzsZAQ7w1EOcvIqFT8UR6c%2FizhpaB8dKqHialtgsbDNqO0P4jxdyv7%2B%2BsCgSvTrMy0H69145CLb7PPp%2BPb7dM4rPsGISA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fbb37e27e780f6e-MXP

GET
H3 200 pku.jpg
dtkt.com.ua/images/ukr_e1/dov_kb/ 10 KB
11 KB 76ms
74ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtkt.com.ua/images/ukr_e1/dov_kb/pku.jpg

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

682efb2cfe468fd28e130d9a61605363aa03d38f2dc75908357ef143543f4650

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10423
last-modified: Wed, 17 Apr 2019 09:16:50 GMT
server: cloudflare
etag: "5cb6ef02-28b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd9PmvNT6dB%2FWpGpOg2AT%2BNzeGdroNLqndgViS4q87n6jzre4NX55%2B0CtkBhAkKtbwVeb6I%2Fowwdcd89gE6UfbNEeZMxSMQIbfzfSAA32zKnCvno6e0R1un7s%2Byf3yjb%2B6Wj2hrTEK3gmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fbb37e27e790f6e-MXP

GET
H3 200 dfs_new_160.jpg
dtkt.com.ua/service/111/ 4 KB
5 KB 129ms
128ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtkt.com.ua/service/111/dfs_new_160.jpg

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

131052c01bdaa8f22f850f5138058f8d7a7b0098a3477a42490109f8d9c6e9fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4147
last-modified: Mon, 30 Nov 2015 13:26:17 GMT
server: cloudflare
etag: "565c4e79-1033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw72CkYYYE9hjH1UyMGWJxhp%2BF%2BRCeT%2FgKR%2BuPfdc21nF1hlAcyfEsZiYBf5EuBfGathXjM8DZLBGpB%2FqR%2FgRKic6Z2BfOz920ZD16fwFfLh24kmiGfo6jq11FYxK0145hjGSxT6K3bZrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fbb37e27e7c0f6e-MXP

GET
H3 200 eye_12x7.png
dtkt.com.ua/images/ 288 B
857 B 141ms
139ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtkt.com.ua/images/eye_12x7.png

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49cd8847319a2aedda8da3905f438fbe0396736b48f25d2537e92d5b9974aaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 288
last-modified: Tue, 08 Nov 2016 20:10:14 GMT
server: cloudflare
etag: "58223126-120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6tSWcs6iE5JS01pnSZhJIzG1g13FpY1CIDTEWM22a1ty0oZ8FKIqxVBUUqQv9XMgnAB7DjgJTSDzomUgtAfZBPxJX7wsjVxyQXoa5d2WH%2Fq7TA2gq0uRC8eoEeQMzw0tS1g7LhzKwYsLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fbb37e27e7e0f6e-MXP

GET
H/1.1 404
Not Found Cover.jpg
reader.dtkt.ua/Downloads/GC_Reader/dk-ua/%C2%AB%D0%94%D0%9A%C2%BB%20%E2%84%9609-10-2022/ 0
0 1873ms
342ms Image
text/html 94.130.152.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reader.dtkt.ua/Downloads/GC_Reader/dk-ua/%C2%AB%D0%94%D0%9A%C2%BB%20%E2%84%9609-10-2022/Cover.jpg
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 94.130.152.107 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.107.152.130.94.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 adsbyyottos.js Show response
cdn.yottos.com/ 107 KB
38 KB 421ms
186ms Script
application/x-javascript 212.113.34.153
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yottos.com/adsbyyottos.js

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.153 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.153.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

967d976a2761081b4e9fb2b5e529e050f487a3ed8529f4a32db963f83a5c6d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Mar 2020 16:06:54 GMT
server: nginx
etag: W/"5e778d1e-1aa4b"
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
expires: Sun, 24 Apr 2022 08:54:42 GMT
cache-control: max-age=864000, public
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H3 200 email-decode.min.js Show response
dtkt.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 67ms
67ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dtkt.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Apr 2022 12:32:17 GMT
server: cloudflare
etag: W/"62541fd1-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAIYh763ADvlGRjYMI%2FDzjMi7X2gZjFBOI%2BS6VGtUSCy%2BDTaEgYZVwkmFS6JdLoYVnWYT46btHRfiyYpuyvB%2FgpnYKR89L4qs6Qk0tZttEFbXblBMxYV4AkbnVjR%2Fwbdx5B%2BF0iac%2BDTsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fbb37e27e6d0f6e-MXP
vary: Accept-Encoding
expires: Sat, 16 Apr 2022 08:54:42 GMT

GET
H2 200 asyncjs.php Show response
advert.dtkt.ua/delivery/ 4 KB
2 KB 246ms
237ms Script
text/javascript 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://advert.dtkt.ua/delivery/asyncjs.php

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.28

Resource Hash

a9a3437fa125f5414e9c9170fe6629491055dc214251342c3bfde8fd720dba72

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expire: Thu, 14 Apr 2022 09:54:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgHX0zwdmvKEEPcWe3vCReyfCO%2BjhCcqYWnXV85Q9GZ5Ij6GNIbmg9HLu6dTydB6HJbd%2B4A1mCHt7Iacty7Um9%2BPj10iRLDNlM5T7ghhzQsROOcDF1bGT2DejfUN0YtimN1Ml86VnAjzpbgD"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6fbb37e28e4bd618-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Thu, 14 Apr 2022 08:54:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 137ms
40ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6531827-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4792
date: Thu, 14 Apr 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 14 Apr 2022 09:34:50 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 149ms
47ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a3582b5a4ef7295e5e3ca1afcfe1d479c5519cb8e48bbc88e6cb4ddccf9b42c4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:19 GMT
server: nginx
etag: W/"62547d93-2c101"
x-cached-since: 2022-04-14T08:51:36+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Mon, 11 Apr 2022 19:23:48 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
62 KB 117ms
67ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WH5HDRT

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8a3ea21b8776d548fab26fc696cfca840d3aff0647500455ad7cdeeff269bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63288
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Apr 2022 08:54:42 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 191ms
61ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 42524ce07f6ab05f27342edc02440b28590a7fe433adae3133a7e6bef2482e41

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 12:02:11 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11707
expires: Thu, 14 Apr 2022 20:54:42 GMT

GET
H3 200 Free.png
cdn.dtkt.ua/imgs/Icon/ 578 B
1 KB 303ms
146ms Image
image/webp 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dtkt.ua/imgs/Icon/Free.png
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/fallback/www.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47ce3b6e2a4e94d9cab0385b2e5c68dab89ecffec46d6fcee92174f0bc31c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/fallback/www.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1895
content-disposition: inline; filename="Free.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 578
last-modified: Wed, 22 Jan 2020 07:41:56 GMT
server: cloudflare
etag: "5e27fcc4-767"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2lXegCkux6CXeXf1naEnVRq8f%2BvbTrpT7wMr0H0I1HfeC%2BK6bSeflrlv%2BTsEMQSE00n4aidROe9dLxgo04rPir5HbRn6ZfgGDI3lr2ssIxcdaCR7QYZ5uyvITnQFk2mAUzFcUmyR%2BB5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 14 Apr 2022 08:59:01 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fbb37e38b9c0e1a-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 Sub_my.png
cdn.dtkt.ua/imgs/Icon/ 612 B
1 KB 294ms
137ms Image
image/webp 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dtkt.ua/imgs/Icon/Sub_my.png
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/fallback/www.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be0fa70a2115b3bbe43320c260c2460101473456eb7ab1d9df2351b2fac49516

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/fallback/www.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2033
content-disposition: inline; filename="Sub_my.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 612
last-modified: Wed, 22 Jan 2020 07:41:56 GMT
server: cloudflare
etag: "5e27fcc4-7f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k96hzo1aDTekjMKI%2BHSxagI7qcYWrBSShCkKbJgaJVoDv71sii2WAVJgW5nTX5XMoKB3ARsFfyXhB7lNG5UmH3odfwH7bJZlpluoLiVGDd9nPioDPeuWxD70PIf6H0V956uiKec23sKv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 14 Apr 2022 08:59:01 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fbb37e38b9f0e1a-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 Mail_my.png
cdn.dtkt.ua/imgs/Icon/ 456 B
1 KB 293ms
136ms Image
image/webp 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dtkt.ua/imgs/Icon/Mail_my.png
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/fallback/www.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f289b35c04665f9f6dd5453da9554f6426f966cad8735396fd6e5ea701023e76

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/fallback/www.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1849
content-disposition: inline; filename="Mail_my.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 456
last-modified: Wed, 22 Jan 2020 07:41:56 GMT
server: cloudflare
etag: "5e27fcc4-739"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yU7GYdaO%2FWTv8utJhiD%2FNoZWlrjF5TPI2S%2BpszmIGDxzjLGQv3USuFVevibT%2B6rRPJi5wc3ieK13iEbH04uJi13J80%2FFVv946Ahe0tm8wBCFNd0HSPnkc06m7tXT0M3wEJaKvqLeRYfY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 14 Apr 2022 08:59:01 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fbb37e38ba00e1a-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 Tel_my.png
cdn.dtkt.ua/imgs/Icon/ 394 B
1 KB 298ms
141ms Image
image/webp 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dtkt.ua/imgs/Icon/Tel_my.png
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/fallback/www.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48afbb721df1cef6c77aa54b55672fb0080005c3a7bc31dea6448b4b0d54500b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/fallback/www.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1759
content-disposition: inline; filename="Tel_my.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
last-modified: Wed, 22 Jan 2020 07:41:56 GMT
server: cloudflare
etag: "5e27fcc4-6df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2mREMD5IWbJszh1%2BdyccfekOcUlMpotn6F3N1zpbxTVSmYReNllrTY0KNQ20UkzZkEzoD52%2FlCcK41UN3Se0tlOTwpTOQYWlG%2FQp2SJRw5wTXZsK9apDaZwf3Q%2FEUCwo72uha9SQkut"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 14 Apr 2022 08:59:01 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fbb37e38b960e1a-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 close-ico.png
cdn.dtkt.ua/imgs/ 164 B
842 B 285ms
136ms Image
image/webp 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dtkt.ua/imgs/close-ico.png
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/fallback/www.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bbadae206231805610a0db481c67a10b454cedcbb9e77f5f65e54514b581c6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/fallback/www.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1094
content-disposition: inline; filename="close-ico.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 164
last-modified: Wed, 22 Jan 2020 07:41:56 GMT
server: cloudflare
etag: "5e27fcc4-446"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiR4UR37cThJbVfWiuD4OFvm94UZ%2FfgoPKO1A1rGggTZHp%2FWh1zEaExZd2i2lXr7BWBm3RuLB7TTW4oF0Tk68AMFOfTDr6oDxGvxKUUzL7o%2Fi9YQROFJ3MePrzdKGgTK9TXwHudYS3wn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 14 Apr 2022 08:59:02 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fbb37e38b9b0e1a-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 fontawesome-webfont.woff
cdn.dtkt.ua/fonts/ 82 KB
82 KB 261ms
118ms Font
application/font-woff 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dtkt.ua/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/fallback/www.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer: https://cdn.dtkt.ua/fallback/www.css
Origin: https://dtkt.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Jan 2020 07:41:56 GMT
server: cloudflare
etag: W/"5e27fcc4-14730"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7DZvw0gPMrcIxlo0JY5tWO88RpPbV2nxfbJW1gUpSMtXIbnHFbiuKxWur%2BAFwNC9aNqBsyexJ1R3s54TPEQmKZ%2FoZM6Hz%2Bp0t%2BMGoqUkruGlzZNgrxbc58hlcZVqztfF0fzxBfBAtYP"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: https://dtkt.com.ua
cache-control: max-age=1800
cf-ray: 6fbb37e36d7d374f-MXP
expires: Thu, 14 Apr 2022 08:59:02 GMT

GET
H3 200 all.js Show response
connect.facebook.net/ru_RU/ 290 KB
83 KB 89ms
45ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=1687befdeb853747fe7d631845096be0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d4d0b80efb81cf25d58ae5d741246df0ee080e915554fe48cfdaef50653e40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dtkt.com.ua/
Origin: https://dtkt.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LtvX5mKHoSDmX+gOBu/Guw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84514
x-fb-rlafr: 0
x-fb-debug: YCMrTRvsaEnvc3wcCUbwajV7IDcwU+zioK2TfT+wietKtNtnxEtXKg9MRP/CuUO5NjOaoajpw2N57o7R30Ur2g==
x-fb-content-md5: 98e6b505d314826cd4256a0597babee3
x-frame-options: DENY
date: Thu, 14 Apr 2022 08:54:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5c44db01fe7f1cfecafb7eef6e4837a9"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 14 Apr 2023 07:53:31 GMT

GET
H2 200 / Show response
m.mixadvert.com/show/ 4 KB
4 KB 161ms
51ms Script
application/javascript 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show/?id=3173&r=0.82749245108994

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

f07d492a1b8f29ab1cc8985b42d7b1f6986cdccadf89c631fdde01c71867fb62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
strict-transport-security: max-age=15768000, max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK /
c.bigmir.net/ 554 B
809 B 305ms
74ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bigmir.net/?s1412&t7&c1&d24&r1600
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: fb88234216df42e9a37527d95ea2fd45c1fe4583bf9e5f6f0a61c1837374a7e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:42 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 / Show response
informer.minfin.com.ua/ua/gen/nbu/ Frame B024 792 B
875 B 350ms
166ms Document
text/html 2606:4700:20::ac43:47c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://informer.minfin.com.ua/ua/gen/nbu/?color=green
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36727ee6955b1a1d93c684f82d0af25382c3eff7e4eb6b3b1063eb300df6139

Request headers

Referer: https://dtkt.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fbb37e46c965a31-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:54:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9E%2BjMhBciRskdM5xbDB0Vx3Ah4rqOBvKJv1o6t6UdZM6zj%2F1ojisiaqJhAEjLjVR%2Fix6LQvIulgsnJvRv6Q2u16XXZdG%2FQuwRo8%2Fs4mGUa2DPriwZJfLXwk9NyLW42%2BT6Y2BMQeMQxnwTnC%2BjoCHpN9FQK0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 ping Show response
my.dtkt.ua/auth/ 4 B
550 B 262ms
248ms XHR
application/json 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.dtkt.ua/auth/ping
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.17
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: */*
Referer: https://dtkt.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.17
access-control-allow-methods: GET, POST, PUT, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Fya%2BMvAmM%2FHSztkAAuZt%2BdioM9xsrm4LWOppjiACmowAzBRKorugTTtpgxLb7c2wzMB3Lr9CwzI13OJeDI3Wssax%2FLaQuV75xYh%2BEAhaInQNeNPwnHytUKBpIYppjwVnQe6jGNETtw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://dtkt.com.ua
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6fbb37e36f7fd618-MXP
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 83ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/fallback/auth.js?20180905

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: LPalWJRcDfphWvF2wmiFL34V6eSVBjbi+0WiWF4j2P/dHzes6iRkdNwrUWy0Q3X0fk42sCH+UOqob6Vfha8pxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Apr 2022 08:54:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ 393 KB
146 KB 141ms
50ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cc14d17a8efe72596d729a5aa9b9ba3700c666c820ae20158a7c39b4cb45aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dtkt.com.ua/
Origin: https://dtkt.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 19:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148295
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 04:02:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 19:31:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 102ms
54ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=41114784&t=pageview&_s=1&dl=https%3A%2F%2Fdtkt.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%94%D0%B5%D0%B1%D0%B5%D1%82-%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%3A%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2076253934&gjid=404357315&cid=1386648427.1649926482&tid=UA-6531827-1&_gid=12681292.1649926482&_r=1&gtm=2ou460&z=2044153138

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dtkt.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dtkt.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KSM8D51C85&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6531827-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04ab182091cf467697ed55e3a5781b63e9031de0b506b77776e4c63bddecb870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66878
x-xss-protection: 0
expires: Thu, 14 Apr 2022 08:54:42 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
442 B 131ms
35ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37846984-1&cid=1386648427.1649926482&jid=111855153&gjid=1361824127&_gid=12681292.1649926482&_u=aGDAiUABBAAAAG~&z=193749176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dtkt.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Apr 2022 08:54:42 GMT
content-type: text/plain
access-control-allow-origin: https://dtkt.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
46ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=41114784&t=pageview&_s=1&dl=https%3A%2F%2Fdtkt.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%94%D0%B5%D0%B1%D0%B5%D1%82-%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%3A%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiUABBAAAAC~&jid=111855153&gjid=1361824127&cid=1386648427.1649926482&tid=UA-37846984-1&_gid=12681292.1649926482&gtm=2wg460WH5HDRT&z=1936687497

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 14:20:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66866
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45306/ Frame D769 738 B
510 B 45ms
45ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/c.html?b=45306
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://dtkt.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Thu, 14 Apr 2022 08:54:42 GMT
etag: W/"62547da4-2e2"
expires: Wed, 12 Apr 2023 19:13:48 GMT
last-modified: Mon, 11 Apr 2022 19:12:36 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:48+00:00
x-id: fr5-up-gc32

GET
H2 200 376cef9bc739cb759b1b.b.js Show response
cdn.admixer.net/scripts3/45306/ 23 KB
8 KB 47ms
47ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/376cef9bc739cb759b1b.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:27 GMT
server: nginx
etag: W/"62547d9b-5d41"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:48+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:48 GMT

GET
H2 200 8fa10895f61293c9aa16.b.js Show response
cdn.admixer.net/scripts3/45306/ 75 KB
19 KB 51ms
51ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/8fa10895f61293c9aa16.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:33 GMT
server: nginx
etag: W/"62547da1-12a41"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:48+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:48 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 280 B
393 B 66ms
58ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=dtkt.com.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 7e8ffdcb5908cf231882578b14728ee3ce1b8b7855983f0495eb5f9cb3c2bf49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 280
expires: Sat, 14 May 2022 08:54:42 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame B751 5 KB
3 KB 187ms
56ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 36e1a53d84f5242d1fa84f99aa242fcf4ff00895ec8fec0b07881913df1b88c7

Request headers

Referer: https://dtkt.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 08:54:42 GMT
etag: PRIVATE7520710249
expires: Sat, 14 May 2022 08:54:42 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 1205548482793740 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 45ms
42ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1205548482793740?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5eac8c45f1b592203e24ceea193579c0793083998f68cc3a0d7ed26e84492b1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89142
x-xss-protection: 0
pragma: public
x-fb-debug: xQ6i6ynRMp8PfsuUlwMSoIVlwvqzndGs57zlqLm9i7qIkoKE+h2y3diTsAWEfrYPpEUPCSVq3cI+80tUMH5pug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Apr 2022 08:54:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KSM8D51C85&gtm=2oe460&_p=41114784&_z=ccd.JJB&cid=1386648427.1649926482&ul=en-us&sr=1600x1200&_s=1&sid=1649926482&sct=1&seg=0&dl=https%3A%2F%2Fdtkt.com.ua%2F&dt=%D0%94%D0%B5%D0%B1%D0%B5%D1%82-%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%3A%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KSM8D51C85&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dtkt.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 122ms
67ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37846984-1&cid=1386648427.1649926482&jid=111855153&_u=aGDAiUABBAAAAG~&z=15555253

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 155ms
65ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37846984-1&cid=1386648427.1649926482&jid=111855153&_u=aGDAiUABBAAAAG~&z=15555253

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1030895037252298 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 46ms
45ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1030895037252298?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a91bad7398ff2c7c4f3ba141b1c79c5ba58c6c7d88ce0799c6da7ab5cd15c418

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89144
x-xss-protection: 0
pragma: public
x-fb-debug: rFpUhfnWbZdZgrg54YHxaQUEpt6ocYwr4L0GuPfa7vsZaSUa/SlZSVL+3BqK/z/S2m8zJj1bSx/tZhSUZW+OGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Apr 2022 08:54:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 121ms
40ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1205548482793740&ev=PageView&dl=https%3A%2F%2Fdtkt.com.ua%2F&rl=&if=false&ts=1649926482696&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1649926482694.560730193&it=1649926482577&coo=false&exp=p1&rqm=GET

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 14 Apr 2022 08:54:42 GMT

GET
H3 200 Options.png
cdn.dtkt.ua/imgs/Icon/ 322 B
965 B 141ms
140ms Image
image/webp 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dtkt.ua/imgs/Icon/Options.png
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/fallback/www.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f841075b4374a1efcccfa649afcc8479a6eb58fc5cbdbfc18eaf3388ceb54b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/fallback/www.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1648
content-disposition: inline; filename="Options.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 322
last-modified: Wed, 22 Jan 2020 07:41:56 GMT
server: cloudflare
etag: "5e27fcc4-670"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jefQpXrsQgwznA7Yrw5OJiFh%2FsXvDOyCBMEQPXSCAdRcy2lTyVmFHUWRoUUYucVfD%2FUUhvWFifFAekWYC3d8vn1CAoMSnpEcQM2B9i1S%2F4xeCh27%2BL8V1LcGcegedgAPcFMrBcGpbP%2Fb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 14 Apr 2022 08:59:16 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fbb37e51e7c0e1a-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 b319ca30-f0dd-11e5-85a2-002590d75952.json Show response
cdn.yottos.com/block/ 53 B
388 B 305ms
101ms XHR
application/json 212.113.34.153
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yottos.com/block/b319ca30-f0dd-11e5-85a2-002590d75952.json

Requested by

Host: cdn.yottos.com
URL: https://cdn.yottos.com/adsbyyottos.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.153 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.153.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

e043c78c2bbac3fa81d30fa576ddca8fed360e29c8cf763396362cf00ea3194a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dtkt.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 12:16:27 GMT
server: nginx
etag: "5dd52e9b-35"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: *
expires: Thu, 14 Apr 2022 08:59:42 GMT
cache-control: max-age=300, private
accept-ranges: bytes
content-length: 53
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H3 200 reset.css
informer.minfin.com.ua/gen/s/ Frame B024 1 KB
1 KB 168ms
93ms Stylesheet
text/css 2606:4700:20::ac43:47c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://informer.minfin.com.ua/gen/s/reset.css?1.4
Requested by: Host: informer.minfin.com.ua
URL: https://informer.minfin.com.ua/ua/gen/nbu/?color=green
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f934b9dcb83e66d7d9d97961ff48c91e981f7d2277b35db090be6de194354fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://informer.minfin.com.ua/ua/gen/nbu/?color=green
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73
cf-polished: origSize=1658
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Apr 2022 10:13:12 GMT
server: cloudflare
etag: W/"6256a238-67a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmhNFH0HYZFKcG9lZcuqoHTNiGWI9mLuYYuqlr%2BZ4bzjhwuEDm000OENt%2FqFjFltuR2PgNnP5d9qmymYFDdYEgqze1NDti4RBKxEdfOLJHgT7hDlljSI0x%2FRDrqEduB1D4fpfIY11%2FjnpjN3%2BNNGH5U0ryQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 6fbb37e5e91fe8fb-MXP
expires: Thu, 14 Apr 2022 09:34:01 GMT

GET
H3 200 course.css
informer.minfin.com.ua/gen/s/ Frame B024 8 KB
3 KB 161ms
87ms Stylesheet
text/css 2606:4700:20::ac43:47c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://informer.minfin.com.ua/gen/s/course.css?1.4
Requested by: Host: informer.minfin.com.ua
URL: https://informer.minfin.com.ua/ua/gen/nbu/?color=green
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7f356101f19500f3aec6125f09474270ec51d0056af02afe1d80e1b2683a34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://informer.minfin.com.ua/ua/gen/nbu/?color=green
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73
cf-polished: origSize=8901
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Apr 2022 10:13:12 GMT
server: cloudflare
etag: W/"6256a238-22c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvmEUCEaMVOoA4p8ug6z5uQf8iEyIIXN0Ebv%2BUeEDl3SmDHjxXxJ2WGDr2QlkxBGQ2z41TTC50KJdXtyDoLeEixOqY4XCnF5STq%2Brp5Lgp%2B%2FQTjM%2FRbmXLbShBFXZ2KPX40gP047QiFmOGGsmhzV69xejTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 6fbb37e5e91be8fb-MXP
expires: Thu, 14 Apr 2022 09:34:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 46ms
40ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030895037252298&ev=PageView&dl=https%3A%2F%2Fdtkt.com.ua%2F&rl=&if=false&ts=1649926482773&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1649926482694.560730193&it=1649926482577&coo=false&exp=p1&rqm=GET

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 14 Apr 2022 08:54:42 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1649926482775/
Redirect Chain

https://gaua.hit.gemius.pl/_1649926482775/rexdot.js?l=100&id=dv2adocKY3xerqZevumxhvTGnO3FoIxrJnshzjbx6un.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdtkt.com.ua...
https://gaua.hit.gemius.pl/__/_1649926482775/rexdot.js?l=100&id=dv2adocKY3xerqZevumxhvTGnO3FoIxrJnshzjbx6un.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdtkt.com...

169 B
424 B

157ms
157ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1649926482775/rexdot.js?l=100&id=dv2adocKY3xerqZevumxhvTGnO3FoIxrJnshzjbx6un.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdtkt.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=224&lsdata=jwwX8ipfvwYQk.g7w_IRwKpO7ZoYChPKgehYlMcovpb.i7wIOxDCEt49qWdxvlL0M0LX07WzR2NPAR3OtnBGzlE6I6yO/_ADoHcQgbJ3SV/&fpdata=yga8tcqtRYvZgpzdfWjs5_JLxyqXrvt5qV9hRVMQ9ED.C7&vis=1&fpcap=
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b46d993352f3c090ba7f1b0239cd340850abd960ece7fd3985a2c70025412754

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:42 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 13 Apr 2022 08:54:42 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:42 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1649926482775/rexdot.js?l=100&id=dv2adocKY3xerqZevumxhvTGnO3FoIxrJnshzjbx6un.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdtkt.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=224&lsdata=jwwX8ipfvwYQk.g7w_IRwKpO7ZoYChPKgehYlMcovpb.i7wIOxDCEt49qWdxvlL0M0LX07WzR2NPAR3OtnBGzlE6I6yO/_ADoHcQgbJ3SV/&fpdata=yga8tcqtRYvZgpzdfWjs5_JLxyqXrvt5qV9hRVMQ9ED.C7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 13 Apr 2022 08:54:42 GMT

GET
H2 200 / Show response
m.mixadvert.com/show/load/ 102 B
283 B 58ms
57ms Script
text/html 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show/load/?id=3173&id_name=eSoHS&teaser_name=DfDQzfb&block_name=slBjyS&ban_teaser=&r=0.3326779070770949&host=dtkt.com.ua&ref=

Requested by

Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=3173&r=0.82749245108994

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

ce1cb5c09afd642eefd5b0827de207f54e807cedd3b5a814df9578f10e9dfcfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:42 GMT
content-encoding: gzip
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
strict-transport-security: max-age=15768000, max-age=15768000
content-type: text/html; charset=utf-8

POST
H2 200 pub Show response
rg.yottos.com/v2/ Frame 8BB8 2 KB
2 KB 305ms
103ms Document
text/html 212.113.34.136
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://rg.yottos.com/v2/pub?mod=20191116215720

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.136 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.136.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

c6ffc1740fff9924d0f21cf7d51954b2a75f4ae21f53a3926bda233a2b8c6289

Security Headers

Name	Value
Content-Security-Policy	img-src cdn.yottos.com .yottos.com 'self' data:; base-uri rg.yottos.com; script-src 'unsafe-inline' 'self' cdn.yottos.com .yottos.com 'nonce-a43b53dce7174d63884f56a4630fd2f1' rg.yottos.com; font-src 'none'; worker-src rg.yottos.com; style-src 'unsafe-inline'; object-src 'none'; frame-src rg.yottos.com *; manifest-src rg.yottos.com; default-src rg.yottos.com; connect-src rg.yottos.com; child-src rg.yottos.com; form-action rg.yottos.com; sandbox allow-scripts allow-same-origin allow-forms allow-popups allow-popups-to-escape-sandbox allow-top-navigation allow-top-navigation-by-user-activation; media-src 'none'; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://dtkt.com.ua
Referer: https://dtkt.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-headers: POST
access-control-allow-methods: GET POST
access-control-allow-origin: https//:rg.yottos.com
cache-control: max-age=3600
content-encoding: gzip
content-security-policy: img-src cdn.yottos.com *.yottos.com 'self' data:; base-uri rg.yottos.com; script-src 'unsafe-inline' 'self' cdn.yottos.com *.yottos.com 'nonce-a43b53dce7174d63884f56a4630fd2f1' rg.yottos.com; font-src 'none'; worker-src rg.yottos.com; style-src 'unsafe-inline'; object-src 'none'; frame-src rg.yottos.com *; manifest-src rg.yottos.com; default-src rg.yottos.com; connect-src rg.yottos.com; child-src rg.yottos.com; form-action rg.yottos.com; sandbox allow-scripts allow-same-origin allow-forms allow-popups allow-popups-to-escape-sandbox allow-top-navigation allow-top-navigation-by-user-activation; media-src 'none'; block-all-mixed-content
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 08:54:43 GMT
link: </v2/static/js/block.js?v=2.5.5>; as=script; rel=preload;
p3p: policyref="http://rg.yottos.com/w3c/p3p.xml", CP="CAO PSA OUR"
referrer-policy: unsafe-url
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: "noindex, nofollow"
x-xss-protection: 1; mode=block

GET
H2 200 block.js Show response
rg.yottos.com/v2/static/js/ Frame 8BB8 129 KB
44 KB 0ms
0ms Script
application/x-javascript 212.113.34.136
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://rg.yottos.com/v2/static/js/block.js?v=2.5.5

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.136 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.136.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

1f389bfb95afdc88edea435f0184553556a1dcf9d139d1141dab4adcb38939a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rg.yottos.com/v2/pub?mod=20191116215720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:43 GMT
content-encoding: gzip
referrer-policy: unsafe-url
content-type: application/x-javascript;charset=utf-8
last-modified: Sun, 29 Mar 2020 10:40:08 GMT
server: nginx
etag: W/"5e807b08-203a9"
vary: Accept-Encoding
p3p: policyref="http://rg.yottos.com/w3c/p3p.xml", CP="CAO PSA OUR"
x-xss-protection: 1; mode=block
cache-control: max-age=864000, public
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: "noindex, nofollow"
x-content-type-options: nosniff
expires: Sun, 24 Apr 2022 08:54:43 GMT

POST
H2 200 items Show response
rg.yottos.com/v2/ Frame 8BB8 14 KB
4 KB 107ms
107ms XHR
application/json 212.113.34.136
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://rg.yottos.com/v2/items

Requested by

Host: rg.yottos.com
URL: https://rg.yottos.com/v2/static/js/block.js?v=2.5.5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.136 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.136.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

14d357cfe39648a56dce9610eeb7a983ee88f23f6056df9712d41ae9f92f6f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://rg.yottos.com/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Apr 2022 08:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="http://rg.yottos.com/w3c/p3p.xml", CP="CAO PSA OUR"
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https//:rg.yottos.com
access-control-allow-credentials: true
accept-ch-lifetime: 31536000
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
x-robots-tag: "noindex, nofollow"
access-control-allow-headers: POST

POST
H2 200 logger.json Show response
rg.yottos.com/v2/ Frame 8BB8 16 B
607 B 97ms
97ms XHR
application/json 212.113.34.136
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://rg.yottos.com/v2/logger.json

Requested by

Host: rg.yottos.com
URL: https://rg.yottos.com/v2/static/js/block.js?v=2.5.5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.136 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.136.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

08e2c358ce13cb67f94ebb35b0f67c8763190a857c0db68da6eb196dfe9da46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://rg.yottos.com/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Apr 2022 08:54:43 GMT
referrer-policy: unsafe-url
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://rg.yottos.com/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin: https://rg.yottos.com
x-xss-protection: 1; mode=block
x-robots-tag: "noindex, nofollow"
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Content, X-Requested-With
content-length: 16
x-content-type-options: nosniff

GET
H2 200 c4a7a3fb92c84167914a256c6bfea74f.webp
cdn.yottos.com/img10/07/03/c4/ Frame 8BB8 9 KB
10 KB 96ms
95ms Image
image/webp 212.113.34.153
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yottos.com/img10/07/03/c4/c4a7a3fb92c84167914a256c6bfea74f.webp

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.153 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.153.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

0c5ab2d9f919fa3f6f9cc3b9e760d25f9a92841639e381ef1860f3cf037c5831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rg.yottos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2019 19:17:48 GMT
server: nginx
etag: W/"5d1cff5c-25bc"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 14 May 2022 08:54:43 GMT
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 d73e70b46f6d4cb79dc247597401ea8b.webp
cdn.yottos.com/img10/07/03/d7/ Frame 8BB8 5 KB
5 KB 95ms
95ms Image
image/webp 212.113.34.153
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yottos.com/img10/07/03/d7/d73e70b46f6d4cb79dc247597401ea8b.webp

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.153 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.153.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

0b27ba1fd6e92f0dca4750157117e5f070a3200f025ececc03dbe5d3eacf4529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rg.yottos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2019 19:17:48 GMT
server: nginx
etag: W/"5d1cff5c-13e4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 14 May 2022 08:54:43 GMT
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 f287ea9cf9914177bd6d5dfaee049f76.webp
cdn.yottos.com/img10/07/03/f2/ Frame 8BB8 8 KB
8 KB 95ms
94ms Image
image/webp 212.113.34.153
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yottos.com/img10/07/03/f2/f287ea9cf9914177bd6d5dfaee049f76.webp

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.113.34.153 Kyiv, Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

212.113.34.153.dc.ukrtelecom.ua

Software

nginx /

Resource Hash

65d83c3c0ae72e4ffbbbb4c27d56c13116b3f3238f6420aa1fc85532867e8017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rg.yottos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2019 19:18:12 GMT
server: nginx
etag: W/"5d1cff74-1fe0"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 14 May 2022 08:54:43 GMT
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H3 200 asyncspc.php Show response
advert.dtkt.ua/delivery/ 3 KB
2 KB 234ms
234ms XHR
application/json 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://advert.dtkt.ua/delivery/asyncspc.php?zones=9%7C22%7C64%7C6%7C33%7C51&prefix=revive-0-&loc=https%3A%2F%2Fdtkt.com.ua%2F

Requested by

Host: advert.dtkt.ua
URL: https://advert.dtkt.ua/delivery/asyncjs.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.28

Resource Hash

e18ca288f174f841f60a0fd860b0aa74ac090ad4e3f0b7cb946fd28b32bf42b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9fq0wXwssfU8WQhKQcAqro3QBUjgr9SrifJMBxkRGuVNtUQ%2F4%2Fgu%2BJvshNjXAJHPWMVyE5BVD1RIpcAExMlJp09YQ879sN6y4%2FwpILPE5rGKiZ02xh6sx3VYnp1Vs3gmQS7jQ1TnoaU4khq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://dtkt.com.ua
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6fbb37ee3eb90e1a-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H3 200 like_box.php Show response
www.facebook.com/plugins/ Frame 497C 48 KB
15 KB 144ms
100ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3db7de58aeb98%26domain%3Ddtkt.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdtkt.com.ua%252Ff3945ab741b4068%26relation%3Dparent.parent&container_width=0&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25B5%25D0%25B1%25D0%25B5%25D1%2582-%25D0%259A%25D1%2580%25D0%25B5%25D0%25B4%25D0%25B8%25D1%2582%2F241220009229564&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=240

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=1687befdeb853747fe7d631845096be0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb5d50af63efafce95b349311c24b0843d599cc11660bdc9691629bf4b8a3593

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dtkt.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 14 Apr 2022 08:54:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: Ljj5pwiEwjkw6EEKD2Jo+i2UohGYqT5wHUsS6f/HaoRwEzo8rfTXeHmTH8hjMUk5O1uWqQ7+QtTO+9xQrTf9OQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 60ms
41ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1205548482793740&ev=Microdata&dl=https%3A%2F%2Fdtkt.com.ua%2F&rl=&if=false&ts=1649926484199&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%94%D0%B5%D0%B1%D0%B5%D1%82-%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%3A%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%22%2C%22meta%3Adescription%22%3A%22%D0%92%D0%A1%D0%95%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%B8%D0%BD%D0%B8%D0%BC%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%2C%20%D1%8E%D1%80%D0%B8%D1%81%D1%82%D0%BE%D0%B2%2C%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D1%82%20%D1%80%D0%B5%D0%B4%D0%B0%D0%BA%D1%86%D0%B8%D0%B8%20%D0%94%D0%95%D0%91%D0%95%D0%A2%D0%90-%D0%9A%D0%A0%D0%95%D0%94%D0%98%D0%A2%D0%90.%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%D1%8B%2C%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%2C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D1%8B%2C%20%D0%B1%D0%BB%D0%B0%D0%BD%D0%BA%D0%B8%2C%20%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D0%B8%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1649926482694.560730193&it=1649926482577&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 42ms
42ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030895037252298&ev=Microdata&dl=https%3A%2F%2Fdtkt.com.ua%2F&rl=&if=false&ts=1649926484274&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%94%D0%B5%D0%B1%D0%B5%D1%82-%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%3A%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%22%2C%22meta%3Adescription%22%3A%22%D0%92%D0%A1%D0%95%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%B8%D0%BD%D0%B8%D0%BC%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%2C%20%D1%8E%D1%80%D0%B8%D1%81%D1%82%D0%BE%D0%B2%2C%20%D0%BA%D0%B0%D0%B4%D1%80%D0%BE%D0%B2%D0%B8%D0%BA%D0%BE%D0%B2.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D1%82%20%D1%80%D0%B5%D0%B4%D0%B0%D0%BA%D1%86%D0%B8%D0%B8%20%D0%94%D0%95%D0%91%D0%95%D0%A2%D0%90-%D0%9A%D0%A0%D0%95%D0%94%D0%98%D0%A2%D0%90.%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%D1%8B%2C%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%2C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D1%8B%2C%20%D0%B1%D0%BB%D0%B0%D0%BD%D0%BA%D0%B8%2C%20%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D0%B8%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1649926482694.560730193&it=1649926482577&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H2 200 62reFO8kBMH.css
static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/ Frame 497C 25 KB
6 KB 138ms
52ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/62reFO8kBMH.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3db7de58aeb98%26domain%3Ddtkt.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdtkt.com.ua%252Ff3945ab741b4068%26relation%3Dparent.parent&container_width=0&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25B5%25D0%25B1%25D0%25B5%25D1%2582-%25D0%259A%25D1%2580%25D0%25B5%25D0%25B4%25D0%25B8%25D1%2582%2F241220009229564&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d7283ead4dc0abe4fb28586c5e594ced5920b16a88b241e3474622fcc544344

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Fw7U6nzg4Fi25fDn2eJ6EA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5649
x-fb-rlafr: 0
x-fb-debug: iTHQ+x/I6fpdsP18RmRQTCLPjClP6CzmTzN0m9f4chiX4HKGxfyiA9FkaOq0wFTCuQkQdPWSE0oxToZWu/a2Zw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Apr 2023 16:00:49 GMT

GET
H2 200 FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 497C 2 KB
1 KB 138ms
52ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XpWPuiqLnlvq4xkatdITVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 831
x-fb-rlafr: 0
x-fb-debug: gMrGfDal72PjgFUus39n6cunvSWbdJbc+6/d5hSu7KQEE6GbEFV4exwLuI4KBk3X1525RKhrfv34xyP2SswuKw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Apr 2023 01:29:22 GMT

GET
H2 200 G8r8i5kwVU8.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame 497C 309 KB
83 KB 138ms
52ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/G8r8i5kwVU8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bed1b84f0dde9859ebdf7e7d52f2379ae6fe7522d3f520c7426ee3c6719bf7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aZDf8SjG340pL0l9fjOrVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84921
x-fb-rlafr: 0
x-fb-debug: WakrkRchYXJjtptR0DJOyehsyrRXQX6+egerBuGh1TILfghPgd8fUs3hsBtRUOCkgjvLjk9ud1JsTTPg5rM5zw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Apr 2023 01:42:52 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 497C 5 KB
2 KB 138ms
52ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: 3synv66PuS6slzikXZDmw4piRJJeX8zIH5sF4JtBftYt6gh8j9niwSJgIwbLymrv4cFuv/2qfHrgSaW6BJmh4g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Apr 2023 03:01:57 GMT

GET
H2 200 rXLgi9ZuKok.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 497C 42 KB
14 KB 138ms
53ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/rXLgi9ZuKok.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dec675ba819e7ed9d92ec945f343440cb43c3affec599a0c62cd7f3600fde9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZF3wVNCXcqKOH0R56SMfkw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 13710
x-fb-rlafr: 0
x-fb-debug: LpDNOLZVH8gPpQ3C5xKTTQ64cWCuBOdEDs5VSjBL+vhXx1ORnk8sL96vgAjsYt5SSUKl/QFIDinY6g0C1ieWew==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Apr 2023 01:31:29 GMT

GET
H2 200 WtgdcvUy5sP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame 497C 49 KB
15 KB 209ms
124ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/WtgdcvUy5sP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d340072fe4250b5ebc56564aa8ad911b942b0d6f8edd24b6e8c4e4ba76b1a185

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MiZzf7gMMKr8cLymb3HYaw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15511
x-fb-rlafr: 0
x-fb-debug: RTxNpx/473+qB1duLNAtb9R8rVAu47QIzmhAJyoeZ6XbrqyaAswNhg2YK/48XzwNuwP/5SvOG1qS7WrlbUarWg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 13 Apr 2023 01:20:19 GMT

GET
H2 200 SQdp1QIZvnh.js Show response
static.xx.fbcdn.net/rsrc.php/v3iI4w4/yZ/l/ru_RU/ Frame 497C 83 KB
23 KB 210ms
124ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iI4w4/yZ/l/ru_RU/SQdp1QIZvnh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a81944294bbb32db047a653cb60af5f5d423febf2cba58f9683a85e770f8e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cT+MlpG32KwzjASGSigIDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23186
x-fb-rlafr: 0
x-fb-debug: OrYDRJS/HhsW3vbVG0Kss09xNQJWgrHTG6zqn93+VhJ3uE3ZxACiXzZi1nfjzdppL+BxthBPChVRwS3AzDTMEQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 13 Apr 2023 01:25:18 GMT

GET
H2 200 17973857_1527392337278985_2889816775951932997_o.png
scontent.xx.fbcdn.net/v/t31.18172-8/ Frame 497C 58 KB
58 KB 41ms
41ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t31.18172-8/17973857_1527392337278985_2889816775951932997_o.png?stp=dst-png_p130x130&_nc_cat=111&ccb=1-5&_nc_sid=dd9801&_nc_ohc=zAWBxN-nhGwAX-FFjau&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AT8iy9_IRVPwPdLmkIbS9XeaY01T_XvVwUTU-e0q9i-Q4A&oe=627BEBD0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3db7de58aeb98%26domain%3Ddtkt.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdtkt.com.ua%252Ff3945ab741b4068%26relation%3Dparent.parent&container_width=0&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25B5%25D0%25B1%25D0%25B5%25D1%2582-%25D0%259A%25D1%2580%25D0%25B5%25D0%25B4%25D0%25B8%25D1%2582%2F241220009229564&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2acb61e7ba5ba150554d9f670457483df909d53ae32b3eca424e93cc94766e9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 1896901057
date: Thu, 14 Apr 2022 08:54:44 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 18 Apr 2017 03:55:39 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3068904570
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4285704562
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 59289

GET
H2 200 277756287_5341615999189914_6061883518624523732_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 497C 2 KB
2 KB 74ms
74ms Image
image/jpeg 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/277756287_5341615999189914_6061883518624523732_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=By6z-CqK72UAX-GNpms&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AT_10ABYAIM-P6aAENGqvPVohw4LCfOge26Rw3Du2K9FmA&oe=625DC238
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3db7de58aeb98%26domain%3Ddtkt.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdtkt.com.ua%252Ff3945ab741b4068%26relation%3Dparent.parent&container_width=0&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25B5%25D0%25B1%25D0%25B5%25D1%2582-%25D0%259A%25D1%2580%25D0%25B5%25D0%25B4%25D0%25B8%25D1%2582%2F241220009229564&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f6ce96a04d766c4eb5b7424ff1b027074a88ab695de9ef1765980c29e0c9bf7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 4250067772
date: Thu, 14 Apr 2022 08:54:44 GMT
x-fb-trip-id: 917726464
last-modified: Fri, 01 Apr 2022 22:02:02 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2437021122
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4256121489
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1564

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ Frame E1AE 176 KB
55 KB 55ms
55ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: advert.dtkt.ua
URL: https://advert.dtkt.ua/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f16a8a1d6ea64c7039171dbf0ac57fed93d7886f79079da09a27c63ead08ded0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:19 GMT
server: nginx
etag: W/"62547d93-2c101"
x-cached-since: 2022-04-14T08:51:36+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Mon, 11 Apr 2022 19:23:48 GMT

GET
H3 200 bannerext.js Show response
cdn.dtkt.ua/js/ 11 KB
3 KB 184ms
183ms Script
application/javascript 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dtkt.ua/js/bannerext.js
Requested by: Host: advert.dtkt.ua
URL: https://advert.dtkt.ua/delivery/asyncjs.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3043c14a72dbdba4aa4374f3525269f00e2e9375c4575e5c5a82f522f7bf452c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 May 2020 15:20:37 GMT
server: cloudflare
etag: W/"5ec54ac5-2dec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sgey1xrf04w7o3lO6pkvZ69mfxgGAS%2BW40l0nckBstczBCDX2Weidx5mdVVJTEHAMEEePZY9GtKgZRJTKvN7UpMkfuj%2B6rR%2F4jiuuerVVb2XI8XQNywMqGTIZrXj99QApOKeZylqqTwY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fbb37efc98d0e1a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Apr 2022 08:55:56 GMT

GET
H3 200 lg.php
advert.dtkt.ua/delivery/ 43 B
808 B 216ms
216ms Image
image/gif 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advert.dtkt.ua/delivery/lg.php?bannerid=0&campaignid=0&zoneid=9&source={obfs:}&loc=https%3A%2F%2Fdtkt.com.ua%2F&cb=1ce0b1f889

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.28

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DphzJwf97gEQXzBLOQBSGvvVE%2BeUl%2Flv%2Bzrr6AKxpVo3%2Fro%2FdS3qDEciTAWsCiQLSpDZCvXHdUGHorioV%2Bg8FHkHKo7ArFQ0t7XcRy4JC2wbSdVoYHLOnEqNJC9wdUhe1Re73XBZ3BUW6In"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6fbb37efc98f0e1a-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H3 200 c2e5bea62d312e0afe26f8ca21a1b6bd.gif
advert.dtkt.ua/images/ 15 KB
16 KB 96ms
95ms Image
image/gif 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advert.dtkt.ua/images/c2e5bea62d312e0afe26f8ca21a1b6bd.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b574f51c4bcabc21e74313519d2651acb3158d9ad4aba08d0d2d9d534165de

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5289
cf-polished: origSize=16644, status=webp_bigger
strict-transport-security: max-age=1800; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15587
last-modified: Tue, 21 May 2019 08:49:04 GMT
server: cloudflare
etag: "5ce3bb80-4104"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKGVeDB7eAw5JaTiXJxb1jsZxVZWyZ8L8bxwH%2B7t09qOakXWz157qm4nB7FzO8LrejLIRqozZSAx7rFJUHX0r8ppC0E%2F6UTG%2Fi1425EBVdA6jru8rZ9Cl6R5f%2B1dcAzES4mvFUoyY88E%2BkPb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
expires: Thu, 14 Apr 2022 17:20:26 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6fbb37efc9940e1a-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
cf-bgj: imgq:100,h2pri

GET
H3 200 lg.php
advert.dtkt.ua/delivery/ 43 B
802 B 218ms
217ms Image
image/gif 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advert.dtkt.ua/delivery/lg.php?bannerid=1028&campaignid=20&zoneid=22&source={obfs:}&loc=https%3A%2F%2Fdtkt.com.ua%2F&cb=81e2267b0a

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.28

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXI%2B98tcNADsPu5oaaCoCVjKz7pIwODPbdSz90kNNB63QmlDYL82ZyqsaMiVoZ9GNvZCi4kfQGfkq8a525TnSLt5fu5T7r47qUZt1X%2FhGP6NmhxINmsI0RZdSYEWEYXc0RqLWwlFVAOH5XMC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6fbb37efc9990e1a-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H3 200 lg.php
advert.dtkt.ua/delivery/ Frame E1AE 43 B
806 B 220ms
219ms Image
image/gif 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advert.dtkt.ua/delivery/lg.php?bannerid=737&campaignid=79&zoneid=64&source={obfs:}&loc=https%3A%2F%2Fdtkt.com.ua%2F&cb=0fff259f0a

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.28

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypeu%2F4d6zMjbEdgmq2cre%2FvQaFufMD%2FIR8W0ObQjullaEtSDHTd%2B4C%2F0iJFAJy1RRXMVUFC5Li94DYmrFi1CaO2S0UAwiHzXVGE3r8ajQgEyAkRjO3TN9pLO7IfeRW8e%2BiYM5bBpxsjCFu5q"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6fbb37efc9970e1a-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H3 200 lg.php
advert.dtkt.ua/delivery/ 43 B
803 B 216ms
215ms Image
image/gif 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advert.dtkt.ua/delivery/lg.php?bannerid=0&campaignid=0&zoneid=6&source={obfs:}&loc=https%3A%2F%2Fdtkt.com.ua%2F&cb=b88adde7ae

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.28

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoexcU27l%2FIWpusgu0cYh1iOXuFTF1qS5AQjAVPCENFYRcLazdRALVtg3XvzYhkfX5qK1A22JQRY9fi2VUAZHqA6DlxRiRY61KG%2F46ugkZyIBX2PC4M8ZqTwzongdc5JnBWXc8zPjOKsx1D%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6fbb37efc99a0e1a-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H3 200 lg.php
advert.dtkt.ua/delivery/ 43 B
806 B 169ms
168ms Image
image/gif 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advert.dtkt.ua/delivery/lg.php?bannerid=0&campaignid=0&zoneid=33&source={obfs:}&loc=https%3A%2F%2Fdtkt.com.ua%2F&cb=9ee2e2e40c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.28

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moYZSuAawl1U%2FP8B2HKK6xykNvjAvXBiZ9Cr2TQOTSvMYXnP4tTttlGRdcB%2Fguie%2B4m%2F81QRg31OB8AiE5iFH1tcrm%2FqkvfBtw9LPhwK1t3%2BTwWNLLp7vY1DGV1GTohcPlK3zkiEGWpcqHHT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6fbb37efc99d0e1a-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H3 200 lg.php
advert.dtkt.ua/delivery/ 43 B
808 B 225ms
224ms Image
image/gif 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advert.dtkt.ua/delivery/lg.php?bannerid=1296&campaignid=515&zoneid=51&source={obfs:}&loc=https%3A%2F%2Fdtkt.com.ua%2F&cb=ba280918de

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.28

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=1800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PoMlX3iv4Nrq1687DGLBaNr7f7bFpA498UvR%2BWBh8TnpzDVKVFskoUpPzXKqKovYegwCAzOf6ZNY%2Fj3XhcR3%2BPhCLFr4Onp1FELIjemNDVIZC%2BbuywWst58ak%2BUlwrx%2BYcTu0Z1lfGupz4V"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6fbb37efc99e0e1a-MXP
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45306/ Frame 57C0 738 B
396 B 43ms
42ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/c.html?b=45306
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://dtkt.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Thu, 14 Apr 2022 08:54:44 GMT
etag: W/"62547da4-2e2"
expires: Wed, 12 Apr 2023 19:13:48 GMT
last-modified: Mon, 11 Apr 2022 19:12:36 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:48+00:00
x-id: fr5-up-gc32

GET
H2 200 376cef9bc739cb759b1b.b.js Show response
cdn.admixer.net/scripts3/45306/ Frame E1AE 23 KB
8 KB 44ms
44ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/376cef9bc739cb759b1b.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:27 GMT
server: nginx
etag: W/"62547d9b-5d41"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:48+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:48 GMT

GET
H2 200 8fa10895f61293c9aa16.b.js Show response
cdn.admixer.net/scripts3/45306/ Frame E1AE 75 KB
19 KB 48ms
48ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/8fa10895f61293c9aa16.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:33 GMT
server: nginx
etag: W/"62547da1-12a41"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:48+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:48 GMT

GET
H3 200 SQZZiMWhOLh.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 497C 767 B
819 B 41ms
40ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/SQZZiMWhOLh.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/62reFO8kBMH.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/62reFO8kBMH.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
x-content-type-options: nosniff
content-md5: 7Ob9foDk+QbAEt4lrnDs0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 767
x-fb-rlafr: 0
x-fb-debug: sWUHsmwBzjJ8NDJI9kA9oHOb/RRE1ByUwYruVeLzJTpTzHPLt3XH3DZKV/X1n+uKyQYvuCqcw3GTGzVrUdm97g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 08 Apr 2023 14:41:58 GMT

GET
H3 200 XSIH0SWqDEY.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 497C 21 KB
7 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/XSIH0SWqDEY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/G8r8i5kwVU8.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c8ee67c6c8104fb420447f3d36a1217e0753259119e6b0f65b11d62b40d634e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AwtG79Bq83OcuHbXxj5SPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7058
x-fb-rlafr: 0
x-fb-debug: znfcg+JAMeBlE2Iv2u+XJ9fdDg8Uwv6ts7bK+JcpMASHKjYFd0LIDhCo3kLXVpELvNSsEW9grLDIaqTirY1sSg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Apr 2023 01:19:19 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ Frame E1AE 9 KB
3 KB 139ms
45ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4462673057920059&cpv=7b88beea-fec6-85ee-f85f-26fab4c5ef64&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2288544d30-b675-a9c2-702a-709cf1fca46f%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fdtkt.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22f1701ce1-5665-d0ad-737f-f1a87c922eb3%22%2C%22tagid%22%3A%227723ab34-95a4-4a33-8fb1-2c53ad93a2b3%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_async_180187745%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3Anull%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

8e32052e0e9da12d3839762d28077b1907e86cec62e2c7a46787a4553ab796e7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:44 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 3070
X-Xss-Protection: 0

GET
H3 200 style.css
cdn.dtkt.ua/banners/312/ 2 KB
1 KB 154ms
153ms Stylesheet
text/css 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dtkt.ua/banners/312/style.css?time=1649926484625
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5f793897d99013d7d6813abde015f298b36d97f8075d3d4fa775e4882102c5e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 10 Apr 2022 08:09:17 GMT
server: cloudflare
etag: W/"625290ad-8fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ivw1NTPJg10EDLPk5OCmMVl98xRgIspiOK21bKqkRIegfN6Y752N3qs78C%2BtI%2BexPFWGVU9J5PM4zLYFJI3nJls%2BvfiOdodMvFPXVrpZfnz4FL3Icn5BhC01Mhk8u8VjFibZS73Fc5N"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fbb37f12bdd0e1a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Apr 2022 09:04:44 GMT

GET
H3 200 index.html Show response
cdn.dtkt.ua/banners/312/ 235 B
703 B 240ms
239ms XHR
text/html 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dtkt.ua/banners/312/index.html?time=1649926484626
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03dd5dd39b82c6c4923e539fa57614d30b0a8860773d499876502f94604981b2

Request headers

Accept: text/html, */*; q=0.01
Referer: https://dtkt.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 10 Apr 2022 17:11:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BA2gCekCmtZTOcV254KfKfNSYIaICSTsgyoG2pp7%2Fqt%2BqQ7VyboBTWdMtsCmBDzn6ANpSRBZNfbBbufhZirmopusPcSK3G5njQaLtQPSSO%2Bmh2MwCyGpgUd8MqderqmNTSl4k0AFSzu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://dtkt.com.ua
cache-control: max-age=600
cf-ray: 6fbb37f11a59374f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Apr 2022 09:04:44 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/45306/ Frame E1AE 28 KB
11 KB 45ms
44ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:38 GMT
server: nginx
etag: W/"62547da6-702f"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:49+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:49 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/45306/ Frame E1AE 42 KB
18 KB 48ms
47ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:40 GMT
server: nginx
etag: W/"62547da8-a793"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:49+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:49 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/45306/ Frame E1AE 13 KB
5 KB 51ms
49ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:32 GMT
server: nginx
etag: W/"62547da0-326c"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:49+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:49 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/45306/ Frame E1AE 11 KB
4 KB 49ms
48ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:31 GMT
server: nginx
etag: W/"62547d9f-2a79"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:49+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:49 GMT

GET
H2 200 362b590febf83073189a.b.js Show response
cdn.admixer.net/scripts3/45306/ Frame E1AE 215 KB
74 KB 54ms
53ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45306/362b590febf83073189a.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 14 Apr 2022 08:54:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 19:12:27 GMT
server: nginx
etag: W/"62547d9b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-04-11T19:13:49+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 12 Apr 2023 19:13:49 GMT

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame B13F 3 KB
1 KB 130ms
29ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=707176
Requested by: Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4462673057920059&cpv=7b88beea-fec6-85ee-f85f-26fab4c5ef64&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2288544d30-b675-a9c2-702a-709cf1fca46f%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fdtkt.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22f1701ce1-5665-d0ad-737f-f1a87c922eb3%22%2C%22tagid%22%3A%227723ab34-95a4-4a33-8fb1-2c53ad93a2b3%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_async_180187745%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3Anull%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 5f4d8cd6ec3353c00a3e343dbae313e70f6d8319e8c1b5ead45ceab8ca5cc65b

Request headers

Referer: https://dtkt.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dtkt.com.ua
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1189
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Apr 2022 08:54:44 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/ Frame E1AE
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bafd6f86-d349-5168-bd55-5903df02b857

43 B
463 B

42ms
41ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bafd6f86-d349-5168-bd55-5903df02b857

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bafd6f86-d349-5168-bd55-5903df02b857
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/ Frame E1AE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YlfhVfspoaPUSvI_cIL5UAAAASsAAAAB

43 B
463 B

42ms
42ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YlfhVfspoaPUSvI_cIL5UAAAASsAAAAB

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YlfhVfspoaPUSvI_cIL5UAAAASsAAAAB
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 304
Expires: Thu, 14 Apr 2022 08:54:45 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame E1AE 0
277 B 146ms
43ms Image
text/plain 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Apr 2022 08:54:44 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

pic.gif
pa.tns-ua.com/bug/ Frame E1AE
Redirect Chain

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=421bc1ba6b2c4bc092dd9d7d40fd936e
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z55AB2E0CC8B4249A69BDA48C29EC5A3&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=421bc1ba6b2c4bc092dd9d7d40fd936e

56 B
174 B

77ms
76ms

Image
image/gif

194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z55AB2E0CC8B4249A69BDA48C29EC5A3&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=421bc1ba6b2c4bc092dd9d7d40fd936e
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.13.0
content-type: image/gif
expires: -1

Redirect headers

location: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z55AB2E0CC8B4249A69BDA48C29EC5A3&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=421bc1ba6b2c4bc092dd9d7d40fd936e
date: Thu, 14 Apr 2022 08:54:44 GMT
cache-control: no-cache
server: nginx/1.13.0
content-length: 0
expires: -1

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/ Frame E1AE
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=952d5049-4887-4481-bba5-77647ee1927a

43 B
463 B

42ms
41ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=952d5049-4887-4481-bba5-77647ee1927a

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:44 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=952d5049-4887-4481-bba5-77647ee1927a
date: Thu, 14 Apr 2022 08:54:44 GMT
cache-control: no-store no-transform
server: nginx
content-length: 190
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK 1px-matching-go2net.gif
m.trafmag.com/images/ Frame E1AE 35 B
351 B 277ms
72ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=421bc1ba6b2c4bc092dd9d7d40fd936e
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:44 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2

200

admixer
exchange.buzzoola.com/cookiesync/ssp/ Frame E1AE
Redirect Chain

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=421bc1ba6b2c4bc092dd9d7d40fd936e
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=421bc1ba6b2c4bc092dd9d7d40fd936e

43 B
130 B

50ms
49ms

Image
image/gif

138.201.34.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=421bc1ba6b2c4bc092dd9d7d40fd936e
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Server: 138.201.34.238 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.34.201.138.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=421bc1ba6b2c4bc092dd9d7d40fd936e
date: Thu, 14 Apr 2022 08:54:44 GMT
server: nginx
etag: W/"1c138ae3cfd1b43d69e30cba2a3b68cf31f5a81f49b3f76714b31e5b5d36d14d"
content-length: 122
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/ Frame E1AE
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=421bc1ba6b2c4bc092dd9d7d40fd936e&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=421bc1ba6b2c4bc092dd9d7d40fd936e&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer
https://x.bidswitch.net/sync?dsp_id=70&user_id=4376685925668799560&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=5596c982-906a-4c1f-8db7-a45985a85690&gdpr=&consent=&gdpr_pd=

43 B
463 B

43ms
43ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=5596c982-906a-4c1f-8db7-a45985a85690&gdpr=&consent=&gdpr_pd=

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=5596c982-906a-4c1f-8db7-a45985a85690&gdpr=&consent=&gdpr_pd=
Date: Thu, 14 Apr 2022 08:54:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cm-notify
creativecdn.com/ Frame E1AE
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

61ms
61ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:44 GMT, Thu, 14 Apr 2022 08:54:44 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Thu, 14 Apr 2022 08:54:44 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/ Frame E1AE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58613/occ
https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-YVF3WENE2uEi4t2G7rdzCqWpAXdlrIPI1IJ_ZOs-~A

43 B
463 B

72ms
42ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-YVF3WENE2uEi4t2G7rdzCqWpAXdlrIPI1IJ_ZOs-~A

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-YVF3WENE2uEi4t2G7rdzCqWpAXdlrIPI1IJ_ZOs-~A
date: Thu, 14 Apr 2022 08:54:44 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ Frame E1AE 35 B
351 B 200ms
68ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=421bc1ba6b2c4bc092dd9d7d40fd936e
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:44 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 144ms
53ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:700&display=swap&subset=cyrillic

Requested by

Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/banners/312/style.css?time=1649926484625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a87e2b08ae66d738296b6a83d29c2030cace70dbcd11c2035045996e95cee6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 08:46:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Apr 2022 08:54:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Apr 2022 08:54:44 GMT

GET
H/1.1 200
OK 751885ad-d0f8-434d-a03c-d0571762fe5e.gif
content.admixer.net/test1/5f91aca0-ed77-4325-a1d9-441b141ba658/ Frame 2EDE 53 KB
53 KB 396ms
151ms Image
image/gif 31.28.167.114
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/5f91aca0-ed77-4325-a1d9-441b141ba658/751885ad-d0f8-434d-a03c-d0571762fe5e.gif
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.28.167.114 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 167-114.admixercdn-s2.cc.colocall.com
Software: nginx /
Resource Hash: 200800a667d61152026c8c800ad63b5d75b8dd84729e5f2affc8a2b6036c96be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 14 Apr 2017 13:18:38 GMT
Server: nginx
ETag: "58f0cc2e-d22b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53803
Expires: Sat, 15 Apr 2023 08:54:45 GMT

GET
H2 200 aa.js
cdn.adm.admixer.com/s/adm/ Frame E1AE 909 B
909 B 401ms
122ms Image
application/javascript 52.22.9.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adm.admixer.com/s/adm/aa.js?cb=[cachebuster]
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.9.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-9-187.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Apr 2022 08:54:45 GMT
server: nginx/1.18.0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 909
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame E1AE 0
0 30ms
29ms Image
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adtelligent.com/sync.html?aid=707176
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ Frame E1AE 43 B
300 B 60ms
42ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=421bc1ba6b2c4bc092dd9d7d40fd936e&zone=7723AB34-95A4-4A33-8FB1-2C53AD93A2B3&device=28&rule=919E5F10-06FD-4180-9C3E-4E61D149358F&requestId=359ab05e-729e-45fe-ac92-884e77abf023&hp=-1982904217&page=dtkt.com.ua%2F&ts=637855232847265746&ap=MA%3D%3D&asign=1337394055&sync=98%2C80%2C96%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=F14421AD-4FE4-4055-B9CF-41887C1571F9&inst=ADS-EU-6&pxl=0&pvid=5e6048d4-48c2-418c-8755-19969d9f367c&ip=217.138.196.102&item=5F91ACA0-ED77-4325-A1D9-441B141BA658&crid=5F91ACA0-ED77-4325-A1D9-441B141BA658&size=240x350&profile=919E5F10-06FD-4180-9C3E-4E61D149358F&isopt=0&adv=test&dsp=Local&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fsubscribe.dtkt.ua%2F&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame DF4D
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

2 KB
1 KB

38ms
37ms

Document
text/html

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef524ae03bc1bdf1083e0bc6d285ccb88f7ede20021b2dc713958d3d9db873f0

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 14 Apr 2022 08:54:45 GMT
expires: Thu, 14 Apr 2022 08:54:45 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-742

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Thu, 14 Apr 2022 08:54:45 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-742

GET
H2 204 d
ic.tynt.com/r/ Frame 68E6 0
0 500ms
114ms Document
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Thu, 14 Apr 2022 08:54:45 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame AE99
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b1f21b03-d2e6-4493-a73e-36bcbf07ee9a

0
407 B

476ms
104ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b1f21b03-d2e6-4493-a73e-36bcbf07ee9a
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:45 GMT
Etag: 6a58d30bc630dcaf
Server: VertaMedia 1.0

Redirect headers

content-length: 0
date: Thu, 14 Apr 2022 08:54:45 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b1f21b03-d2e6-4493-a73e-36bcbf07ee9a
server: _

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 4736 2 KB
814 B 130ms
42ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame ACFA 2 KB
1 KB 180ms
30ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9dfd0180e3524cbb3d4ad1c1e05dc2d71d5c0738ca4a62e030cb5deef7bf55f7

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 898
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 49C2 2 KB
1 KB 30ms
29ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6afb93bcc848a56418d301ad7bfa8d46dd988771d0c1f926b1674e9205c51663

Request headers

Referer: https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 953
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Apr 2022 08:54:44 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 76F1 15 KB
6 KB 171ms
53ms Document
text/html 92.122.147.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-28.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145457
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:54:45 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 16 Apr 2022 01:19:02 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame B13F 0
277 B 43ms
43ms Image
text/plain 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Apr 2022 08:54:44 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B13F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7899110617540344407

0
390 B

469ms
104ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7899110617540344407
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:45 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6a6d39a3-7cab-4780-a995-fbf28bfea0f1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7899110617540344407
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B13F
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e478e986-c08e-450d-8139-97733516a30c

0
407 B

690ms
103ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e478e986-c08e-450d-8139-97733516a30c
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e478e986-c08e-450d-8139-97733516a30c
date: Thu, 14 Apr 2022 08:54:44 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B13F
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=cd7876d8-598c-45c9-9c73-cd8341488050

0
407 B

583ms
104ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=cd7876d8-598c-45c9-9c73-cd8341488050
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:44 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=cd7876d8-598c-45c9-9c73-cd8341488050
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 6i3m4o6qu4938n946f3pnhpqgcpatbpm

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B13F
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=aa1ef2c2-b99a-4e6d-84c1-cf4e9069c95d

0
407 B

528ms
104ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=aa1ef2c2-b99a-4e6d-84c1-cf4e9069c95d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=aa1ef2c2-b99a-4e6d-84c1-cf4e9069c95d
date: Thu, 14 Apr 2022 08:54:45 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B13F
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=421bc1ba6b2c4bc092dd9d7d40fd936e

0
403 B

151ms
103ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=421bc1ba6b2c4bc092dd9d7d40fd936e
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 0

Redirect headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=421bc1ba6b2c4bc092dd9d7d40fd936e
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H3 200 base.jpg
cdn.dtkt.ua/banners/312/ 56 KB
57 KB 82ms
82ms Image
image/webp 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dtkt.ua/banners/312/base.jpg
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/banners/312/style.css?time=1649926484625
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83d1fb56f65f0ed3808397868ba127f54323bba4d84484b96b9c0527eaed8909

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/banners/312/style.css?time=1649926484625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173
cf-polished: origFmt=jpeg, origSize=192080
content-disposition: inline; filename="base.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57216
last-modified: Sun, 10 Apr 2022 08:07:55 GMT
server: cloudflare
etag: "6252905b-2ee50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAo%2FQXUbtVXcoJO00nHdfSkYBG%2FyfKxwbOFvuqtXn%2BXBqQ4LAWzMQ3DDX%2FHCwQI97kCZkhGp9yVoGrEifq%2BGP4SDyh2yahKKKvboAGu4PwQTqDGcc6YZqkv8IxFsJ0WlXKd3fxZW4XwS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 14 Apr 2022 08:58:07 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fbb37f31f840e1a-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 close.png
cdn.dtkt.ua/banners/ 228 B
868 B 160ms
159ms Image
image/webp 2606:4700:20::681a:adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dtkt.ua/banners/close.png
Requested by: Host: cdn.dtkt.ua
URL: https://cdn.dtkt.ua/banners/312/style.css?time=1649926484625
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49f81fd9d550973f42df3a0642eef9c0440c992430fa093e4811d4019fa732c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.dtkt.ua/banners/312/style.css?time=1649926484625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173
cf-polished: origFmt=png, origSize=330
content-disposition: inline; filename="close.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 228
last-modified: Wed, 22 Jan 2020 07:39:54 GMT
server: cloudflare
etag: "5e27fc4a-14a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMk7005nc2Wt70PST%2Fq2cDEtAonb6f4wjbG1CbFm%2Ff6tBSd60spC1FtjcIHQ2gcYBTErS5fY%2FYa2vcFyQQwB2mEoV0393FVhhktWcEY3%2Byojhxqi1arJZV0MD99dwc6sQQwyEwDic3cl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 14 Apr 2022 08:53:27 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fbb37f31f870e1a-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 12 KB
13 KB 131ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7567ab4fbd2c87002df2af4eb0199cc67f27b6c53135c6928ee893173f3a48f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dtkt.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 18:48:51 GMT
x-content-type-options: nosniff
age: 137154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12776
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Apr 2023 18:48:51 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w9aXpsog.woff2
fonts.gstatic.com/s/montserrat/v23/ 7 KB
8 KB 128ms
51ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w9aXpsog.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387f8490e8e63ca9900eab97eb753fd572e038e5f4c3d3d57ae008eebcb2a3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dtkt.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 08:42:02 GMT
x-content-type-options: nosniff
age: 173563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7608
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Apr 2023 08:42:02 GMT

GET
H/1.1

200
OK

csync Show response
sync.spotim.market/ Frame FA9B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID
https://sync.spotim.market/csync?t=a&ep=323548&extuid=6819468111060809687

0
386 B

711ms
104ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.spotim.market/csync?t=a&ep=323548&extuid=6819468111060809687
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:45 GMT
Etag: 6a58d30bc630dcaf
Server: VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid: dff5906f-2a7d-4143-9053-a812db8a2d71
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Apr 2022 08:54:45 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.spotim.market/csync?t=a&ep=323548&extuid=6819468111060809687
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F4AE 15 KB
6 KB 131ms
57ms Document
text/html 92.122.147.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-28.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145457
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:54:45 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 16 Apr 2022 01:19:02 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 23C6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
https://eus.rubiconproject.com/usync.html?p=17184-d

281 B
554 B

141ms
45ms

Document
text/html

104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Apr 2022 08:54:45 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 14 Apr 2022 08:54:45 GMT
location: https://eus.rubiconproject.com/usync.html?p=17184-d
server: AkamaiGHost

GET
H/1.1

200
OK

csync
sync.spotim.market/ Frame 49C2
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D&ox_sc=1
https://sync.spotim.market/csync?t=a&ep=482928&extuid=

43 B
321 B

688ms
103ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:44 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.spotim.market/csync?t=a&ep=482928&extuid=
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: o4g38ho18m7tv5n66kava4krpd60kj2v

GET
H/1.1

200
OK

csync
sync.spotim.market/ Frame 49C2
Redirect Chain

https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0

43 B
321 B

322ms
103ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:45 GMT
Content-Type: text/html; charset=utf-8
Location: https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 96
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 49C2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YlfhVfspoaPUSvI-cIL5UwAA%26204

0
399 B

422ms
103ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YlfhVfspoaPUSvI-cIL5UwAA%26204
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YlfhVfspoaPUSvI-cIL5UwAA%26204
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 278
Expires: Thu, 14 Apr 2022 08:54:45 GMT

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 49C2 43 B
323 B 622ms
104ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 6a58d30bc630dcaf
Content-Length: 43
Content-Type: image/gif

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame DF4D 0
191 B 117ms
41ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D6fed9948ec3e5e7c
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 prebid
rtb.openx.net/sync/ Frame DF4D 43 B
64 B 32ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D6fed9948ec3e5e7c%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: lhcaa09t88lqs891coukitmmusp7a84g

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame DF4D 5 KB
2 KB 624ms
122ms Script
text/plain 54.236.81.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-81-149.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 017bb5516d2b2924a44b687a45ec1aa9cac43aca2379033b62d5bf02a65ce7e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1683

GET
H2 200 lotame.js Show response
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame DF4D 266 B
416 B 117ms
35ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 16:18:03 GMT
server: openresty
etag: W/"5fb69abb-10a"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 13 Apr 2027 08:54:45 GMT

GET
H2

200

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame DF4D
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D6fed9948ec3e5e7c
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F

95 B
222 B

46ms
46ms

Image
image/png

168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

Redirect headers

location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date: Thu, 14 Apr 2022 08:54:45 GMT
server: nginx/1.14.2
content-type: text/html; charset=UTF-8

GET
H2

200

um
u-ams02.e-planning.net/ Frame DF4D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D6fed9948ec3e5e7c%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=6fed9948ec3e5e7c&uid=6819468111060809687

42 B
104 B

117ms
37ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=6fed9948ec3e5e7c&uid=6819468111060809687
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:45 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f674f3aa-1c1b-4f49-9c7f-9edf823164b9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=6fed9948ec3e5e7c&uid=6819468111060809687
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0FD5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

131ms
44ms

Document
text/html

104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Apr 2022 08:54:45 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 14 Apr 2022 08:54:45 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DFCB 15 KB
6 KB 56ms
53ms Document
text/html 92.122.147.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-28.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145457
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:54:45 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 16 Apr 2022 01:19:02 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 8090 1 KB
987 B 172ms
55ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Thu, 14 Apr 2022 08:54:45 GMT
etag: W/"61ddbb71-5f5"
expires: Sun, 10 Jan 2027 17:30:12 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-rand: 58.812
x-cf-tsc: 1641922213
x-cf1: 29080:dA.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame AC2E 2 KB
814 B 43ms
42ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 0183 7 KB
2 KB 242ms
109ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65221dc2cf79cb9b22d90113d64c27443305fed07e447462ca9bc60f8bcc8f75

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 6fbb37f4ef033743-MXP
content-encoding: br
content-type: text/html
date: Thu, 14 Apr 2022 08:54:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 76F1 0
39 B 268ms
29ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89299121&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
content-length: 0

GET
H2 200 pbsync.html Show response
js.adscale.de/ Frame 22D1 3 KB
2 KB 173ms
46ms Document
text/html 2600:9000:224a:1400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 5044
cache-control: max-age=7200
content-encoding: br
content-type: text/html
date: Thu, 14 Apr 2022 07:30:42 GMT
etag: W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified: Mon, 11 Apr 2022 23:30:40 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
x-amz-cf-id: CWDTmU_fNF-A_7S0ePj3AwGsVdq-habzk16FV3ONWletBvGEo3PqUg==
x-amz-cf-pop: DUS51-P1
x-amz-version-id: 1pIl8WaTVDX0mnOmPL.2zeLKmlI5KBDl
x-cache: Hit from cloudfront

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame 3972 0
397 B 761ms
103ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:45 GMT
Etag: c03329ce8939116e
Server: VertaMedia 1.0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F863 15 KB
6 KB 55ms
54ms Document
text/html 92.122.147.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-28.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145457
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:54:45 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 16 Apr 2022 01:19:02 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 cookie Show response
cm.adform.net/ Frame 70F9 43 B
106 B 185ms
73ms Document
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Thu, 14 Apr 2022 08:54:45 GMT
server: nginx

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame 49F9 0
397 B 758ms
104ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:45 GMT
Etag: c03329ce8939116e
Server: VertaMedia 1.0

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame EA72 0
397 B 758ms
105ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:45 GMT
Etag: c03329ce8939116e
Server: VertaMedia 1.0

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 1DD2
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G9ZFvjnGFuTr7hoPpche&pi=admatic

0
407 B

692ms
104ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G9ZFvjnGFuTr7hoPpche&pi=admatic
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:45 GMT
Etag: c03329ce8939116e
Server: VertaMedia 1.0

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 14 Apr 2022 08:54:45 GMT Thu, 14 Apr 2022 08:54:45 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G9ZFvjnGFuTr7hoPpche&pi=admatic
pragma: no-cache

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame ACFA 0
397 B 759ms
104ms Image
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: c03329ce8939116e
Content-Length: 0

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame ACFA 0
397 B 759ms
105ms Image
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: c03329ce8939116e
Content-Length: 0

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame ACFA 43 B
331 B 863ms
103ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?redir=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: c03329ce8939116e
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 23C6 32 KB
10 KB 45ms
44ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8558f0065e6626134905a7421f31a12c4ae038e1a4adef70c1752489ef6cdb2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16580
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9542
Expires: Thu, 14 Apr 2022 13:31:05 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0FD5 32 KB
10 KB 44ms
44ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8558f0065e6626134905a7421f31a12c4ae038e1a4adef70c1752489ef6cdb2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16580
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9542
Expires: Thu, 14 Apr 2022 13:31:05 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 23C6 284 B
536 B 183ms
44ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H2

200

uu Show response
ih.adscale.de/ Frame 22D1
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1649926485
https://ih.adscale.de/uu?cbfn=receive&t=1649926485&nut&uu=bc6bd79d27e44b79be2e9fb195ec1c32

44 B
213 B

79ms
79ms

Script
text/javascript

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1649926485&nut&uu=bc6bd79d27e44b79be2e9fb195ec1c32
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9038186cd9e9e689d1403fd4bebedffd2263d1f21187389e2fe5f5a574959e0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1649926485&nut&uu=bc6bd79d27e44b79be2e9fb195ec1c32
date: Thu, 14 Apr 2022 08:54:45 GMT
content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0FD5 284 B
536 B 174ms
44ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 0183 0
0 35ms
34ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0183 170 B
502 B 180ms
63ms Image
image/png 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=d338f7c6-dbaa-4574-9b26-be0ee55a2d53&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b...

95 B
154 B

88ms
88ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=d338f7c6-dbaa-4574-9b26-be0ee55a2d53&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f69b2a3743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=d338f7c6-dbaa-4574-9b26-be0ee55a2d53&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 0183 0
331 B 157ms
50ms Image
text/plain 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90be3-9827-41bd-7fdc-df1aa4eae972%26reqId%3D9...
https://mwzeom.zeotap.com/mw?cid=e9e4a4ea-d546-4eed-b679-2c3e495589a0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b...

95 B
154 B

102ms
102ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=e9e4a4ea-d546-4eed-b679-2c3e495589a0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f6cbbe3743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=e9e4a4ea-d546-4eed-b679-2c3e495589a0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 0183 0
163 B 252ms
97ms Image
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 26
date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649926486.550192,VS0,VE26
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-mxp6962-MXP

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 0183 0
411 B 702ms
106ms Image
text/html 2600:1f18:6593:f602:96e:5500:bf36:df5c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f602:96e:5500:bf36:df5c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:46 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b...

95 B
182 B

103ms
96ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f61a0d3743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
date: Thu, 14 Apr 2022 08:54:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=136...
https://mwzeom.zeotap.com/mw?cid=98b2d0f1-93d4-4870-9e72-3c5740fe2144&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
154 B

128ms
127ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=98b2d0f1-93d4-4870-9e72-3c5740fe2144&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f79e593743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=98b2d0f1-93d4-4870-9e72-3c5740fe2144&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2da90be3-9827-41bd-7fdc-df1aa4eae972&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2da90be3-9827-41bd-7fdc-df1aa4eae972&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=85228404113419344621438696045548191187&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-...

95 B
154 B

100ms
100ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=85228404113419344621438696045548191187&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f74cc83743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v031-08d815db4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 6j09mkAiQQg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=85228404113419344621438696045548191187&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 0183 0
324 B 136ms
44ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7086380293892077710&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-...

95 B
154 B

104ms
104ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7086380293892077710&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f77dae3743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7086380293892077710&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame 0183 95 B
427 B 38ms
38ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2da90be3-9827-41bd-7fdc-df1aa4eae972

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2da90be3-9827-41bd-7fdc-df1aa4eae972&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2da90be3-9827-41bd-7fdc-df1aa4eae972&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=OqB87YXP6tlMJ3vJsn8/h.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f...

95 B
154 B

116ms
116ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=OqB87YXP6tlMJ3vJsn8/h.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f7deac3743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
last-modified: Thu, 14 Apr 2022 08:54:45 GMT
server: nginx/1.18.0
location: https://mwzeom.zeotap.com/mw?webouuid=OqB87YXP6tlMJ3vJsn8/h.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc...
https://mwzeom.zeotap.com/mw?cid=

95 B
154 B

141ms
141ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f7eefb3743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=
pragma: no-cache
date: Thu, 14 Apr 2022 08:54:44 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2da90be3-9827-41bd-7fdc-df1aa4eae972?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2da90be3-9827-41bd-7fdc-df1aa4eae972?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

95 B
154 B

118ms
118ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f7ded63743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
expires: 0
cache-control: no-cache
x-server: 10.45.28.49
content-length: 0
x-consent: absent

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-Npa4EFZE2oqb.9mGBwfxj8gqvqcb5_bm6A--~A&zpartnerid=570&env=mWeb

95 B
154 B

91ms
90ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-Npa4EFZE2oqb.9mGBwfxj8gqvqcb5_bm6A--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f80f1e3743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-Npa4EFZE2oqb.9mGBwfxj8gqvqcb5_bm6A--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=XPYYWYzWK40NOfJcuZm5qlo6raNgDcU5%2BS41iYitP1U%3D

95 B
154 B

90ms
90ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=XPYYWYzWK40NOfJcuZm5qlo6raNgDcU5%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f84fa83743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=XPYYWYzWK40NOfJcuZm5qlo6raNgDcU5%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 0183 43 B
324 B 105ms
42ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=2da90be3-9827-41bd-7fdc-df1aa4eae972&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 0183 0
338 B 162ms
45ms Image
text/plain 52.208.185.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-185-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1649926485
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 0183 95 B
360 B 47ms
46ms Image
image/png 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=2da90be3-9827-41bd-7fdc-df1aa4eae972&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YlfhVQAB4cKS-wAZ&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162...

95 B
177 B

90ms
89ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YlfhVQAB4cKS-wAZ&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361&_test=YlfhVQAB4cKS-wAZ
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f96a553743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649926486.948206,VS0,VE0
x-served-by: cache-lcy19220-LCY
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YlfhVQAB4cKS-wAZ&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361&_test=YlfhVQAB4cKS-wAZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9...
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.973395f8-4465-431d-995c-a1e0a4d7a824&zdid=1361

95 B
154 B

95ms
95ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.973395f8-4465-431d-995c-a1e0a4d7a824&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f96a533743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:45 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
location: https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.973395f8-4465-431d-995c-a1e0a4d7a824&zdid=1361
cache-control: must-revalidate, no-store, no-cache
content-length: 0
x-amz-cf-id: Uw5X9LnKH8iqelzfEX7ifvzFiCFMRU22GOlmOqs6od7DXD-8M2z1VA==
expires: -1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0183
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee310...

0
337 B

46ms
46ms

Image
text/plain

52.208.185.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-185-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:46 GMT
cache-control: private, no-cache, no-store
x-request-time: D=85 t=1649926486
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
date: Thu, 14 Apr 2022 08:54:46 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a013-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 0183
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2da90be3-9827-41bd-7fdc-df1aa4eae972&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fd...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2da90be3-9827-41bd-7fdc-df1aa4eae972&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fd...

43 B
645 B

51ms
51ms

Image
image/gif

52.94.220.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2da90be3-9827-41bd-7fdc-df1aa4eae972&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NGQGTZJYE9CKHAFMKQ5F
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G5ZZ4Y8DD24BQRX9RXKY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2da90be3-9827-41bd-7fdc-df1aa4eae972&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Bad Request 87734
tags.bluekai.com/site/ Frame 0183 0
225 B 308ms
199ms Image
text/plain 104.89.42.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=2da90be3-9827-41bd-7fdc-df1aa4eae972&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.42.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-42-102.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:46 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0183
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2da90...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361

95 B
154 B

87ms
87ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6fbb37f99ace3743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361
date: Thu, 14 Apr 2022 08:54:45 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 200
OK 751885ad-d0f8-434d-a03c-d0571762fe5e.gif
content.admixer.net/test1/5f91aca0-ed77-4325-a1d9-441b141ba658/ Frame 2EDE 53 KB
53 KB 77ms
77ms Image
image/gif 31.28.167.114
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/5f91aca0-ed77-4325-a1d9-441b141ba658/751885ad-d0f8-434d-a03c-d0571762fe5e.gif
Requested by: Host: dtkt.com.ua
URL: https://dtkt.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.28.167.114 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 167-114.admixercdn-s2.cc.colocall.com
Software: nginx /
Resource Hash: 200800a667d61152026c8c800ad63b5d75b8dd84729e5f2affc8a2b6036c96be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 14 Apr 2017 13:18:38 GMT
Server: nginx
ETag: "58f0cc2e-d22b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53803
Expires: Sat, 15 Apr 2023 08:54:45 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 23C6 0
239 B 178ms
42ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0FD5 0
239 B 383ms
46ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2 200 userconnect.js Show response
js.adscale.de/ Frame 22D1 11 KB
4 KB 47ms
46ms Script
application/javascript 2600:9000:224a:1400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 06Ya1L8LMIS7FH2RSSsppJ4X7ceUNMc4
content-encoding: br
last-modified: Mon, 11 Apr 2022 23:30:40 GMT
server: AmazonS3
age: 5044
etag: W/"988fbfb6c270a6080f89deb043243858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Thu, 14 Apr 2022 07:30:42 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Q11v3cQv0pXZ9o9eT3F4ihE_oOHKiE9Aoja2jHhdG_avvt5oVomTlg==

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 22D1 0
419 B 462ms
103ms Image
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=bc6bd79d27e44b79be2e9fb195ec1c32
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: VertaMedia 1.0
Etag: 002716657369bf43
Content-Length: 0

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame 22D1 149 B
224 B 41ms
40ms Script
application/javascript 18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1649926485595&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
content-length: 149
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 8E14 3 KB
3 KB 43ms
43ms Document
text/html 18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3133414574403fc3deb767b83a75b88d635aee9fbd27f2f675729ce6107d2745

Request headers

Referer: https://js.adscale.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 2604
content-type: text/html;charset=ISO-8859-1
date: Thu, 14 Apr 2022 08:54:45 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame 8E14 4 KB
2 KB 47ms
46ms Script
application/javascript 2600:9000:224a:1400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SU5WannzpVRoLR2fGfiKEqsZul08uXNT
content-encoding: br
last-modified: Mon, 11 Apr 2022 23:30:40 GMT
server: AmazonS3
age: 5044
etag: W/"ff7cce9128150bd82f1a709c03692e3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Thu, 14 Apr 2022 07:30:42 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 8BAnlP_L8JqCaHJcZ2Fbe36Yly7xA5CUSmHug9j0BBhGeK7Rxdy6AA==

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/15238/ Frame DF4D 38 KB
11 KB 155ms
50ms Script
application/json 18.66.248.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-77.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 03:55:20 GMT
content-encoding: gzip
etag: W/"2b2f816f40499d384e118ce88a266e02"
last-modified: Thu, 02 Jul 2020 15:35:12 GMT
server: AmazonS3
age: 17966
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ebkmMMZl3eQ2aLGawvyp_SGeShpBG-08uHfWe1SFfzh2P-0WsFmUPQ==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 548D 636 B
577 B 40ms
39ms Document
text/html 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=157680000
content-encoding: gzip
content-type: text/html
date: Thu, 14 Apr 2022 08:54:45 GMT
etag: W/"601b131c-27c"
expires: Tue, 13 Apr 2027 08:54:45 GMT
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
server: openresty

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 223A 0
387 B 103ms
103ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKzFHzNjIzQSzRaA
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:45 GMT
Etag: 6a58d30bc630dcaf
Server: VertaMedia 1.0

GET
H2

200

img
ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/ Frame 8E14
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=bc6bd79d27e44b79be2e9fb195ec1c32&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=101&tpuid=BBID-01-03246404859053940-16576632

49 B
463 B

59ms
59ms

Image
image/gif

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=101&tpuid=BBID-01-03246404859053940-16576632
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:45 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
Transfer-Encoding: chunked
p3p: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=101&tpuid=BBID-01-03246404859053940-16576632
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ Frame 548D 0
535 B 200ms
62ms Script
text/plain 51.158.28.83
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1649926485772

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-83.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx/1.11.3
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ Frame E1AE 43 B
300 B 43ms
42ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:45 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8E14
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=434f6b2aca690432108d168fb...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlfhVfspoaPUSvI-cIL5UwAA%26204

49 B
554 B

41ms
41ms

Image
image/gif

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlfhVfspoaPUSvI-cIL5UwAA%26204
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:46 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlfhVfspoaPUSvI-cIL5UwAA%26204
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Thu, 14 Apr 2022 08:54:46 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ Frame E1AE 0
220 B 41ms
41ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=7723ab34-95a4-4a33-8fb1-2c53ad93a2b3

Requested by

Host: dtkt.com.ua
URL: https://dtkt.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dtkt.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Apr 2022 08:54:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame DF4D 2 KB
904 B 126ms
125ms XHR
text/plain 54.236.81.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?arlocation=217.138.196.102&p=M1353665098&artime=2022-04-14T08:54:46.254Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-81-149.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 65e55deb3f0eb3e62e7a862d1e054773ef852ba04e28d5d27ad4f806ed8358d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:46 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://ads.us.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 287

GET
H2

200

img
ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/ Frame 8E14
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=1aa31b60f0e459c64d18bb71b235ad4cb2a964df4249ee3590b4601fda0d0d2b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aa...
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=42&gdpr=0&tpuid=4376685925668799560

49 B
566 B

43ms
43ms

Image
image/gif

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=42&gdpr=0&tpuid=4376685925668799560
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:46 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:46 GMT
server: nginx
location: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=42&gdpr=0&tpuid=4376685925668799560
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200

p
a.audrte.com/ Frame DF4D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=&google_tc=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=&google_gid=CAESEDpKAsaoFbEa4isY2EEQ4j4&google_cver=1
https://a.audrte.com/p

68 B
617 B

247ms
123ms

Image
image/png

54.236.81.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-81-149.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:46 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 14 Apr 2022 08:54:46 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame DF4D 1 KB
1 KB 174ms
41ms Image
text/plain 3.127.178.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.127.178.105 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:46 GMT
Content-Length: 1241
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame DF4D
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=4376685925668799560
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEMlx64FR9NW5YLLMD7NytfQ&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=

0
344 B

44ms
44ms

Image
text/plain

3.127.178.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 3.127.178.105 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:46 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Thu, 14 Apr 2022 08:54:46 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=75gGhrjQdgzQ-KZTeaJ-VfZgQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8E14
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa3875a0-2868-47b7-9d33-862774629629&gdpr=0

49 B
588 B

44ms
44ms

Image
image/gif

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa3875a0-2868-47b7-9d33-862774629629&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:46 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:46 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa3875a0-2868-47b7-9d33-862774629629&gdpr=0
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1675733
content-length: 0
expires: Thu, 14 Apr 2022 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8E14
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=e067c3e727f99c3078617054...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=

49 B
610 B

49ms
49ms

Image
image/gif

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Thu, 14 Apr 2022 08:54:47 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x54 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 14 Apr 2022 08:54:46 GMT

GET
H2

200

img
ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/ Frame 8E14
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=4f8b1d1ef7465883646a1effb1936d100aa1bf10f31cdb86ab08f2d2ae97eef2&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40...
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?uid=4f8b1d1ef7465883646a1effb1936d100aa1bf10f31cdb86ab08f2d2ae97eef2&tpid=38&gdpr=0&tpuid=CAESEJp7ix-Gr3jYwYuBRcpPYxY...

49 B
629 B

57ms
56ms

Image
image/gif

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?uid=4f8b1d1ef7465883646a1effb1936d100aa1bf10f31cdb86ab08f2d2ae97eef2&tpid=38&gdpr=0&tpuid=CAESEJp7ix-Gr3jYwYuBRcpPYxY&google_cver=1
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?uid=4f8b1d1ef7465883646a1effb1936d100aa1bf10f31cdb86ab08f2d2ae97eef2&tpid=38&gdpr=0&tpuid=CAESEJp7ix-Gr3jYwYuBRcpPYxY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 424
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/ Frame 8E14
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d486ebf34aaddbf7b1e7a%2F1649926485665%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=75&tpuid=7899110617540344407&gdpr=0

49 B
638 B

51ms
50ms

Image
image/gif

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=75&tpuid=7899110617540344407&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:47 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 865.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 806b47c9-5f20-44f9-b241-1a885e6539f8
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/img?tpid=75&tpuid=7899110617540344407&gdpr=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

js Show response
ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/ Frame 8E14
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=fa177704a7929adc06b5c0d9ca6a3180ea2a066ee31b5915b9de1fd1eeca66d9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d48...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=fa177704a7929adc06b5c0d9ca6a3180ea2a066ee31b5915b9de1fd1eeca66d9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fd40ab6553b2d48...
https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/js?tpid=48&tpuid=2b83c3b813d627c127896f96bf16b7a2

44 B
584 B

46ms
46ms

Script
text/javascript

18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/js?tpid=48&tpuid=2b83c3b813d627c127896f96bf16b7a2
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ba76fec9e5758d44eb8e999590202f4ecd2040eb34ee35e85e9118548c82c513

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:47 GMT
p3p: CP=NOI PSA OUR
content-length: 44
content-type: text/javascript

Redirect headers

Date: Thu, 14 Apr 2022 08:54:47 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ih.adscale.de/sium/d40ab6553b2d486ebf34aaddbf7b1e7a/1649926485665/0/js?tpid=48&tpuid=2b83c3b813d627c127896f96bf16b7a2
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 147

POST
H2 200 sium
ih.adscale.de/ Frame 8E14 0
0 42ms
42ms Fetch
application/json 18.158.238.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Thu, 14 Apr 2022 08:54:47 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F4AE 5 KB
6 KB 30ms
29ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74534493&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 7e5c4d423c47742dfc8c0f793956e140e42d9cf76b0d70e83c07993e2b201518

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DFCB 2 KB
2 KB 29ms
29ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86849103&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fc24de194d41a2de34db00c4a84219356b8aac453a962815ed62e76b4bc177e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2014
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame E180 35 B
468 B 52ms
51ms Document
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Thu, 14 Apr 2022 08:54:48 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B578
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=

42 B
340 B

184ms
36ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug021:0:370

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 14 Apr 2022 08:54:48 GMT
Expires: Thu, 14 Apr 2022 08:54:47 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4335 2c68c00 master ord-pixel-x57 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cff66257-e157-4400-a076-bca0b9e3bb91&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DA70
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1893958418449481925

42 B
519 B

1006ms
167ms

Document
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1893958418449481925
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 02:12:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug017:0:401

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1893958418449481925
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AA02
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
111 B

264ms
37ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug017:0:469

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 08:54:47 GMT
expires: Thu, 14 Apr 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1341358
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3F7D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086380293892077710

42 B
522 B

258ms
34ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086380293892077710
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug020:0:371

Redirect headers

Connection: keep-alive
Date: Thu, 14 Apr 2022 08:54:48 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086380293892077710
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F125
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlfhVQAB4cKS-wAZ&gdpr=0&gdpr_consent=

1 B
237 B

268ms
36ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlfhVQAB4cKS-wAZ&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug029:0:447

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 14 Apr 2022 08:54:48 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlfhVQAB4cKS-wAZ&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-lcy19220-LCY
x-timer: S1649926488.198022,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3758
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
107 B

253ms
35ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug013:2:251

Redirect headers

content-length: 0
date: Thu, 14 Apr 2022 08:54:48 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EFB7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8ovWlsTZSxB9pOjsOwQ2KNmKxGY

42 B
219 B

33ms
33ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8ovWlsTZSxB9pOjsOwQ2KNmKxGY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug001:0:619

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Apr 2022 08:54:48 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8ovWlsTZSxB9pOjsOwQ2KNmKxGY

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 79B3
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGTEVrN0VyOE1BQURoMFh2Z3RkQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

49ms
48ms

Document
image/gif

52.215.92.65

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.92.65 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 43
Date: Thu, 14 Apr 2022 08:54:48 GMT
Server: nginx
cache-control: no-cache, must-revalidate
content-type: image/gif
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
strict-transport-security: max-age=2592000; includeSubDomains

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 08:54:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame E106 0
0 145ms
44ms Document
text/plain 162.55.120.196

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Date: Thu, 14 Apr 2022 08:54:48 GMT
Server: nginx/1.21.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame C5D0
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
420 B

246ms
234ms

Document
image/gif

2606:4700:4400::6812:230b

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:230b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 6fbb380a79f459b3-MXP
content-length: 43
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 6fbb38082b8f59b3-MXP
content-type: text/html
date: Thu, 14 Apr 2022 08:54:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 33476

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 9A1A 43 B
277 B 246ms
62ms Document
image/gif 195.5.165.20

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Thu, 14 Apr 2022 08:54:48 GMT
Vary: Accept-Encoding
X-adserver-worker: erebus-a128e46ec754@version_1.413
X-core-time: 0ms
X-server-arch: v2

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 761D 43 B
408 B 116ms
35ms Document
image/gif 63.251.232.170

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 14 Apr 2022 08:54:48 GMT
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Pragma: no-cache
X-RealServer-NX: ams-delivery-2
server: Cowboy

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2E4A
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redi...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=5792449fe3eea995d279461b3c302c16&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQ...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznURgVQSaYRbWUTnW

42 B
476 B

884ms
169ms

Document
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznURgVQSaYRbWUTnW
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 06:41:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: sfopug003:0:434

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznURgVQSaYRbWUTnW

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 104E
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1649926488291
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=471554130
https://sync.1rx.io/usersync/tradedesk/e9e4a4ea-d546-4eed-b679-2c3e495589a0
https://sync.targeting.unrulymedia.com/csync/RX-0c2194e0-3d4d-4b5a-9961-8971a9818d0d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0c2194e0-3d4d-4b5a-9961-8971a9818d0d-003

42 B
350 B

29ms
28ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0c2194e0-3d4d-4b5a-9961-8971a9818d0d-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 08:54:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug026:0:436

Redirect headers

content-type: text/html
date: Thu, 14 Apr 2022 08:54:49 GMT
etag: RX0c2194e03d4d4b5a99618971a9818d0d003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0c2194e0-3d4d-4b5a-9961-8971a9818d0d-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
server: Tengine

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 72EF
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4a317b4d-c12a-4f86-9a79-b87953d7f35e-tuct95166d8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
147 B

110ms
39ms

Document
text/plain

151.101.1.44

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4a317b4d-c12a-4f86-9a79-b87953d7f35e-tuct95166d8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 0
date: Thu, 14 Apr 2022 08:54:48 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy19282-LCY
x-timer: S1649926488.383612,VS0,VE9

Redirect headers

accept-ranges: bytes
content-length: 0
date: Thu, 14 Apr 2022 08:54:48 GMT
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4a317b4d-c12a-4f86-9a79-b87953d7f35e-tuct95166d8&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6962-MXP
x-timer: S1649926488.231405,VS0,VE25
x-vcl-time-ms: 25

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 6B58 0
407 B 106ms
103ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:48 GMT
Etag: 6a58d30bc630dcaf
Server: VertaMedia 1.0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F4AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rcyCsAimRRisweAN-Vm2Sg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

12 KB
12 KB

55ms
54ms

Image
text/html

92.122.147.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol: H2
Server: 92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-28.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=145454
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sat, 16 Apr 2022 01:19:02 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cff66257-e157-4400-a076-bca0b9e3bb91

0
260 B

820ms
165ms

Image
text/plain

204.237.133.121

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cff66257-e157-4400-a076-bca0b9e3bb91
Protocol: H2
Server: 204.237.133.121 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 14 Apr 2022 08:54:48 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cff66257-e157-4400-a076-bca0b9e3bb91
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 14 Apr 2022 08:54:47 GMT

GET
H2

200

/
spl.zeotap.com/ Frame F4AE
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=ADCC82B0-08A6-4518-ACC1-E00DF959B64A
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7569cd9f31c68907/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=e9e4a4ea-d546-4eed-b679-2c3e495589a0&icm
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e51e07ab70cbbbcc3643cd310500172d&gdpr=0
https://spl.zeotap.com/?zdid=1332&zcluid=e69a5d80391467e4

95 B
534 B

91ms
91ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=e69a5d80391467e4
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6fbb380b4a243743-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=e69a5d80391467e4
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QURDQzgyQjAtMDhBNi00NTE4LUFDQzEtRTAwREY5NTlCNjRB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
290 B

1176ms
168ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 06:39:49 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug001:0:334
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO5MU2dncRzIUJcvZZnIRgM&google_cver=1

42 B
543 B

1179ms
170ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO5MU2dncRzIUJcvZZnIRgM&google_cver=1
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 06:41:45 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug002:0:597
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO5MU2dncRzIUJcvZZnIRgM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F4AE 43 B
609 B 137ms
42ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 13 Apr 2022 08:54:48 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4376685925668799560

42 B
235 B

235ms
38ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4376685925668799560
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:727
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4376685925668799560
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e9e4a4ea-d546-4eed-b679-2c3e495589a0

42 B
294 B

272ms
67ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e9e4a4ea-d546-4eed-b679-2c3e495589a0
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug030:0:953
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e9e4a4ea-d546-4eed-b679-2c3e495589a0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7899110617540344407&gdpr=0&gdpr_consent=

42 B
492 B

1200ms
168ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7899110617540344407&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 06:41:55 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug011:0:416
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:48 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e9930fb7-bb22-44d3-9b70-e406566918f5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7899110617540344407&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=72o20rxpNt30bTHV7W4u1OxhNtH0bTXXvWHNIRF4

42 B
569 B

1083ms
169ms

Image
image/gif

104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=72o20rxpNt30bTHV7W4u1OxhNtH0bTXXvWHNIRF4
Protocol: H2
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 04:08:12 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug021:0:420
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=72o20rxpNt30bTHV7W4u1OxhNtH0bTXXvWHNIRF4
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ADCC82B0-08A6-4518-ACC1-E00DF959B64A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F4AE 43 B
991 B 145ms
49ms Image
image/gif 2a05:d018:d29:3601:11a:a397:8c8e:9db5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/ADCC82B0-08A6-4518-ACC1-E00DF959B64A?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:11a:a397:8c8e:9db5 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4jJiG4NE2uV6PfRc_pcce2Zeph5JNOc-~A&gdpr=0&gdpr_consent=

0
128 B

996ms
166ms

Image
text/plain

204.237.133.121

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4jJiG4NE2uV6PfRc_pcce2Zeph5JNOc-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 204.237.133.121 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4jJiG4NE2uV6PfRc_pcce2Zeph5JNOc-~A&gdpr=0&gdpr_consent=
date: Thu, 14 Apr 2022 08:54:48 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame F4AE
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5596c982-906a-4c1f-8db7-a45985a85690&ssp=pubmatic&gdpr=0&gdpr_consent=

43 B
106 B

42ms
41ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5596c982-906a-4c1f-8db7-a45985a85690&ssp=pubmatic&gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5596c982-906a-4c1f-8db7-a45985a85690&ssp=pubmatic&gdpr=0&gdpr_consent=
Date: Thu, 14 Apr 2022 08:54:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame F4AE 0
104 B 171ms
67ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2897285617857666245&gdpr=0&gdpr_consent=&us_privacy=

1 B
169 B

127ms
65ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2897285617857666245&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:386
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2897285617857666245&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 14 Apr 2022 08:54:47 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b7e701dc-edb6-41bc-839d-06d4545828d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
187 B

29ms
29ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b7e701dc-edb6-41bc-839d-06d4545828d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:408
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b7e701dc-edb6-41bc-839d-06d4545828d5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 14 Apr 2022 08:54:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F4AE
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7899110617540344407

42 B
110 B

30ms
29ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7899110617540344407
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug028:0:281
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 08:54:48 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 33de77dc-3bd0-4c18-9104-71c4ab4a8d1a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7899110617540344407
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame F4AE 0
191 B 120ms
49ms Image
text/plain 66.155.71.25

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 -, , ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EFBB
Redirect Chain

https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a7daeb35-9adc-44d0-a355-c7186e7be9e2

42 B
224 B

91ms
37ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a7daeb35-9adc-44d0-a355-c7186e7be9e2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug015:0:436

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:48 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a7daeb35-9adc-44d0-a355-c7186e7be9e2

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 7AFF 0
44 B 363ms
106ms Document
text/plain 38.91.45.7

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 -, , ASN (),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 0
date: Thu, 14 Apr 2022 08:54:47 GMT
server: c

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0901
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qoV0L7o61NEVfy5&gdpr=0&gdpr_consent=

42 B
211 B

52ms
52ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qoV0L7o61NEVfy5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug028:0:700

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:48 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qoV0L7o61NEVfy5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H/1.1 200 usersync Show response
match.bnmla.com/ Frame 75F5 0
112 B 577ms
108ms Document
text/plain 38.27.122.126

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.126 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Apr 2022 08:54:48 GMT
Server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DDD3
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C9B5DBB8DCD74C3A8AAC91D9BA18C70E

1 B
68 B

150ms
35ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C9B5DBB8DCD74C3A8AAC91D9BA18C70E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug009:0:420

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 138
content-type: text/html
date: Thu, 14 Apr 2022 08:54:48 GMT
expires: Wed, 13 Apr 2022 08:54:48 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C9B5DBB8DCD74C3A8AAC91D9BA18C70E
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 um Show response
u-ams02.e-planning.net/ Frame 05B3 42 B
103 B 38ms
37ms Document
image/gif 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=6fed9948ec3e5e7c&uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-type: image/gif
date: Thu, 14 Apr 2022 08:54:48 GMT
server: openresty

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame DFCB
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&addseg=11,34,40

0
0

1251ms
167ms

Image
application/json

104.36.113.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&addseg=11,34,40
Protocol: H2
Server: 104.36.113.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Thu, 14 Apr 2022 08:54:48 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&addseg=11,34,40
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame DFCB
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

53ms
52ms

Image
image/gif

77.243.60.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:47 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:46 GMT
frontend-id: 2
location: /pubmatic/1/info2?sType=sync&sExtCookieId=ADCC82B0-08A6-4518-ACC1-E00DF959B64A&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame DFCB 95 B
195 B 91ms
89ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6fbb380779813743-MXP
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame DFCB
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=ADCC82B0-08A6-4518-ACC1-E00DF959B64A
https://a.audrte.com/p

68 B
617 B

128ms
127ms

Image
image/png

54.236.81.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-81-149.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:54:48 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 14 Apr 2022 08:54:48 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame DFCB 35 B
209 B 139ms
40ms Image
image/gif 52.17.2.116

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.2.116 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 08:54:48 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DFCB
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8a336b65-bbd0-11ec-9e73-7926e53915dc&gdpr=0&gdpr_consent=

1 B
252 B

34ms
34ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8a336b65-bbd0-11ec-9e73-7926e53915dc&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug024:0:600
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8a336b65-bbd0-11ec-9e73-7926e53915dc&gdpr=0&gdpr_consent=
Date: Thu, 14 Apr 2022 08:54:48 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 8a336b66-bbd0-11ec-9e73-7926e53915dc

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F863 0
39 B 29ms
29ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88422296&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:46 GMT
content-length: 0

GET
H2 200 rt=ifr Show response
bcp.crwdcntrl.net/5/c=15238/rand=882445034/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/ Frame ECC3 163 B
403 B 51ms
50ms Document
text/html 54.154.13.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=15238/rand=882445034/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.13.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-13-151.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 163
content-type: text/html;charset=utf-8
date: Thu, 14 Apr 2022 08:54:48 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-consent: absent
x-server: 10.45.25.69

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame F4AE 0
48 B 128ms
36ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame DFCB 0
260 B 107ms
35ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6fed9948ec3e5e7c%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:54:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 04:28:22	Name: am-uid Value: 421bc1ba6b2c4bc092dd9d7d40fd936e
dtkt.com.ua/	1969-12-31 23:59:59	Name: b Value: b
.dtkt.com.ua/	1970-01-20 02:20:12	Name: _gid Value: GA1.3.12681292.1649926482
.dtkt.com.ua/	1970-01-20 02:18:46	Name: _gat_gtag_UA_6531827_1 Value: 1
.dtkt.com.ua/	1970-01-20 04:28:22	Name: _gcl_au Value: 1.1.1747487619.1649926482
.dtkt.com.ua/	1970-01-20 02:18:46	Name: _dc_gtm_UA-37846984-1 Value: 1
dtkt.com.ua/	1969-12-31 23:59:59	Name: Value: store.test
.dtkt.com.ua/	1970-01-20 19:49:58	Name: _ga_KSM8D51C85 Value: GS1.1.1649926482.1.0.1649926482.0
.dtkt.com.ua/	1970-01-20 19:49:58	Name: _ga Value: GA1.1.1386648427.1649926482
.dtkt.com.ua/	1970-01-20 11:47:34	Name: __gfp_64b Value: yga8tcqtRYvZgpzdfWjs5_JLxyqXrvt5qV9hRVMQ9ED.C7\|1649926482
.dtkt.ua/	1970-01-20 02:18:53	Name: dksession Value: hU8VDWUwUbra78e56coM8CRsNpDHwePSfNvU51qr
.dtkt.com.ua/	1970-01-20 04:28:22	Name: _fbp Value: fb.2.1649926482694.560730193
.facebook.com/	1970-01-20 04:28:22	Name: fr Value: 0YbebHr1uJEf7O79P..BiV-FS...1.0.BiV-FS.
.hit.gemius.pl/	1970-01-20 02:28:51	Name: Gtest Value: KlSHEMXGQMQGH7IXqHMBNooissGMXP8c25nSG4iRSG4BXBG.
.hit.gemius.pl/	1970-01-20 11:47:34	Name: Gdyn Value: KlSnORaGQMQGH7IXqHMBNooissGMXP8c25nSG4iRSG4BFRxSG7RrGS6GxgXBFlMMYH7hRjBGqSRxSG8.
.rg.yottos.com/	1970-01-20 03:01:58	Name: bhpp Value: 2.5.5
.yottos.com/	1970-01-20 11:04:22	Name: yottos_unique_id Value: 16499264833239448
advert.dtkt.ua/	1970-01-20 11:04:22	Name: OAID Value: 90414e4d8f87fdfc280340b97307d39b
.admixer.net/	1970-01-20 04:28:22	Name: am-uid Value: 421bc1ba6b2c4bc092dd9d7d40fd936e
dtkt.com.ua/	1970-01-20 02:28:51	Name: am-uid Value: 421bc1ba6b2c4bc092dd9d7d40fd936e
.yahoo.com/	1970-01-20 11:04:44	Name: A3 Value: d=AQABBFThV2ICEDXlzdq1ZDr-4CfMWmtxf84FEgEBAQEyWWJhYgAAAAAA_eMAAA&S=AQAAAg391Ee8RF3ADNpADEkQ1XA
.exchange.buzzoola.com/	1970-01-20 03:01:58	Name: uuid Value: 2de622fc-8662-435a-7d50-12e1770db982
.creativecdn.com/	1970-01-20 11:04:22	Name: u Value: G9ZFvjnGFuTr7hoPpche
.creativecdn.com/	1970-01-20 11:04:22	Name: ts Value: 1649926484
.analytics.yahoo.com/	1970-01-20 11:04:22	Name: IDSYNC Value: 1985~24bk
a4p.adpartner.pro/	1970-01-20 03:45:10	Name: apuid Value: e478e986-c08e-450d-8139-97733516a30c
.betweendigital.com/	1970-01-20 11:04:22	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 11:04:22	Name: tuuid Value: bafd6f86-d349-5168-bd55-5903df02b857
.betweendigital.com/	1970-01-20 11:04:22	Name: ss Value: 1
.openx.net/	1970-01-20 11:04:22	Name: i Value: 270ac64e-4994-49d7-ad29-c57ea4347120\|1649926485
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
pa.tns-ua.com/	1970-01-20 19:51:24	Name: uid Value: Z55AB2E0CC8B4249A69BDA48C29EC5A3
.e-planning.net/	1970-01-22 15:37:58	Name: E Value: AKzFHzNjIzQSzRaA
.betweendigital.com/	1970-01-20 11:04:22	Name: ut Value: YlfhVQAAoCgpKLEqBmF9BaFauzXLlv5YHuR74g==
.casalemedia.com/	1970-01-20 04:28:22	Name: CMPS Value: 708
.360yield.com/	1970-01-20 04:28:22	Name: tuuid Value: aa1ef2c2-b99a-4e6d-84c1-cf4e9069c95d
.360yield.com/	1970-01-20 04:28:22	Name: tuuid_lu Value: 1649926485
.ads.pubmatic.com/	1970-01-20 02:20:12	Name: KCCH Value: YES
.bidswitch.net/	1970-01-20 11:04:22	Name: tuuid Value: 5596c982-906a-4c1f-8db7-a45985a85690
.bidswitch.net/	1970-01-20 11:04:22	Name: c Value: 1649926485
.bidswitch.net/	1970-01-20 11:04:22	Name: tuuid_lu Value: 1649926485
.adnxs.com/	1970-01-20 04:28:22	Name: uuid2 Value: 7899110617540344407
.casalemedia.com/	1970-01-20 11:04:22	Name: CMID Value: YlfhVfspoaPUSvI-cIL5UwAA
.casalemedia.com/	1970-01-20 04:28:22	Name: CMPRO Value: 204
.zeotap.com/	1970-01-20 11:04:22	Name: zc Value: 2da90be3-9827-41bd-7fdc-df1aa4eae972
.zeotap.com/	1970-01-20 02:20:12	Name: zsc Value: 9%25%86m%DE%06R%06%96S8%0B%29MAKV%F5%BF%A0%BD%F5%40%1F%9C3%85%A3%DA%C28%28%BC%E5%F5%D1%E0%BC%9ArE%B7%85%D4%87%98b%BD%CE%B7%F9%95p%17%AB%81%0F%E9%02%13w%FA%90%0F.G%8D%3C%12n%19%1B%97~%A6e%A0%C3%15%85J%B3O%F83~%21BdW%B0%C2%3E%9F%FA9%D2%A8%81g%8E%DEV%C9~%2C%12%A5%00k%87%F4u%FF%5B%40%1F%96%17%5D%A2%19%FA%D1%D8%A8%D9%B8i%EE%CA%23Ogd%14D%8B%E6K%98%FD%7F%0A%F5%ACTE%EC%B7%B9%BAX%8Dd%C8%26%B8%1F%DC%29%BC%C6%05
.pubmatic.com/	1970-01-20 02:20:12	Name: KTPCACOOKIE Value: YES
.richaudience.com/	1970-01-20 04:28:22	Name: avcid-zeo-uid Value: 2da90be3-9827-41bd-7fdc-df1aa4eae972
.adform.net/	1970-01-20 03:01:58	Name: C Value: 1
.pubmatic.com/	1970-01-20 04:28:22	Name: KADUSERCOOKIE Value: ADCC82B0-08A6-4518-ACC1-E00DF959B64A
.adscale.de/	1970-01-20 11:01:02	Name: uu Value: bc6bd79d27e44b79be2e9fb195ec1c32
.tapad.com/	1970-01-20 03:45:10	Name: TapAd_TS Value: 1649926485452
.tapad.com/	1970-01-20 03:45:10	Name: TapAd_DID Value: d338f7c6-dbaa-4574-9b26-be0ee55a2d53
.adform.net/	1970-01-20 03:45:10	Name: uid Value: 4376685925668799560
.adsrvr.org/	1970-01-20 11:04:22	Name: TDID Value: e9e4a4ea-d546-4eed-b679-2c3e495589a0
.tapad.com/	1970-01-20 03:45:10	Name: TapAd_3WAY_SYNCS Value:
.adsrvr.org/	1970-01-20 11:04:22	Name: TDCPM Value: CAEYBSABKAIyCwjMhNb45P_OOhAFOAE.
.demdex.net/	1970-01-20 06:37:58	Name: demdex Value: 85228404113419344621438696045548191187
.adtelligent.com/	1970-01-20 03:48:03	Name: vmuid Value: 6a58d30bc630dcaf
.adtelligent.com/	1970-01-20 03:48:03	Name: a319130 Value: b1f21b03-d2e6-4493-a73e-36bcbf07ee9a
.dpm.demdex.net/	1970-01-20 06:37:58	Name: dpm Value: 85228404113419344621438696045548191187
.tidaltv.com/	1970-01-20 11:04:22	Name: tidal_ttid Value: 98b2d0f1-93d4-4870-9e72-3c5740fe2144
.weborama.fr/	1970-01-20 11:44:41	Name: AFFICHE_W Value: wNNyWY9JlXvA17
.adfarm1.adition.com/	1970-01-20 04:28:22	Name: UserID1 Value: 7086380293892077710
.tidaltv.com/	1970-01-20 11:04:22	Name: sync-his Value: "H4sIAAAAAAAAADM0NrAwtzK0MAIAvKo94gkAAAA="
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.adtelligent.com/	1970-01-20 03:48:03	Name: a307558 Value: e478e986-c08e-450d-8139-97733516a30c
.smartadserver.com/	1970-01-20 11:47:34	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 11:47:34	Name: pbw Value: %24b%3d16990%3b%24o%3d11100
.adtelligent.com/	1970-01-20 03:48:03	Name: a309255 Value: cd7876d8-598c-45c9-9c73-cd8341488050
.adtelligent.com/	1970-01-20 03:48:03	Name: a289656 Value: aa1ef2c2-b99a-4e6d-84c1-cf4e9069c95d
.adtelligent.com/	1970-01-20 03:48:03	Name: a297253 Value: 7899110617540344407
.adtelligent.com/	1970-01-20 03:48:03	Name: a323546 Value: YlfhVfspoaPUSvI-cIL5UwAA&204
.adtelligent.com/	1970-01-20 03:48:03	Name: p440467 Value: 421bc1ba6b2c4bc092dd9d7d40fd936e
.agkn.com/	1970-01-20 11:04:22	Name: ab Value: 0001%3A0QGxHDM8GJQaOZJpb%2BYCXWdWr3Es%2Bzyb
.spotim.market/	1970-01-20 03:48:03	Name: vmuid Value: 6a58d30bc630dcaf
.spotim.market/	1970-01-20 03:48:03	Name: a323548 Value: 6819468111060809687
.adtelligent.com/	1970-01-20 03:48:03	Name: a307971 Value: AKzFHzNjIzQSzRaA
.krxd.net/	1970-01-20 06:37:58	Name: _kuid_ Value: OxxHu2LQ
.console.adtarget.com.tr/	1970-01-20 03:48:03	Name: a502624 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:48:03	Name: a544989 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:48:03	Name: a307080 Value: G9ZFvjnGFuTr7hoPpche
.console.adtarget.com.tr/	1970-01-20 03:48:03	Name: a306708 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:48:03	Name: a550070 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:48:03	Name: a550214 Value: ${USER_ID}
.everesttech.net/	1970-01-20 11:04:22	Name: everest_g_v2 Value: g_surferid~YlfhVQAB4cKS-wAZ
.ibillboard.com/	1970-01-20 11:04:22	Name: ibbid Value: BBID-01-03246404859053940-16576632
.console.adtarget.com.tr/	1970-01-20 03:48:03	Name: vmuid Value: 002716657369bf43
.console.adtarget.com.tr/	1970-01-20 03:48:03	Name: a307565 Value: bc6bd79d27e44b79be2e9fb195ec1c32
.fwmrm.net/	1970-01-20 06:37:58	Name: _uid Value: "e51d2_7086380298174212473"
.casalemedia.com/	1970-01-20 02:20:12	Name: CMST Value: YlfhVWJX4VYA
.audrte.com/	1970-01-20 02:40:22	Name: arcki2 Value: 75gGhrjQdgzQ-KZTeaJ-VfZgQ!20210804!1649926486317
.ih.adscale.de/	1970-01-20 11:01:02	Name: tu Value: 4#1922909334#48~~458312~458312~1#101~BBID-01-03246404859053940-16576632~458312~0~0#38~~458312~458312~1#39~~458312~458312~1#40~~458312~458312~1#42~4376685925668799560~458312~0~0#75~~458312~458312~1#63~YlfhVfspoaPUSvI-cIL5UwAA&204~458312~0~0
.adscale.de/	1970-01-20 11:01:02	Name: cct Value: 1649926486433
.doubleclick.net/	1970-01-20 02:18:47	Name: test_cookie Value: CheckForPermission
.eyeota.net/	1970-01-20 02:18:47	Name: SERVERID Value: 18359~DM
.audrte.com/	1970-01-20 02:40:22	Name: arcki2_adform Value: 4376685925668799560!20210804!1649926486500
.audrte.com/	1970-01-20 02:28:51	Name: arcki2_TTT Value: 1649926486502!75gGhrjQdgzQ-KZTeaJ-VfZgQ!H4sIAAAAAAAAACWXO44lNwxFF1MxAUqifqEDB4ZhB8ZsQKSk/S9hjtrBYLrR9VTU5f09bSeXvUJ2PlPK9SUzpyU+S+xadr7JvxGdP+QlLa8uJd8pq1mSottz1Xn81i+55lstJNtysZO2zHNVbLdbUtzqd36l5XbbMjknVErxLX7Lld5mmbbXLjN/sTkibpFjPFmmLhljZUnDfV5vVT19XsNuV5V17haLHeLRh2jKWnqP3C1/ffg6k0m1rM3rbpJ1tcrwewcf73P3b++e+0wMPmyI1Ta4fa8SZ/WYbcx61xe9cnC9creHlNOZqblKG5x6zZO3+a0R20cdchREjUnFR2uSNdeRrCct7cunxpiROb9NHjo8xM1Ex/Sx6/0B0/VkG3PIXqWKpWgylxcZtkqbq52R79ei3dPGEdPZxLJVWfWa2M01RVL1ZV8dO7FDkz4KTx6enMkTq2R5EcvuaN9dqdUT9b0OxPetMm8rUhPvyJzQd/luap1PLWErV4qPLEuPSW7hW/Nas8ZnaZxRWEab/YCTXplqypZbJPOcCmuBTvVdVfxcTlrORsY80s5qu8ORle1LeXfPGgwOH62ZCUe73Lx35IjeR/0gQK7e4JPtAg7NBY50dpNg2WrzrcUWrCmryolxxTrT++hT7ul69AQDjC/ddY7WInFT4nVLZdZcRC27Qrlzev/WzWD3qHSUh/J2ma0inrCmd0W97A7kexnw6d5gpvT4Blpyk6adatHU/ev99LLWQ/ztzmYGJ97J4Dsxd4IX35lJUaDJemuxzuPQCMorMzjTg9rnS2FTYRm3Mlg/LHjzUwx1cwYBhK+lw21gZk45i81exLt32QjNteZRvX73REx2KaWV9W6HOGdGUkjzckJOY8AnNJ6GiZcyoMrgpLRNEP9uzw0Q9bese/AxaeVB4LYwjOqSA9XuhGIyamEUTZfbXwzFcsMwdFS5NQH4cm+6vrISgriAuUbnSdS0XN/bN6LL+4Q/FuzrBt/W3rgKewWMnnldQv6eJ8L+RsWyWKN0ZMOCM2C+282N1fUWyOV8J81rm92iI5i5c5cZTFc0jnrPBc/4ojl2BITWAplvEJ3dp2BEdmyUq7zuYJ5jGuIvz5+glsBTrnCiw4CSStavWGn1apOA0e8kEC+OTCeqO3NhnPdR5Z4LS3J+t8sFG9g43bgDMxwxQPXLvd65KuL9cV9cQlZZU2rLPafnF4EQtNaDfcspD3ZNDSGkCptxlDIWXhJfrhDrLaO01h8zL697iDdtwzOv7+Vrc4PZKbIJD056iBdH6/NuMmGsbrAA147M69oczw4dji51qHB1L7PneF8ryeIO1LYgFWHhXKxOhFAPimmoP75mCMLmQ2fjKhXJjac7rZjpjspH86en9tWh4p29P5kXWRkO+uQ/uAKpzzcmqAXMjjOAIMGSYQQEEWjet9ao9bPjrqtmcexMymBBgwTEMGxohLcYgWfWtRbc8NQZfGJS6xE18LlTPdr2+Q3rm6TJgqghnebEONBrLBy6hPYZ6bNitvLtgpNBKkQtEKc/C8WJo+/c/OO1ZQ5Id5+P4z88dIm/BNhg6SQP7hsFH4LZ9SyiDEsGgv7YXFByTxWbBid4wM+S5vOC01lbGmBr5dQKf4nIbwcsTvj4VmRuPS5rC5KtJlxipc5Vv1IPwd5w94B5VuDTOOXRbzO761QUfDe5NjGkBM3ASZF5EAsXDw8bSYHz27ZxvnzY/aZX1EG8Yvni+5RZ/VFdPxuXeyRIp69XdMzcFebQJWpcaw2T/8Z5WZwA8+oDE0f3Ta4z97quBEaaX17QbumQPicnxSxvI6hl7GJXw7GVb+Q8wXzDpx8wiQVWw2ABk9pqreRONXq2mAz64iVlUlhWd3TVp3cUMqLUb9aTz+NrKgRY4eaysBWiZixawv9OF2Mdq5gkOsNwnjFSsviVOYJaVPotXznZf9w9p0MAvYYwx6Y/AWLqEIFu9v317z9//Pf3n7/YSFHJnfPoS+Mk6Noxant+Rtz6ZtC6ai+795Tq/SAEVk/BiUPZsLyeuR+aV0zrlBfd1r9JpfH3J13swm56YiVzUa332uDsGZxUVQepx79HjUrzWot36hx5to6clcxtil0yfmJhZWA6a0KSTcZb3UP3VDIXu934vmcMpMRL7wZnaXn7pHv97Pal2D0FiteSWCi1DzFSv8rAPoj4VbciIQ3KyqGxPHvLmwSgtuACeDROYW3bB2W5rD0J0hahBrWDaBdMnwCmD1ZuN2bXRSzJ2S8BXuDM15/hR5+HytTK+KgEdFNakqn7i1OCGc4Le8CN4TSm+xE+dAbSf2GGcDq9cgoEAYhYerPd46NB0YnRhL8FmqLo0YE9OYlxyUO8hrKwNsmMjuE2M1H51jPSmLsk/KDm2WnNhcb0DqmvVFV79ojHLfbBhVBSsm9RA0YjZjBvqGJUpclShfB4BgmrUv3YZsxJY+m5vugiddaGKkpBtotmt6UPvebyxLjny9xnNWvRjA6ZWkmKmmx/OdXQDfGp9+isPaoQCZIIkhmAeKt+tSR8M14pC8oCJkmlfF9BcFC+lGjiqwayfibO+WVUrrj1tUHEltEApftS2+03RYnSX/EMAAA=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://reader.dtkt.ua/Downloads/GC_Reader/dk-ua/%C2%AB%D0%94%D0%9A%C2%BB%20%E2%84%9609-10-2022/Cover.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=2da90be3-9827-41bd-7fdc-df1aa4eae972&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2da90be3-9827-41bd-7fdc-df1aa4eae972&reqId=9b223b4c-c9dc-4f6b-7330-162ee3103e76&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adscale-emea.adnxs.com
advert.dtkt.ua
ap.lijit.com
aud.pubmatic.com
b1h-apac1.zemanta.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
c.bigmir.net
c1.adform.net
cdn.adm.admixer.com
cdn.admixer.net
cdn.dtkt.ua
cdn.yottos.com
cdnjs.cloudflare.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
content.admixer.net
core.iprom.net
creativecdn.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
docker.creative-serving.com
dpm.demdex.net
dsp.adfarm1.adition.com
dtkt.com.ua
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
green.erne.co
i.e-planning.net
ib.adnxs.com
ic.tynt.com
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
informer.minfin.com.ua
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
loada.exelator.com
loadeu.exelator.com
ls.hit.gemius.pl
m.mixadvert.com
m.trafmag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mwzeom.zeotap.com
my.dtkt.ua
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
reader.dtkt.ua
rg.yottos.com
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
scontent.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.102.29.65
104.36.113.107
104.36.113.68
104.89.20.125
104.89.42.102
104.92.74.8
137.74.6.209
138.201.34.238
141.94.170.64
141.95.171.141
142.251.36.66
146.0.227.109
146.59.148.16
146.59.30.108
147.135.189.55
151.101.1.44
151.101.2.49
159.65.197.210
162.55.120.196
168.119.149.178
169.50.137.182
178.250.0.163
18.156.0.31
18.158.238.206
18.185.251.21
18.198.126.47
18.66.192.67
18.66.248.77
185.184.8.90
185.33.221.52
185.33.221.88
185.64.190.78
185.64.190.80
185.86.139.113
188.42.29.166
193.200.65.6
193.239.68.97
194.213.62.37
194.247.175.26
195.5.165.20
198.47.127.20
2001:678:cb4:bbbb::11
204.237.133.121
205.234.175.175
212.113.34.136
212.113.34.153
212.82.100.182
213.155.156.185
213.19.147.45
216.200.232.249
23.108.101.160
23.227.139.243
23.88.75.187
2600:1f18:6593:f602:96e:5500:bf36:df5c
2600:9000:224a:1400:f:4f64:8940:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:adf
2606:4700:20::ac43:47c2
2606:4700:4400::6812:230b
2606:4700::6811:190e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2003
2a00:1450:4001:803::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c08::9d
2a02:fa8:8806:20::2040
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42::300
2a05:d018:24:b002:c30a:8a9a:b9ec:c13a
2a05:d018:d29:3601:11a:a397:8c8e:9db5
2a06:98c1:3120::7
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
3.126.125.87
3.127.178.105
31.28.167.114
34.102.253.54
34.231.116.207
34.254.143.3
34.98.67.61
35.156.6.177
35.157.226.32
35.186.253.211
35.201.81.244
35.201.96.126
35.227.248.159
37.157.4.25
37.157.5.142
37.252.173.214
38.27.122.126
38.91.45.7
46.249.52.249
5.178.65.246
5.178.65.252
51.158.28.83
51.89.9.252
52.17.2.116
52.208.185.108
52.213.35.75
52.215.92.65
52.22.9.187
52.223.40.198
52.51.64.75
52.94.220.185
54.146.66.83
54.154.13.151
54.166.244.71
54.236.81.149
54.37.238.28
63.251.232.170
66.155.71.149
66.155.71.25
67.202.105.34
69.173.144.138
69.173.144.139
72.251.244.140
72.251.249.9
77.243.60.138
85.114.159.118
92.122.147.28
94.130.152.107
99.81.29.206
0177c4c654375b658400c8b8eb80bb4d5f586adfada0a082571ddb1dd7583bf6
017bb5516d2b2924a44b687a45ec1aa9cac43aca2379033b62d5bf02a65ce7e0
03dd5dd39b82c6c4923e539fa57614d30b0a8860773d499876502f94604981b2
04ab182091cf467697ed55e3a5781b63e9031de0b506b77776e4c63bddecb870
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08e2c358ce13cb67f94ebb35b0f67c8763190a857c0db68da6eb196dfe9da46a
0af90bcfeb2a779884610c8f71a9d2c186497331d43f32f8ad3d1d0c9be5dff5
0b27ba1fd6e92f0dca4750157117e5f070a3200f025ececc03dbe5d3eacf4529
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5ab2d9f919fa3f6f9cc3b9e760d25f9a92841639e381ef1860f3cf037c5831
0e7f356101f19500f3aec6125f09474270ec51d0056af02afe1d80e1b2683a34
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131052c01bdaa8f22f850f5138058f8d7a7b0098a3477a42490109f8d9c6e9fe
14d357cfe39648a56dce9610eeb7a983ee88f23f6056df9712d41ae9f92f6f75
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a87e2b08ae66d738296b6a83d29c2030cace70dbcd11c2035045996e95cee6b
1c8ee67c6c8104fb420447f3d36a1217e0753259119e6b0f65b11d62b40d634e
1d4d0b80efb81cf25d58ae5d741246df0ee080e915554fe48cfdaef50653e40f
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88
1f389bfb95afdc88edea435f0184553556a1dcf9d139d1141dab4adcb38939a1
200800a667d61152026c8c800ad63b5d75b8dd84729e5f2affc8a2b6036c96be
209a921037cc5885918ba5dd2948a2dea4ffe1a3d347a2262678cad2063f6025
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2acb61e7ba5ba150554d9f670457483df909d53ae32b3eca424e93cc94766e9f
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f93bfd74e879bc8dfc0bb411a957bfc9027792801e859d33b1cc7439d15f9a7
3043c14a72dbdba4aa4374f3525269f00e2e9375c4575e5c5a82f522f7bf452c
3133414574403fc3deb767b83a75b88d635aee9fbd27f2f675729ce6107d2745
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36e1a53d84f5242d1fa84f99aa242fcf4ff00895ec8fec0b07881913df1b88c7
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
387f8490e8e63ca9900eab97eb753fd572e038e5f4c3d3d57ae008eebcb2a3fb
39a47a318611034d2e424a5113485d2a4fca1eafd9bae600c45a17784781f591
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
414912e7a0f7d7710940ba4aa759b11a479ad5e73358795cca2ba091fe16bc9e
42524ce07f6ab05f27342edc02440b28590a7fe433adae3133a7e6bef2482e41
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48afbb721df1cef6c77aa54b55672fb0080005c3a7bc31dea6448b4b0d54500b
48cc14d17a8efe72596d729a5aa9b9ba3700c666c820ae20158a7c39b4cb45aa
48f93604ca99d133998e994a6866fcb375247096ec6f052441ed98b3c3628d7a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49cd8847319a2aedda8da3905f438fbe0396736b48f25d2537e92d5b9974aaf7
49f81fd9d550973f42df3a0642eef9c0440c992430fa093e4811d4019fa732c9
4d7283ead4dc0abe4fb28586c5e594ced5920b16a88b241e3474622fcc544344
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
500d593b78f161d79d95944bc465a36c92c52477e3c16b66f8110aac8dab8723
518eab235062c77af91aae15741d1a2e87af9fac42d02abcdfd34a1ab86ff897
59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283
5eac8c45f1b592203e24ceea193579c0793083998f68cc3a0d7ed26e84492b1b
5f4d8cd6ec3353c00a3e343dbae313e70f6d8319e8c1b5ead45ceab8ca5cc65b
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
65221dc2cf79cb9b22d90113d64c27443305fed07e447462ca9bc60f8bcc8f75
65d83c3c0ae72e4ffbbbb4c27d56c13116b3f3238f6420aa1fc85532867e8017
65e55deb3f0eb3e62e7a862d1e054773ef852ba04e28d5d27ad4f806ed8358d5
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
682efb2cfe468fd28e130d9a61605363aa03d38f2dc75908357ef143543f4650
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afb93bcc848a56418d301ad7bfa8d46dd988771d0c1f926b1674e9205c51663
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7567ab4fbd2c87002df2af4eb0199cc67f27b6c53135c6928ee893173f3a48f4
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
77b47ce3b6e2a4e94d9cab0385b2e5c68dab89ecffec46d6fcee92174f0bc31c
7e5c4d423c47742dfc8c0f793956e140e42d9cf76b0d70e83c07993e2b201518
7e8ffdcb5908cf231882578b14728ee3ce1b8b7855983f0495eb5f9cb3c2bf49
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d1fb56f65f0ed3808397868ba127f54323bba4d84484b96b9c0527eaed8909
8558f0065e6626134905a7421f31a12c4ae038e1a4adef70c1752489ef6cdb2c
89b574f51c4bcabc21e74313519d2651acb3158d9ad4aba08d0d2d9d534165de
8a81944294bbb32db047a653cb60af5f5d423febf2cba58f9683a85e770f8e0a
8bbadae206231805610a0db481c67a10b454cedcbb9e77f5f65e54514b581c6b
8e32052e0e9da12d3839762d28077b1907e86cec62e2c7a46787a4553ab796e7
8f934b9dcb83e66d7d9d97961ff48c91e981f7d2277b35db090be6de194354fc
9038186cd9e9e689d1403fd4bebedffd2263d1f21187389e2fe5f5a574959e0b
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
967d976a2761081b4e9fb2b5e529e050f487a3ed8529f4a32db963f83a5c6d21
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dfd0180e3524cbb3d4ad1c1e05dc2d71d5c0738ca4a62e030cb5deef7bf55f7
9e249bbaac36cd21e4443d04168c2d586fd2994cd2c2eb86ee7e5bcfc2fb08af
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3582b5a4ef7295e5e3ca1afcfe1d479c5519cb8e48bbc88e6cb4ddccf9b42c4
a91bad7398ff2c7c4f3ba141b1c79c5ba58c6c7d88ce0799c6da7ab5cd15c418
a9a3437fa125f5414e9c9170fe6629491055dc214251342c3bfde8fd720dba72
b0b3547f78bcdb747bf017a5db979c3bd26b874a2d9a8b1f55eda361d30bd86d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46d993352f3c090ba7f1b0239cd340850abd960ece7fd3985a2c70025412754
b5f793897d99013d7d6813abde015f298b36d97f8075d3d4fa775e4882102c5e
ba76fec9e5758d44eb8e999590202f4ecd2040eb34ee35e85e9118548c82c513
be0fa70a2115b3bbe43320c260c2460101473456eb7ab1d9df2351b2fac49516
bed1b84f0dde9859ebdf7e7d52f2379ae6fe7522d3f520c7426ee3c6719bf7d7
c0f841075b4374a1efcccfa649afcc8479a6eb58fc5cbdbfc18eaf3388ceb54b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c63a7e3a36685585fc2d3b5f1369caf1c74e913cb5f9a7d8d5bc253f13fa45a3
c6ffc1740fff9924d0f21cf7d51954b2a75f4ae21f53a3926bda233a2b8c6289
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c8a3ea21b8776d548fab26fc696cfca840d3aff0647500455ad7cdeeff269bb7
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
ce1cb5c09afd642eefd5b0827de207f54e807cedd3b5a814df9578f10e9dfcfe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d340072fe4250b5ebc56564aa8ad911b942b0d6f8edd24b6e8c4e4ba76b1a185
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dec675ba819e7ed9d92ec945f343440cb43c3affec599a0c62cd7f3600fde9cb
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
e043c78c2bbac3fa81d30fa576ddca8fed360e29c8cf763396362cf00ea3194a
e18ca288f174f841f60a0fd860b0aa74ac090ad4e3f0b7cb946fd28b32bf42b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef524ae03bc1bdf1083e0bc6d285ccb88f7ede20021b2dc713958d3d9db873f0
f07d492a1b8f29ab1cc8985b42d7b1f6986cdccadf89c631fdde01c71867fb62
f16a8a1d6ea64c7039171dbf0ac57fed93d7886f79079da09a27c63ead08ded0
f289b35c04665f9f6dd5453da9554f6426f966cad8735396fd6e5ea701023e76
f36727ee6955b1a1d93c684f82d0af25382c3eff7e4eb6b3b1063eb300df6139
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6ce96a04d766c4eb5b7424ff1b027074a88ab695de9ef1765980c29e0c9bf7f
fb5d50af63efafce95b349311c24b0843d599cc11660bdc9691629bf4b8a3593
fb88234216df42e9a37527d95ea2fd45c1fe4583bf9e5f6f0a61c1837374a7e8
fc24de194d41a2de34db00c4a84219356b8aac453a962815ed62e76b4bc177e2
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

dtkt.com.ua Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

276 Requests

77 %HTTPS

21 %IPv6

99 Domains

142 Subdomains

86 IPs

15 Countries

1847 kBTransfer

4824 kBSize

98 Cookies

173 Outgoing links

Page URL History

Redirected requests

276 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dtkt.com.ua Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

276
Requests

77 %
HTTPS

21 %
IPv6

99
Domains

142
Subdomains

86
IPs

15
Countries

1847 kB
Transfer

4824 kB
Size

98
Cookies

276 HTTP transactions
0 data transactions