2day.kh.ua Open in urlscan Pro
2606:4700:3035::ac43:b310 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://2day.kh.ua/
Effective URL:
https://2day.kh.ua/ua
Submission: On August 23 via api (August 23rd 2022, 8:16:38 am UTC) from GB — Scanned from GB

Summary HTTP 243 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 75 IPs in 10 countries across 69 domains to perform 243 HTTP transactions. The main IP is 2606:4700:3035::ac43:b310, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2day.kh.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2022. Valid for: a year.

This is the only time 2day.kh.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 61	2606:4700:303... 2606:4700:3035::ac43:b310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	138.201.197.100 138.201.197.100	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.68 141.95.98.68	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 1	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
4	2606:4700:20:... 2606:4700:20::ac43:44a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.123.245.227 3.123.245.227	16509 (AMAZON-02) (AMAZON-02)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 8	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	81.17.55.112 81.17.55.112	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4 8	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 9	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.205.245.111 23.205.245.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 5	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 4	52.94.220.185 52.94.220.185	16509 (AMAZON-02) (AMAZON-02)
4 8	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	18.158.8.202 18.158.8.202	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 8	3.127.193.182 3.127.193.182	16509 (AMAZON-02) (AMAZON-02)
2 2	54.216.196.145 54.216.196.145	() ()
2 2	193.232.148.145 193.232.148.145	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
1	151.236.71.19 151.236.71.19	204720 (CDNETWORKS) (CDNETWORKS)
2 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
15	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	193.0.160.129 193.0.160.129	() ()
1 1	198.148.27.140 198.148.27.140	() ()
2 2	18.203.96.202 18.203.96.202	16509 (AMAZON-02) (AMAZON-02)
2 3	23.75.246.168 23.75.246.168	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	18.159.205.245 18.159.205.245	() ()
1 1	37.252.173.27 37.252.173.27	() ()
2 2	54.220.105.73 54.220.105.73	() ()
1	69.173.151.100 69.173.151.100	() ()
1 1	18.210.134.164 18.210.134.164	() ()
4 4	185.29.134.244 185.29.134.244	() ()
1	2.18.235.93 2.18.235.93	() ()
2 2	213.19.147.44 213.19.147.44	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2 2	37.157.6.248 37.157.6.248	() ()
2 2	135.125.160.160 135.125.160.160	() ()
1 1	54.72.196.78 54.72.196.78	() ()
1	2606:4700::68... 2606:4700::6812:c4c	() ()
3 3	31.172.81.172 31.172.81.172	() ()
2 2	89.108.119.28 89.108.119.28	() ()
1 2	2a02:6b8::90 2a02:6b8::90	() ()
243	75

61 2606:4700:3035::ac43:b310 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

2day.kh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.197.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.197.201.138.clients.your-server.de

openweathermap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:44a2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.245.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-245-227.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.112 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.52.2.39 (United States) 4 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.62 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.245.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-245-111.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ccf698bc7e46a7066d9abb1413fc8cce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.155.104 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.94.220.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.127.193.182 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-193-182.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.196.145 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.145 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp6.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.28 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.96.202 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-202.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.246.168 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.159.205.245 (None, ) 3 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.27 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.105.73 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, )

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.134.164 (None, ) 1 redirects

ASN- ()

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.244 (None, ) 4 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (None, ) 2 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.248 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.160 (None, ) 2 redirects

ASN- ()

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.196.78 (None, ) 1 redirects

ASN- ()

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c4c (None, )

ASN- ()

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.172 (None, ) 3 redirects

ASN- ()

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (None, ) 2 redirects

ASN- ()

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (None, ) 1 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	2day.kh.ua 2 redirects 2day.kh.ua	4 MB
23	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 654 ce.lijit.com — Cisco Umbrella Rank: 936	26 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159 ccf698bc7e46a7066d9abb1413fc8cce.safeframe.googlesyndication.com	281 KB
16	rubiconproject.com 6 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015 eus.rubiconproject.com — Cisco Umbrella Rank: 582 fastlane.rubiconproject.com — Cisco Umbrella Rank: 519 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2237 pixel.rubiconproject.com — Cisco Umbrella Rank: 327 token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel-us-east.rubiconproject.com	24 KB
15	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 pubads.g.doubleclick.net — Cisco Umbrella Rank: 510 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	161 KB
13	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 304 s.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1260	51 KB
9	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 539 ssum.casalemedia.com — Cisco Umbrella Rank: 1324 ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
9	openx.net 1 redirects setupad-d.openx.net — Cisco Umbrella Rank: 46508 rtb.openx.net — Cisco Umbrella Rank: 1517 u.openx.net — Cisco Umbrella Rank: 705 us-u.openx.net — Cisco Umbrella Rank: 399 eu-u.openx.net	2 KB
8	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	4 KB
8	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 604 secure.adnxs.com	23 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790 bidder.criteo.com — Cisco Umbrella Rank: 759	9 KB
7	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2016 cache.betweendigital.com — Cisco Umbrella Rank: 19427	5 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493 ads.pubmatic.com — Cisco Umbrella Rank: 492 image6.pubmatic.com — Cisco Umbrella Rank: 634	24 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
6	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 111 web.facebook.com — Cisco Umbrella Rank: 252	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 361	109 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371 data.adsrvr.org — Cisco Umbrella Rank: 5869	1 KB
5	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 3944 cm.adform.net — Cisco Umbrella Rank: 1550 c1.adform.net	1 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1532 m.addthis.com — Cisco Umbrella Rank: 1472	219 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 39439	9 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	197 KB
3	bumlam.com 3 redirects sync.bumlam.com	2 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1018	1 KB
3	creativecdn.com 2 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6497 creativecdn.com	906 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2218 mp.4dex.io — Cisco Umbrella Rank: 2814	25 KB
2	yandex.ru 1 redirects an.yandex.ru	669 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	bidr.io 2 redirects match.prod.bidr.io	1018 B
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 820	588 B
2	quantserve.com 2 redirects pixel.quantserve.com — Cisco Umbrella Rank: 458	1003 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 13301	821 B
2	avct.cloud 2 redirects ads.avct.cloud	892 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 594 cdn.indexww.com	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	56 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	357 B
2	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 2636 cs.emxdgt.com — Cisco Umbrella Rank: 952	156 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 508 cdn.id5-sync.com — Cisco Umbrella Rank: 1301	13 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5031	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
1	adroll.com 1 redirects d.adroll.com	112 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 983	418 B
1	media.net contextual.media.net	291 B
1	clickagy.com 1 redirects aorta.clickagy.com	425 B
1	contextweb.com 1 redirects bh.contextweb.com	403 B
1	rfihub.com 1 redirects p.rfihub.com	730 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	191 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 851	602 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 15137	69 B
1	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2946	1 KB
1	setupad.com node.setupad.com — Cisco Umbrella Rank: 40638	209 B
1	yahoo.com ads.yahoo.com — Cisco Umbrella Rank: 2295	194 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 592
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 370	707 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1509	17 KB
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1497	552 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1232	274 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	29 KB
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 42970	138 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	645 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1726	710 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 423	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	7 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2236	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	5 KB
1	openweathermap.org openweathermap.org — Cisco Umbrella Rank: 9392	3 KB
243	69

	Domain	Requested by
61	2day.kh.ua	2 redirects 2day.kh.ua static.cloudflareinsights.com
15	ce.lijit.com	ap.lijit.com us-u.openx.net
11	pagead2.googlesyndication.com	2day.kh.ua pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 2day.kh.ua securepubads.g.doubleclick.net
8	x.bidswitch.net	7 redirects ssum-sec.casalemedia.com
8	cm.g.doubleclick.net	4 redirects eus.rubiconproject.com ap.lijit.com us-u.openx.net ssum-sec.casalemedia.com
8	ap.lijit.com	4 redirects stpd.cloud ap.lijit.com
6	ads.betweendigital.com	stpd.cloud ads.betweendigital.com
6	ib.adnxs.com	3 redirects stpd.cloud acdn.adnxs.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	s.amazon-adsystem.com	3 redirects eus.rubiconproject.com ssum-sec.casalemedia.com
4	us-u.openx.net	1 redirects ap.lijit.com us-u.openx.net
4	sync.mathtag.com	4 redirects
4	ads.pubmatic.com	stpd.cloud ap.lijit.com
4	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com ap.lijit.com
4	match.adsrvr.org	eus.rubiconproject.com ap.lijit.com us-u.openx.net ssum-sec.casalemedia.com
4	pixel.rubiconproject.com	2 redirects 2day.kh.ua eus.rubiconproject.com
4	prebid-stag.setupad.net	stpd.cloud 2day.kh.ua
4	www.google.com	1 redirects tpc.googlesyndication.com 2day.kh.ua
4	eus.rubiconproject.com	2day.kh.ua eus.rubiconproject.com stpd.cloud cache.betweendigital.com
4	c.amazon-adsystem.com	2day.kh.ua c.amazon-adsystem.com
4	gum.criteo.com	2 redirects static.criteo.net
4	www.facebook.com	connect.facebook.net
4	connect.facebook.net	2day.kh.ua connect.facebook.net
4	s7.addthis.com	2day.kh.ua s7.addthis.com
3	sync.bumlam.com	3 redirects
3	rtb.mfadsrvr.com	3 redirects
3	px.owneriq.net	2 redirects ap.lijit.com
3	token.rubiconproject.com	3 redirects
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 2day.kh.ua
3	mug.criteo.com	2day.kh.ua
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com 2day.kh.ua
2	an.yandex.ru	1 redirects
2	x01.aidata.io	2 redirects
2	gu.dyntrk.com	2 redirects
2	c1.adform.net	2 redirects
2	eu-u.openx.net	us-u.openx.net
2	sync.1rx.io	2 redirects
2	creativecdn.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	pixel.quantserve.com	2 redirects
2	px.adhigh.net	2 redirects
2	ads.avct.cloud	2 redirects
2	static.criteo.net	stpd.cloud static.criteo.net
2	ssum.casalemedia.com	2 redirects
2	pixel-eu.rubiconproject.com	eus.rubiconproject.com ap.lijit.com
2	onetag-sys.com	stpd.cloud
2	adx.adform.net	stpd.cloud
2	script.4dex.io	stpd.cloud script.4dex.io
2	web.facebook.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.google-analytics.com	2day.kh.ua www.google-analytics.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	d.adroll.com	1 redirects
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	d.turn.com	1 redirects
1	contextual.media.net	ap.lijit.com
1	aorta.clickagy.com	1 redirects
1	pixel-us-east.rubiconproject.com	ap.lijit.com
1	secure.adnxs.com	1 redirects
1	data.adsrvr.org	ap.lijit.com
1	bh.contextweb.com	1 redirects
1	p.rfihub.com	1 redirects
1	pixel-sync.sitescout.com	ap.lijit.com
1	um.simpli.fi	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	sync.dmp.otm-r.com	ads.betweendigital.com
1	biddr.brealtime.com	stpd.cloud
1	js-sec.indexww.com	stpd.cloud
1	acdn.adnxs.com	stpd.cloud
1	u.openx.net	stpd.cloud
1	cs.emxdgt.com	stpd.cloud
1	image6.pubmatic.com	ads.pubmatic.com
1	node.setupad.com	2day.kh.ua
1	rtb.openx.net	2day.kh.ua
1	cm.adform.net	2day.kh.ua
1	ads.yahoo.com	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	ccf698bc7e46a7066d9abb1413fc8cce.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	2day.kh.ua
1	secure.cdn.fastclick.net	2day.kh.ua
1	mp.4dex.io	stpd.cloud
1	htlb.casalemedia.com	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	prg.smartadserver.com	stpd.cloud
1	setupad-d.openx.net	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	fastlane.rubiconproject.com	stpd.cloud
1	hbopenbid.pubmatic.com	stpd.cloud
1	prebid.a-mo.net	stpd.cloud
1	hb.emxdgt.com	stpd.cloud
1	secure-assets.rubiconproject.com	1 redirects
1	www.googletagservices.com	2day.kh.ua
1	id5-sync.com	stpd.cloud
1	stpd.cloud	2day.kh.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	pubads.g.doubleclick.net	2day.kh.ua
1	cdnjs.cloudflare.com	2day.kh.ua
1	stackpath.bootstrapcdn.com	2day.kh.ua
1	static.cloudflareinsights.com	2day.kh.ua
1	openweathermap.org	2day.kh.ua
243	108

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
t.me
anyforsoft.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.openweathermap.org Sectigo RSA Domain Validation Secure Server CA	`2022-06-06` - `2023-07-07`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.stpd.cloud E1	`2022-07-02` - `2022-09-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.emxdgt.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
node.setupad.com R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://2day.kh.ua/ua
Frame ID: 05ED059042C973691B28D3FD7ED146BC
Requests: 80 HTTP requests in this frame

Frame: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661241600
Frame ID: A3DFC057BB1355767124A220720FE16C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/zrt_lookup.html
Frame ID: 394ABA124CA84BB96B2968E86A75E0C4
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 34293DBE431AF8EC1DFAF46E3F9542E6
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3B6E48F9EA92028E0475AEE1E4D7DAA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3699765833214304&output=html&adk=1812271804&adf=3025194257&lmt=1661242593&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F2day.kh.ua%2Fua&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661242592701&bpp=2&bdt=570&idt=360&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7474923011922&frm=20&pv=2&ga_vid=236711182.1661242593&ga_sid=1661242593&ga_hid=488693582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487&oid=2&pvsid=2584115464171774&tmod=896275500&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=377
Frame ID: 327ABF4E7E4394E1F59CECE8C768D2AD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv5.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D919774958438288%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a37bc0e13f7b%2526domain%253D2day.kh.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F2day.kh.ua%25252Ff163cd090c347f4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2day.kh.ua%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width&_rdc=1&_rdr
Frame ID: F413B783821CCDBB48514CBC6C01BEA2
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: ED02C709F82932E53051E4AD271C8E5B
Requests: 45 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 17CC3BE9E4AAD6AC5465C435CF79BCB3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: C8E84F42422FEBCEBD5F3491D6C54466
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C12FBAD040C934733C38A4C5A66ED49F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A3AE74B16B1D20B6FCD84D59667F68B
Requests: 2 HTTP requests in this frame

Frame: https://ccf698bc7e46a7066d9abb1413fc8cce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2D6F1F87EA12ABD667639CF2E6CDD189
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042208121708000/amp4ads-v0.mjs
Frame ID: 6598B079685BDA9ED61F8BD382372410
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 21E23159A32E406B7DE4B143BD0AC108
Requests: 2 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 61B06110C8B2BB9E433DA3FD158318FB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8315F65DFAC3532D57D6DC761C4F7229
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BEAF91326FF1BE63D6AAC18F65FBD7E3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2day.kh.ua
Frame ID: D2BAD267F8DC9F8A2A79BC8624986B8C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 0ECC6C4BE6DA0DA983A2E3A4B60B5995
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 199A37D559070A5B44578D41157E5CEC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4DEE4783266B6D8E072C458C31518BAF
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: AC4984D44093E002C9802C867E3E8432
Requests: 5 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Frame ID: B63610279334F4FFDFC5FCF861801535
Requests: 24 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FBCA713AA2F831478AA5F68DDF7373F0
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661242593847
Frame ID: 87F860D0C9A8A62AB60B167229BF97B4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ACC25D2D28890278F2BE08CA549FFAD1
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: AAB11C0FAC1BC6BD612EAF645766EC1E
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4623186f-6c80-52eb-8978-3d09ea7cb1e8&CACHEBUSTER=648502
Frame ID: 6EFF532F60A907C142F1335656DBA4CF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: F8E40E6160C5CE6AEC784848D2AE14B9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=8831316738167446054&gdpr=0&gdpr_consent=
Frame ID: 61D6BB06BCEE20B7C4A2570BCB22D3FB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: D57A8EF934292E4168D94704ECCDDEC3
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 8EA67BEEBA9F530E30652C647335AFC6
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3723DC0C0349FD375DC241361144DC9E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: CE62032E11B1080BB62D77143D4AC3ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Харкова. Останні новини України та Харкова. Kharkiv Today.

Page URL History Show full URLs

http://2day.kh.ua/ HTTP 301
https://2day.kh.ua/ HTTP 301
https://2day.kh.ua/ua Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

243
Requests

82 %
HTTPS

32 %
IPv6

69
Domains

108
Subdomains

75
IPs

10
Countries

5079 kB
Transfer

8346 kB
Size

61
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/2day.kh.ua/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/todaykharkiv/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCxpIWxjeBVj7CFFZeK-222w?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAExWLqEKAYHaiFohPA

Search URL Search Domain Scan URL

URL: https://anyforsoft.com/
Title: AnyforSoft

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2day.kh.ua/ HTTP 301
https://2day.kh.ua/ HTTP 301
https://2day.kh.ua/ua Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://web.facebook.com/v5.0/plugins/page.php?adapt_container_width=true&app_id=919774958438288&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a37bc0e13f7b%26domain%3D2day.kh.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F2day.kh.ua%252Ff163cd090c347f4%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F2day.kh.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=true&tabs=&width= HTTP 302
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv5.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D919774958438288%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a37bc0e13f7b%2526domain%253D2day.kh.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F2day.kh.ua%25252Ff163cd090c347f4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2day.kh.ua%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv5.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D919774958438288%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a37bc0e13f7b%2526domain%253D2day.kh.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F2day.kh.ua%25252Ff163cd090c347f4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2day.kh.ua%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width&_rdc=1&_rdr

Request Chain 94

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2day.kh.ua%2F&domain=2day.kh.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=obMQ13xRc1BhdUd1UWpjRTU0WlZkbktPb0ozMUkyeGg0dnpNQ09FTWR5MWFJa1p3Q1NaVUY4SGJVeXBmWlkwWW8ycFRPNjdNa2k0UUpDaVd5RXNRR3Z0WDc0WDBTTGlRODA1SFF2UVUxVnRUREJITzJ4dGcvV0p1S2ZITExXdjlJT1U4REJ2S3d6WXN4YURWRko3U0ZXeWxUckU0eHpTUms2ZEpIVHloaTVOdVFpOUd2Q00xRzMvOW9rdlRQT3ZwSUxqYlJlSVBKdE9QSTg0empyaXgyYjZaYTFNZENyUnNoZVo0dHZTTU16ang1L2dzPXw&cppv=2

Request Chain 97

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 136

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L75WY53W-K-DBXP

Request Chain 138

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bBrlywx7SdO8tdGuX0WmMQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bBrlywx7SdO8tdGuX0WmMQ

Request Chain 139

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fYcL_hK6Qp6_l775Gq6eBg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fYcL_hK6Qp6_l775Gq6eBg

Request Chain 140

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM4YTk5MTY0YTM1MGI0NzYwZTljYjdiZDZiNmI0ZDlkMzExZDczMQ

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAkhxhihztYgpxTlIpgqof4&google_cver=1

Request Chain 143

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L75WY53W-K-DBXP&sigv=1&esig=2~0111fbafd5cb8606d560649aa856a52d404d2bd4

Request Chain 145

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6471678025609959766

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 174

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D&s=184932&C=1 HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwSM5PIgxXMAEZZ5oA0.aQAA%264528

Request Chain 178

https://gum.criteo.com/sid/json?origin=publishertag&domain=2day.kh.ua&sn=ChromeSyncframe&so=3&topUrl=2day.kh.ua&bundle=98-D019zcEJXeGNpMU0wazRUOXoybnIlMkJlVnpNSzZxRjkxUFZmUjNWeXRxRHhpQTRYUCUyRjhpTGt4azklMkI2TUREaHRRYmJhQk9QSHl2a3VXSTZ1d1gwYVRkMjVEbWJFaEFnR2VFZXVwVTQlMkJTUnhrMnR3akswNU83VlJRYjZ4ZE4lMkJuMjVROUc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=fw9cfnxza3FGOVlOVHVyamE5dlRVS3Z1eFlObTV3NGRwQVpIdmZBVEMyQVFpL0JNK2Vyc242TVcraFg5UUxaNmdJdlZZK1Z3aktkSmR6NUpkT2c5WmN0aGE2ajNmcjBROTN5b3VPZlFkVm83WU9TOEtHWm9Ld0o0c0lHOGY3cHZSSzBPMkI3d1BRSDd0L3RVRDVNc3lOUGFNMk1ZdWtaMndDNmJNeUlRRjQ3U2FyazFhTUlLS3RZemJQbjQ4eEFCdjJOMUdGM3hpVnRBVmd3ZzZmaDI4b24vcXViM3oyc2tGVkZUSHh4d3lXU1JmNXliZ2ZCUWRjakl4WU9HdUR2Q0s0bzE5Smpxd2RoTU90WGpuODZGemk1NjRWUT09fA&cppv=2

Request Chain 183

https://ap.lijit.com/beacon?informer=13401985 HTTP 302
https://ap.lijit.com/beacon?informer=13401985&dnr=1

Request Chain 189

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=428c2f8c-1c8a-4eb3-b566-883e5bd6a3b1&ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057

Request Chain 190

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uPaco0ND3zDo.AikABlGCycZgDg

Request Chain 192

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=FMWQvNZHfejfDhvqSvS47PzE

Request Chain 194

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=TaGmqUPx86hWp6T4SqC7-B3wr61W8PeqGaNqjA5t

Request Chain 195

https://um.simpli.fi/lj_match?r=1661242597177&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4D1F5C1F5B5F410ABA7A73BF2EB0344C

Request Chain 197

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=5141210821457485543

Request Chain 198

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=RD9IJKVSAucK&ev=1&pid=558511&gdpr_consent=&gdpr=0

Request Chain 200

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FMWQvNZHfejfDhvqSvS47PzE/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=FMWQvNZHfejfDhvqSvS47PzE/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=

Request Chain 202

https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7145289971331374289&ref=%2Feucm%2Fp%2Fsv HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 203

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=8f0df7b0-9e2a-4d82-8812-f20c076ad9a4

Request Chain 204

https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=92&3pid=6471678025609959766&gdpr=0&gdpr_consent=

Request Chain 205

https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=12&3pid=6471678025609959766&gdpr=0&gdpr_consent=

Request Chain 206

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ce.lijit.com/merge?pid=85&3pid=AACu3U7GCRoAAA9_344I-Q&gdpr=0

Request Chain 208

https://aorta.clickagy.com/pixel.gif?ch=185&cm=FMWQvNZHfejfDhvqSvS47PzE&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:72ec09f7da0c022b93e8266636b0312a

Request Chain 210

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8f0df7b0-9e2a-4d82-8812-f20c076ad9a4&ssp=fmx HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=4bf65ce9-5917-46cb-ae63-6d454aef4057&gdpr=&gdpr_consent=

Request Chain 211

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=Z3EgoN5I9JJ3aqE9hsRo&pi=sovrn&gdpr=0&gdpr_consent=&tc=1

Request Chain 212

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FMWQvNZHfejfDhvqSvS47PzE&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=989b6304-8ce5-4e00-8d53-49864b58beb0&gdpr=0&gdpr_consent=

Request Chain 214

https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1661242597859 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1877322453

Request Chain 215

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Rk1XUXZOWkhmZWpmRGh2cVN2UzQ3UHpF&gdpr=0

Request Chain 216

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=Rk1XUXZOWkhmZWpmRGh2cVN2UzQ3UHpF&gdpr=0 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=0

Request Chain 218

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=8831316738167446054&gdpr=0&gdpr_consent=

Request Chain 220

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=

Request Chain 224

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=989b6304-8ce5-4e00-8d53-49864b58beb0

Request Chain 225

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=XUOG1FMT09VGRYHXX0abhgpHg9BGQ47UXkNHLUCB

Request Chain 226

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1561807666265651053

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDBLeAHSjOFva6GhjJP2qLQ&google_cver=1

Request Chain 230

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D4bf65ce9-5917-46cb-ae63-6d454aef4057&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=989b6304-8ce5-4e00-8d53-49864b58beb0&expires=30&ssp=between&bsw_param=4bf65ce9-5917-46cb-ae63-6d454aef4057&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057

Request Chain 232

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwSM5PIgxXMAEZZ5oA0-aQAAEbAAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwSM5PIgxXMAEZZ5oA0-aQAAEbAAAAAB&dcc=t

Request Chain 233

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwSM5PIgxXMAEZZ5oA0.aQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKgVwJIWWFtz0JUNyUcjaU&google_cver=1&gdpr=1&google_hm=2

Request Chain 235

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 236

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=989b6304-8ce5-4e00-8d53-49864b58beb0&gdpr=1&gdpr_consent=

Request Chain 238

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 240

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjlmZKYBqIBEOjX9IwiuxHtoEQAJZDIJDc* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=e8d7f48c-22bb-11ed-a044-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=e8d7f48c-22bb-11ed-a044-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=Zv13%2F3dFl6cxosG5czh0dw& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/e8d7f48c-22bb-11ed-a044-002590c82437 HTTP 302
https://an.yandex.ru/mapuid/adsniperis/e8d7f48c-22bb-11ed-a044-002590c82437?redir-setuniq=1

Request Chain 242

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

243 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ua Show response
2day.kh.ua/
Redirect Chain

http://2day.kh.ua/
https://2day.kh.ua/
https://2day.kh.ua/ua

70 KB
17 KB

129ms
129ms

Document
text/html

2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.10

Resource Hash

dff7806dd8d4c32df56e5a64b30abee9c7f5006fa3c24fd13f8c9fcc15da6262

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: must-revalidate, no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73f26818280bba8b-MXP
content-encoding: br
content-language: uk
content-type: text/html; charset=UTF-8
date: Tue, 23 Aug 2022 08:16:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: -1
link: <https://2day.kh.ua/ua>; rel="canonical", <https://2day.kh.ua/ua>; rel="shortlink"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9O4s1V3Aw%2F1Pw62Jr89dTauoKwXo4SYhNoId2dHg6LnJjHYLtD38oKKkJCrvJ0By5KwgsdFF7SA4E9P75zwqcYRZnQUg%2BUjRGwK6ZoYMEKUBGbW3ZsyXsGuBUZPyy82zjkFsroq40H9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-drupal-cache: HIT
x-drupal-dynamic-cache: UNCACHEABLE
x-generator: Drupal 8 (https://www.drupal.org)
x-powered-by: PHP/7.3.10
x-ua-compatible: IE=edge

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: must-revalidate, no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73f268172e64ba8b-MXP
content-language: uk
content-type: text/html; charset=UTF-8
date: Tue, 23 Aug 2022 08:16:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: -1
location: https://2day.kh.ua/ua
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejilsED4TflRKtHunGUByxqdZQXfkEof7hECPXVo7Ltsis4o55nttSci8iE%2F9X2fA6o4FI87YiDocUNs27JureGiBqpZHbEb%2FM9K1%2BT9JhwtKRbj%2BM3o8PN24lTzLXVFLM5YPfMR4mSA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-drupal-cache: HIT
x-drupal-route-normalizer: 1
x-generator: Drupal 8 (https://www.drupal.org)
x-powered-by: PHP/7.3.10
x-ua-compatible: IE=edge

GET
H3 200 SegoeUI.woff2
2day.kh.ua/themes/custom/kharkiv2day/fonts/Segoe/ 173 KB
174 KB 446ms
445ms Font
text/plain 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/themes/custom/kharkiv2day/fonts/Segoe/SegoeUI.woff2

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9019c5eb032790984a7ad92b232a629e194b0cd89083f58ef9c7d65ac4d3012d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2day.kh.ua/ua
Origin: https://2day.kh.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 177520
last-modified: Fri, 13 Aug 2021 19:41:07 GMT
server: cloudflare
etag: "2b570-5c976086687e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWzB1rEAGgUbh6JthrpfugP6M14bQGeWQdU8Cr5wra9TdFrLigtZN3mqwc6FTM7TQ0MIBjhhkU8s%2BQJhvcxHbkAoR%2BGLoS8kzaEB3RBiyyWXbIb%2B5p8ALFybjhINYEBJVxN%2Fi421J5Zo"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 73f268191de5baee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H3 200 SegoeUI-Italic.woff2
2day.kh.ua/themes/custom/kharkiv2day/fonts/Segoe/ 130 KB
131 KB 256ms
255ms Font
text/plain 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/themes/custom/kharkiv2day/fonts/Segoe/SegoeUI-Italic.woff2

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2fe4600224f1d65406e8feb13f8c529a7bcc68630acab579c7121515e21dcc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2day.kh.ua/ua
Origin: https://2day.kh.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133352
last-modified: Fri, 13 Aug 2021 19:41:07 GMT
server: cloudflare
etag: "208e8-5c976086631f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BdVx6AzOHptU%2BI1T0M8mlmeBV4%2FkfO94eRseD7gSM%2FMK7hGXZ%2BfP1hNRT8FdQMOh0If31QyeLgwc986UM88oN5%2FQY4JGncttaOtPCaZQ3ya4w5vNqtLcoHVjJcs9xsuIN47eWmMkk2T"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 73f268191de8baee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H3 200 SegoeUI-SemiBold.woff2
2day.kh.ua/themes/custom/kharkiv2day/fonts/Segoe/ 137 KB
138 KB 69ms
68ms Font
text/plain 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/themes/custom/kharkiv2day/fonts/Segoe/SegoeUI-SemiBold.woff2

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6400a1f37c0d60543c6f9b9c233cd047d7945fa48793dfeca82fa38b5a5be79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2day.kh.ua/ua
Origin: https://2day.kh.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140600
last-modified: Fri, 13 Aug 2021 19:41:07 GMT
server: cloudflare
etag: "22538-5c97608665519"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFaNoiBF243UPu55Yg2CajgGK4hBz5K4cAFGdHJUMnA%2BCToinJy1D6ab2QN2Nr26gCheUxwont63SaSxd3L5CctxIu4Pgkxh1TsnsRv6Y5wd%2FEbE3h6ibLGcvhDM3IoSMO1dbqX4bPFM"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 73f268191deabaee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H3 200 fontello.woff2
2day.kh.ua/themes/custom/kharkiv2day/fonts/ 5 KB
5 KB 192ms
191ms Font
text/plain 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/themes/custom/kharkiv2day/fonts/fontello.woff2

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a77364a83ea421d142f14da8c45e3e1d5c30ffb37fcec69027e8b338d36c553e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2day.kh.ua/ua
Origin: https://2day.kh.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4652
last-modified: Fri, 13 Aug 2021 19:41:07 GMT
server: cloudflare
etag: "122c-5c97608668bc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfbAQvhg%2B0%2FOIy%2BstVQSBpjdcBlZxs1HxMvDzea9LrE%2BX15plfWtZmCwdmmuijhFdmJdS5ZDnM72t02LcOOT9zR2ABs4Eb3UksCQ0v5NHIyVurfoRzLDiqgB4aZEKh4vffIsesLs9s4x"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 73f268191debbaee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H3 200 icons.woff2
2day.kh.ua/themes/custom/kharkiv2day/fonts/ 2 KB
3 KB 131ms
128ms Font
text/plain 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/themes/custom/kharkiv2day/fonts/icons.woff2

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f3a49a09c3b05153e7354e240268d4ad9a716a264151dfa49d776853d9ec40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2day.kh.ua/ua
Origin: https://2day.kh.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2444
last-modified: Fri, 13 Aug 2021 19:41:07 GMT
server: cloudflare
etag: "98c-5c97608668bc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGcFad2yeMps4SjR9TsxKWVaQJNAI8XAWgBoze1xjEIqA1PEQNFhUF%2FP3YJZN0TQavqKTZfuQTnJufLBZItjB4KmlG7UN6NJwMIjC%2BhONSf9oD48OSXQ8gkv3AlnnVtwO1WyTkrehjMp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 73f268191dedbaee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H3 200 css_sLlFiW5vN_fp9ChPj9_ILKEsbYuRQS62Q-dEp460LGo.css
2day.kh.ua/sites/default/files/css/ 10 KB
3 KB 131ms
128ms Stylesheet
text/css 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/sites/default/files/css/css_sLlFiW5vN_fp9ChPj9_ILKEsbYuRQS62Q-dEp460LGo.css

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b19c8ed6d45d2a43a19ef5c6538df40928648bcb372bfd0c303feead377c53da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419490
cf-polished: origSize=10157
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 09:07:53 GMT
server: cloudflare
etag: W/"ab6-5e66c332f7fd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPqDUX%2Bo5r%2Fz1CVyjlFbeWGGxkAbNV03gSxg%2FrYBkfkwaU1u45RUq8h3NnV2nlaZzSuDQdXA1XICX%2FdWa5HwCMi2%2FfypJvQU%2B9Fe9AlpNpOkbvGjboudyLegO%2FYbeLC%2FA0xrth2yx%2BuN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 73f268191deebaee-MXP
expires: Thu, 01 Sep 2022 11:45:02 GMT

GET
H3 200 css_XGhZmGaxWvsCfxha5_uqHwwKCJIgdpiKKU5pnKDozac.css
2day.kh.ua/sites/default/files/css/ 147 KB
25 KB 132ms
129ms Stylesheet
text/css 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/sites/default/files/css/css_XGhZmGaxWvsCfxha5_uqHwwKCJIgdpiKKU5pnKDozac.css

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928f998af3de3c869422dab59ef6db225240bdba9cf7f51f89c6960857a93415

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 427853
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 06:06:17 GMT
server: cloudflare
etag: W/"5b1a-5e4af1941e2c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnbimzXeZv0su1Dpg622%2BDcPGInrWDN%2BV%2B5x%2Bh3qoMpnrH9GOSUgR%2BtcdYyAKLi45oZEMrgyGyzwTKf091tt%2B0AIvQpV0XT6zBz28XMaHUHgK9KVIVdG3m4NaxqrWxYrtNhNaOu1fahD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 73f268191defbaee-MXP
expires: Thu, 01 Sep 2022 09:25:39 GMT

GET
H3 200 logo_m.png
2day.kh.ua/sites/default/files/ 3 KB
4 KB 128ms
125ms Image
image/png 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/logo_m.png

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

145de3a9a334c26c3cdeffcbcd5de713fb7f6eac88bb8ccba7a20f9a69341dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1074795
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Jan 2021 19:14:19 GMT
server: cloudflare
etag: W/"c7e-5b8f52dd62a1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaOPJ1uDDODVwu%2FWXvgGnNGPxJP7yjtBnGum9tso6PXVrWXAWClXDvEfmg57kINF7Gk%2BCyxv56ZQwjxyVHMkRsNDQDvm5OYpbCF%2B8HZJuMPqLJKRbopEy1yi78bqO1Win%2BfljMTBcUcq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
cf-ray: 73f268191df0baee-MXP
expires: Wed, 24 Aug 2022 21:43:17 GMT

GET
H/1.1 200
OK 01d.png
openweathermap.org/img/w/ 3 KB
3 KB 184ms
43ms Image
image/png 138.201.197.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openweathermap.org/img/w/01d.png
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.197.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.197.201.138.clients.your-server.de
Software: openresty/1.9.7.1 /
Resource Hash: 0ceefca755cfe064ca5b7ddc6ec797fd02a770812cb77bbbd0ce52146786f006

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 08:16:32 GMT
Last-Modified: Thu, 22 Sep 2016 11:59:54 GMT
Server: openresty/1.9.7.1
ETag: "57e3c7ba-b2b"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, content-type, accept
Content-Length: 2859
Expires: Tue, 30 Aug 2022 08:16:32 GMT

GET
H3 200 img_5751-1.jpg
2day.kh.ua/sites/default/files/styles/glavnoe/public/2021-03/ 51 KB
51 KB 449ms
447ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnoe/public/2021-03/img_5751-1.jpg?h=707772c7&itok=zcLNJjnQ

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa06bfa5e5872068d63f93506fcc225c83b73c0a850735e8979a5ec99734535

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60756
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 14:27:21 GMT
server: cloudflare
etag: W/"caab-5e1049eaf254f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rC8QeHJvmJSSYrqe7RHa%2B75thKNX8VSJQgIutpe277Rtxx5ePRLjVG2F9H%2BLTc6uDvrjBklUp%2FOIc1GFZ9VhgGxilFzcrZ2YHCfvyyS%2FMnL66N%2FOzhhvQG6Q47ZXs2VODq63D92FJ%2F%2B6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f268191df1baee-MXP
expires: Mon, 05 Sep 2022 15:23:56 GMT

GET
H3 200 u1.jpg
2day.kh.ua/sites/default/files/styles/glavnoe/public/2022-08/ 59 KB
59 KB 317ms
315ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnoe/public/2022-08/u1.jpg?h=29234840&itok=tRcmlcu8

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95f156c307b5f1db0c8aa96767bc4d8ae94bd50e8f79a7bbe3cd4bc5be0a2ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336913
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 19 Aug 2022 10:31:00 GMT
server: cloudflare
etag: W/"eb6c-5e695981dfedf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxJThYKs%2FrMM1SnPJmgrhxqDUuyMPUNb9%2BZhVfms620VOeV4xHE4SXjW24CWWdmBF9De5WPEBgKhV8%2BSB60J9VcuPjROvbdD4Wc03i258K5p%2BRfWimaqTm5MMF05dm6br54rPALg0icF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f268191df3baee-MXP
expires: Fri, 02 Sep 2022 10:41:19 GMT

GET
H3 200 o1_3.jpg
2day.kh.ua/sites/default/files/styles/glavnoe/public/2022-08/ 68 KB
69 KB 192ms
189ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnoe/public/2022-08/o1_3.jpg?h=29234840&itok=KeSDBQqf

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb26a989f3ca60f737c65c284b4af2db5574d313622beb510ac85c7cbdc31b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348333
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 19 Aug 2022 07:00:17 GMT
server: cloudflare
etag: W/"11014-5e692a68aae9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfmWznaEEqbqF0P4swKGHMiHhTIOCi8T7Ts229%2FEfAF11Rz9lwFlPp53R6QJfAAq8tlOGJQleoxenY2X5RbGgdMPwo1TTiZPPDztr24cxnnrZ2OvhyUEJQwfU1IHN8x2SfobkOvfzHEG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f268191df4baee-MXP
expires: Fri, 02 Sep 2022 07:30:59 GMT

GET
H3 200 300149740_438768878292611_3256590316919767120_n.jpg
2day.kh.ua/sites/default/files/styles/glavnoe/public/2022-08/ 84 KB
85 KB 377ms
375ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnoe/public/2022-08/300149740_438768878292611_3256590316919767120_n.jpg?h=a1e1a043&itok=rFbxn2Aa

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1873888f36f806b549c946f11c034665818ca30636e0496e4efc4f4b8fbf93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 403451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Aug 2022 14:58:23 GMT
server: cloudflare
etag: W/"15180-5e6853684880f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BMUWPd4cl1dvmZFKtp%2B%2B7VgpNUKG4NVVP6nWi9I84TuaEBBRuJumHA8lzL1XsgFcYZG%2BJWNp7bBVJf5%2BevhIbTgkXouxJ2l9%2B3%2BpQC00aWjKHlgoD%2FYIStZEwZZeEkSB70BzLHKgSQ1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f268191df5baee-MXP
expires: Thu, 01 Sep 2022 16:12:21 GMT

GET
H3 200 logo_header.png
2day.kh.ua/sites/default/files/ 9 KB
10 KB 393ms
390ms Image
image/png 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/logo_header.png

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42f10fdcae83086f84dfbbdcba6ce95ca6304c1989302b6c569f61fc96f60d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Aug 2019 08:08:28 GMT
server: cloudflare
etag: W/"2477-58fe7076ce08e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEUab6cW0ODoceYBhvl%2BaFpzUD%2F68M6y5RJPJzzsPkjUGb7EruNn2vZuZT8jEixP8usbU%2FyB2ZPdISOV1yGO%2B2fnsQQxoYs%2B5gzRzTZxFPjZT5QIAlNckmQI2QHkX82RItZD9g41i59S"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
cf-ray: 73f268191df6baee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H3 200 rocket-loader.min.js Show response
2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 66ms
63ms Script
application/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Aug 2022 13:18:18 GMT
server: cloudflare
etag: W/"62fcea9a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbTpaiBVklm8o6TvLj8%2Fgt0rylgK5p9DH63Y4mOJgrAt3njvUH3Bo56qmBmL2uoylh8JAZNi1wd4fG4SDA7zWFCRoAWkXk9mOhHy4%2FyhzRslxZ%2BeFoncyiAHdS7NNMsnea7%2BjbEsEzXf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f268191df7baee-MXP
vary: Accept-Encoding
expires: Thu, 25 Aug 2022 08:16:32 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 186ms
83ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://2day.kh.ua/ua
Origin: https://2day.kh.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 73f26819c9690225-ZRH

GET
H3 200 css_kGdid2AhF_KdvBJ6HR8ggI9ib9rspYawgbPKgo6Jglo.css
2day.kh.ua/sites/default/files/css/ 485 B
848 B 393ms
391ms Stylesheet
text/css 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/sites/default/files/css/css_kGdid2AhF_KdvBJ6HR8ggI9ib9rspYawgbPKgo6Jglo.css

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc215fe06a9957f87164e3b5ac2b18e3864d89f2f482df2561aea584e2d94c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
cf-polished: origSize=487
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 06:06:17 GMT
server: cloudflare
etag: W/"10e-5e4af1941ea90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vh86PO9%2FZDI%2FwBDZOqNfz%2FDEoR4i8ZvGf8eYT7oayMvPNCq9%2F%2FtOQbnDrW6EkCa1gyparyvF0ztMq%2BsUZRwHOiJbP50QbpNrxCd7whFEdzdv6QniRxDhRPEkhOJ%2FwyaZCT6Sg3Uo6Cc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 73f268191df8baee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H3 200 bg_favourite-city.jpg
2day.kh.ua/themes/custom/kharkiv2day/images/ 249 KB
249 KB 189ms
189ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/themes/custom/kharkiv2day/images/bg_favourite-city.jpg

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/sites/default/files/css/css_XGhZmGaxWvsCfxha5_uqHwwKCJIgdpiKKU5pnKDozac.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5549c6fbea0af29c85538a511d02108dee2373899a22cdc5583d427bb6b386e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/sites/default/files/css/css_XGhZmGaxWvsCfxha5_uqHwwKCJIgdpiKKU5pnKDozac.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1041992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 13 Aug 2021 19:41:07 GMT
server: cloudflare
etag: W/"3e315-5c97608669781"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLF1bVeyGeZ41x2JJgD%2B%2BSwE6sMOl5DxVFOfTwd2uoEfEyj4kMTHQL0CNvZkrB%2FI45hSBodpN6nKHy2bODdChw%2FTHhDQSvaueFtWL6JGm%2BguShvPDYfudSZdr9CKzXS28PUGkl%2Fx6EcL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681a6819baee-MXP
expires: Thu, 25 Aug 2022 06:50:00 GMT

GET
H3 200 dsns3.jpg
2day.kh.ua/sites/default/files/styles/possible_attack/public/2022-08/ 5 KB
6 KB 268ms
267ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/possible_attack/public/2022-08/dsns3.jpg?h=1c9b88c9&itok=Pf7mlcnr

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb70cdda0beed41885daa09bfc2df6138fbda339244c8595656bb3cef18c6a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 06:30:19 GMT
server: cloudflare
etag: W/"1448-5e6e2b2c2a0e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIP4xcaQ519Yo2Qo3B3s5n0puTU6oXOnoGobu%2F9LltuHPLq5UO6KAQump5EvWTAm9o9%2FXsPvpb6oDrsmbjl5%2FXLaovO788aXRtA5MO7VE9j4yXT%2Fc5vVULFcaLO2RbelRqmZWTdPAwdf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681a985ebaee-MXP
expires: Tue, 06 Sep 2022 06:32:32 GMT

GET
H3 200 photo_2022-06-03_16-07-39.jpg
2day.kh.ua/sites/default/files/2022-06/ 89 KB
89 KB 269ms
263ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/2022-06/photo_2022-06-03_16-07-39.jpg

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ff304c1b05f32d1055bde9ed903c44d3270f380df61f05ee5500a74efce525a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62630
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Jun 2022 13:10:13 GMT
server: cloudflare
etag: W/"162ff-5e08ad7c4cee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzLJ40KuWYQErlSrbNNT%2F87cZgTHCRxISHqDsPwUpqmHUVlvzxIfvumO91s0JmGF480BQw4YWhLC4urRTi6ZCmHl2I8iLY9M4L61N%2FMeyoYw%2BDWKepqzPEFFJYx3Fl2wACogV%2Fl%2BTnfQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa866baee-MXP
expires: Mon, 05 Sep 2022 14:52:42 GMT

GET
H3 200 52096415471_d036792888_c.jpg
2day.kh.ua/sites/default/files/styles/glavnoe_wm/public/2022-06/ 44 KB
45 KB 270ms
264ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnoe_wm/public/2022-06/52096415471_d036792888_c.jpg?itok=Ujduh2Ig

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ff3f6b890d7d0a4ccb40505d2c0275fa17510d9dcc0afc1b053ec792cf20a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62729
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Jun 2022 14:23:39 GMT
server: cloudflare
etag: W/"b0c2-5e169269fbb77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcEJI3kANldscAjn64RDYEvhcAS5Szl4QIYV%2Fcxd43oujt8UaX7U2gTT9cQ81mefHoNlUw1VMBAHcq7UTaqJQD0MSpFs6awj15N5lzsnBV%2F8N8HUfXDLI1PGj2R%2B2vFIqvpGLJEN7YOM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa868baee-MXP
expires: Mon, 05 Sep 2022 14:51:03 GMT

GET
H3 200 52136829229_9df1ce4022_b.jpg
2day.kh.ua/sites/default/files/styles/glavnoe_wm/public/2022-06/ 54 KB
54 KB 271ms
265ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnoe_wm/public/2022-06/52136829229_9df1ce4022_b.jpg?itok=5NMcf1QU

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcbcd7e479bfc01fa507f30d2700e92723d6e1e9aa1f4f15617e3da33cb11f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 16 Jun 2022 07:34:48 GMT
server: cloudflare
etag: W/"d686-5e18bac275622"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cARGDa7Xh9DxGPq8fzsesFQf6NClQ%2Fz2ZNk1kvA%2B%2BVBXtR0YPeZY2g9HQphz%2Fwgz6PqH59HWgc4dspzfrBSzT5ZWN1WhL170Yc6p6XU6N0cgvQMzWpFCCBks89vNwG1NrkkMScoYTRK9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa86abaee-MXP
expires: Sat, 03 Sep 2022 18:36:55 GMT

GET
H3 200 51884961048_b40a55d5eb_b.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy__wm/public/2022-02/ 15 KB
15 KB 272ms
266ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy__wm/public/2022-02/51884961048_b40a55d5eb_b.jpg?itok=QQmbgy1V

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9debf91901787f835ea44cbbe916316ee74b525efe830c0d49cead79a48c386d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 16 Feb 2022 08:53:34 GMT
server: cloudflare
etag: W/"3b08-5d81ec8e36fbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IvefTA7CP4IGXmyIk8R2Rr4w0jmYWdjr%2FFDtY654QeH7WsTJ%2BgxtR7zo133KVrH%2FFgs1nuPDS19HAbwHMLXXZpxFxwxwQf10L015I8jBpEmh7zrpi%2BrzW6oqMSmKCpLl7%2FUqwCIOp6%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa86bbaee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 755080601897505.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-04/ 28 KB
28 KB 272ms
267ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-04/755080601897505.jpg?itok=bp3h6lul

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c90985892d44cbf907f1560e7750672819fa34a791817d302e51d297d47cc81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1950
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Apr 2022 13:20:06 GMT
server: cloudflare
etag: W/"6f5c-5dd8e8d1fea57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq4GZA8pZYAtDdsTIP6I71DkGy4zGUj7zOsDoqHCMs11x2dMWxMPlSAaifLqXpgAaYOFyb2jpEFR0ZS%2BlE2QNMGTDEMvXoE2Gh2ViiNda0e4F4mrVoBzBWQt5OtpgunNz5z%2Fknp3Oijq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa86cbaee-MXP
expires: Tue, 06 Sep 2022 07:44:02 GMT

GET
H3 200 photoeditorsdk-export_4.png
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-08/ 321 KB
321 KB 273ms
267ms Image
image/png 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-08/photoeditorsdk-export_4.png?itok=dnoDfZ01

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c4ffb97f7c3abefe68aafd2238fd52592f454a2c9ccfa01e256bb95c1add8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 07:11:34 GMT
server: cloudflare
etag: W/"5034a-5e6e3463e39b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMdZfumZFAtKNBGY%2FqrPMtzBeHygMtp52HmTqny4At4KgoOM%2FnR9KFzO9ETDF6r87pAR3QYU9jlrzU1JjM2ln32bd2M5Ae6D%2FvQu9%2BJEx%2F1y6%2F7W9xrpd0aPlsbK4afNlvSzFS4hQ3W2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
cf-ray: 73f2681aa86dbaee-MXP
expires: Tue, 06 Sep 2022 07:44:03 GMT

GET
H3 200 dsns3.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_320x260/public/2022-08/ 18 KB
18 KB 328ms
323ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_320x260/public/2022-08/dsns3.jpg?itok=2ydq08SR

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

333a487db2cc80764376a27c12b997065c5fd3274840c8c111e06b82bf6f7126

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 06:29:55 GMT
server: cloudflare
etag: W/"476f-5e6e2b15610e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xreeI8bbu2vc7LyX7K8rpC9zmCcl3mviYs9S%2B8OmTn3t6kgsSooqBDtZye%2F86%2BDFwIgyskYOYuR2q0wujOw5%2Fk%2BaVZX0SlXvXGfMI4lZOsuVTGTi054CE%2Bmc99cUQ6lef2Kdo3fwO1Jc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa86ebaee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 300010299_438768921625940_3777653989651417952_n.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_320x260/public/2022-08/ 47 KB
48 KB 329ms
324ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_320x260/public/2022-08/300010299_438768921625940_3777653989651417952_n.jpg?itok=zCQDIfhL

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c734a74bc83cd6d3af221db2918395f01c6f2aa0505bbe0239c39a59c7266dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Aug 2022 13:15:47 GMT
server: cloudflare
etag: W/"bd91-5e683c79f4028"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ib1F6PZL0e%2FNW%2BEZHRr5%2F5jxmlELkK5D1Y5aqtS4fseaWy2VGbKtVov8JXthuMVJGmi3320vfECyTJUhwzs71hYsFWEzDK4z%2BJmFqfDl6yMVxBqx93bp6WC%2FsGQHSKw%2FbjB498UAgYzi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa871baee-MXP
expires: Mon, 05 Sep 2022 14:52:46 GMT

GET
H3 200 20220801104304_sk220109.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_320x260_wm/public/2022-08/ 54 KB
54 KB 329ms
325ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_320x260_wm/public/2022-08/20220801104304_sk220109.jpg?itok=bk6CVcBr

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296cca0e384d048f1f1fa8557ef318422f9ce2b4238b92f78f475a4974b06e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Aug 2022 10:53:02 GMT
server: cloudflare
etag: W/"d793-5e52bcdd00e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4ww%2BTqpVR8Rn4vVZp%2FtIUcEWNNfoCJYeE%2FTRHdm5oz3u2NGYjuewd8QchAbGT4esGVKFaajBb%2F4KzAPiaD160azNLlqrkOKUute9suciFa2O67C1IHXywtRX1UaQ7UIvvNpsHy%2BJKlM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa872baee-MXP
expires: Mon, 05 Sep 2022 18:33:12 GMT

GET
H3 200 52235875319_33c78802a4_b.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_320x260_wm/public/2022-07/ 40 KB
40 KB 331ms
326ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_320x260_wm/public/2022-07/52235875319_33c78802a4_b.jpg?itok=Yg6-7vIF

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a47fd71bae82a7a1b6998cc9d4e0ffb4a179f59725832a98f15bfe74c910d5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 23 Jul 2022 14:27:33 GMT
server: cloudflare
etag: W/"9e52-5e479c069fd43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoMJyCsk6oq%2BCZA2Gq2UCNUm4YaLfvO0HmpkzY9f1XImINtvAsvUg5rwp9nxP7EBZDh7RFg3%2BWuKMdYPvJic6Pky%2B2VPkFGxo1bdbOZGa0LQ9dGXJu%2Ft%2BxTGvZ1udy%2Fhk91J6l1Ns5yL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa873baee-MXP
expires: Mon, 05 Sep 2022 18:33:12 GMT

GET
H3 200 52226847575_02fb1f367c_c.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_320x260_wm/public/2022-07/ 37 KB
37 KB 332ms
327ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_320x260_wm/public/2022-07/52226847575_02fb1f367c_c.jpg?itok=Xi4nky3Z

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c9cb47531f9949441132c9ee7768a17e9bb25dcaad08e72298f762d3be3234c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 19 Jul 2022 13:36:10 GMT
server: cloudflare
etag: W/"92af-5e4289142817f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuFfsHf1Rrb7zz%2ByzlyeDi3L4bzx%2Bec1nW%2FEq%2BQHxedJSNquBl8Rsj9PajkMkjuevoY%2BqK7Uf7x%2B6UAyb1kv1lajsAuoZ1BDu2IQ1FV%2B0Bm9Z6iDoa97zzgmhtyDEndxBZza4nLp2gWl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa874baee-MXP
expires: Mon, 05 Sep 2022 18:33:12 GMT

GET
H3 200 vakarchuk.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_320x260/public/2022-07/ 40 KB
41 KB 332ms
328ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_320x260/public/2022-07/vakarchuk.jpg?itok=j9lhCkeS

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5de5bca71d92593252e0f13d4e73a1afbbee9bae8e3aa72182ab6d6b7caff685

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 16 Jul 2022 07:34:48 GMT
server: cloudflare
etag: W/"a0cb-5e3e72b5d7447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aa66yRmFxxpCekoJZDhqQurCoitquxPQ4sWa%2B4zWXrNAW39wI1bJitViX1TeA9pLulYZK7VtZZ3uryqqASSn6rR1n2RVUxhi%2FTecgIaYHsW2ETwgHzeZtIfGeZfeDhUxEwfgVjbVmTsc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa876baee-MXP
expires: Mon, 05 Sep 2022 18:33:12 GMT

GET
H3 200 koop.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_320x260/public/2022-07/ 37 KB
38 KB 333ms
328ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_320x260/public/2022-07/koop.jpg?itok=5KCO5aPh

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76d0c097ff2308bcc8cfe92f268f2dfc65d628820be39880d26f2849da609ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Jul 2022 06:26:43 GMT
server: cloudflare
etag: W/"955a-5e381a2b8db93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMvOl6heGxIkW29G3d3U%2BCZwUrAsvZhPY9cv0GZ2ASByv%2Fadm5kH%2BDt5v7gXduzA7DjhNss8YAft2QefKOxpytgzFOC%2Bys0TMy5qDBhRgH3K5JXB8x5dtMSxbxu5TqzJtJzeYd6IL40I"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa877baee-MXP
expires: Mon, 05 Sep 2022 18:33:12 GMT

GET
H3 200 52197838693_8f4c563c3c_c.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_320x260_wm/public/2022-07/ 33 KB
34 KB 333ms
329ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_320x260_wm/public/2022-07/52197838693_8f4c563c3c_c.jpg?itok=3ntD_7A6

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e99cdbb3f470bbf77a2f4571689fd19d1f53360b24fb1433222629c9cd52e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 13:34:22 GMT
server: cloudflare
etag: W/"845b-5e32306e11df7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbyazOaTh7FKx2Vl59Yp2Ky9FypXSmA8Kp36J7%2F%2Fp0KCnDpwyiUzuY%2BdyAqp3SGYcg9VYomW1Fcf2Q%2F9xtvNZ9w%2BIrOPTW%2FdMM2Ag4pc6SeTWmiTgd39S4H8tcoKFpM%2ByhpEkWBjdZIo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa878baee-MXP
expires: Mon, 05 Sep 2022 18:33:12 GMT

GET
H3 200 photoeditorsdk-export_4_2.png
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-08/ 547 KB
547 KB 334ms
330ms Image
image/png 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-08/photoeditorsdk-export_4_2.png?itok=EMuLe_5C

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f859adc0a452c5e1e679eedc17fe09b5d86e9554673689538d41627ac8aaddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Aug 2022 14:09:34 GMT
server: cloudflare
etag: W/"88a4a-5e68487f809af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIGouX4jntrgdio2rSxgHWJuO3s8IBWLLiXGyhtga70YwK07F49UcsCSaSBnsWBZMtNm%2B1HkVWXVIDsd8j0qVmZtVdk5HOBt9K1TxzI%2F1g2LAtXqhctQxi5sHqGSz8Kv5GJq4SbbH%2F%2Bk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
cf-ray: 73f2681aa879baee-MXP
expires: Mon, 05 Sep 2022 14:52:46 GMT

GET
H3 200 photo_5469629380054596564_y_0.jpeg
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-08/ 42 KB
42 KB 392ms
388ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-08/photo_5469629380054596564_y_0.jpeg?itok=catJp6en

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a37e9c65f2865f65da62e8288b64acbcf9a1876053e72616bab3f81eeabc946

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54421
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 12:36:27 GMT
server: cloudflare
etag: W/"a6cc-5e66f1d15ab0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JzT887dav6OVbcKDK2RdEthycOQbLQjeJWi9NJqbTJfDVfyakXmqRXzZDezNCO7j8026lIVX8XY88vdZukgORja%2Bz6Xg5%2F%2BWLVPStQ3iFVbuEb2iXsnrf2e3IxgF%2BLNRLhYYW%2FMnZ6%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681aa87bbaee-MXP
expires: Mon, 05 Sep 2022 17:09:31 GMT

GET
H3 200 photoeditorsdk-export_5.png
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-08/ 432 KB
433 KB 393ms
389ms Image
image/png 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-08/photoeditorsdk-export_5.png?itok=5MYOxqre

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace5b0416c0a7407104f37fb3ef6d9d93f6d8cae628d55cc5a8de73ec7719c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 09:07:25 GMT
server: cloudflare
etag: W/"6bfe7-5e66c318ed3fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Fm268E43UwIsJ%2BnvjPK7Bd5QFFSiiWGLv7W3HsacRD5a9rhqPT6hhtkv5dwNEt9uHHgfexY2taHklF8ZZposVsAAehX4WdWDWf19XXuRuQdK1KXt2hgNdjko0C8i4UkBOk7J6q62AKr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
cf-ray: 73f2681aa87cbaee-MXP
expires: Mon, 05 Sep 2022 10:19:13 GMT

GET
H3 200 5-4.jpg
2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/wp-content/uploads/2017/09/ 24 KB
25 KB 446ms
442ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/wp-content/uploads/2017/09/5-4.jpg?itok=cmjKoX7J

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ac67ad6d09de7e5051c43c890c1aa7147357bf91298bf9548e4a22fcc61cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 27 Oct 2021 18:11:44 GMT
server: cloudflare
etag: W/"61f7-5cf5986cde903"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkjdkUOrrn7m6eKRM2sLz249IPfEMTpiCWLok%2BY0knW9n95BTedh7DQls%2F4fR7kS1BrFpehpjJJit5UOgMyfOWo3%2B0Vr8k5T5kXNY%2F0oebVaQhUwTpMn8AkT2vnGl3Ve2M0WhVoJWPuq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa87ebaee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 zhadan.jpg
2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/wp-content/uploads/2016/08/ 18 KB
18 KB 448ms
444ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/wp-content/uploads/2016/08/zhadan.jpg?itok=Yelgyyyu

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ccc7db302898c259cd6c54ae8e85f9b4cf5a2ce92a0ad777c6f967b5f42cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 18:18:48 GMT
server: cloudflare
etag: W/"46ee-5e1808d72b6cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E803l2F%2BBdcFNR6YSIy88wMFDHcert107Mtjd0wgq8FEBtVh56QkKQd8hIL3Rgi6hlMnn7QviLZdyLiu3Pq72ZmLi084Ltbw%2BPRbmPbP9a%2F5o%2FtNYUuz26lnoS9zaTozH%2BLjz4%2F5mXpe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa87fbaee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 %D0%95%D0%BB%D0%B5%D0%BD%D0%B0%20%D0%A7%D0%B5%D1%80%D0%BD%D0%B0%D1%8F.jpg
2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/2021-04/ 32 KB
33 KB 448ms
444ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/2021-04/%D0%95%D0%BB%D0%B5%D0%BD%D0%B0%20%D0%A7%D0%B5%D1%80%D0%BD%D0%B0%D1%8F.jpg?itok=bX87HdoA

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33bb4a2a18b01b3f102283231472df2bd7a94c473a4525de27743dea4554d67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 16 Aug 2021 06:54:06 GMT
server: cloudflare
etag: W/"805e-5c9a7aada106e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crL%2BZFFaMzWN6G4Ps7cLEGIueBymOd8cNWu9XvAwMGLdqaG6D2e45B0q5BCIOzPd3lrG7MvF6Jfmn8HSBGCbDwj4F0%2FYN%2F1hEseA2KShdHGrRT5Ta2sjWWlRytL837H1%2FSMUgPX5KsdG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa880baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 118888473_1541000799435020_671363610926030596_o.jpg
2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/2020-10/ 19 KB
20 KB 449ms
446ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/2020-10/118888473_1541000799435020_671363610926030596_o.jpg?itok=nHsitN0J

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa16f33d6d3cbedc76ac53bb6e8980b3355a03fcd031b45ece5daf0130839d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 16 Aug 2021 06:54:06 GMT
server: cloudflare
etag: W/"4cc9-5c9a7aad79b86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rnCNMGWJLIbLVap%2Ffq38thW0xEUKZt%2BJJVTdIUyHhAXYwUlNvtAIjy4t%2BKOVOy6Yt6Ea8WzjxPmZ2dEJh3AFiQZ9pQQ9impy05%2FhYXtZdLa5ZYZHL4cADpYWT7X%2Fk30syXTpx57J%2BON"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa882baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 portnikov-3.jpg
2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/wp-content/uploads/2016/04/ 22 KB
22 KB 450ms
446ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/wp-content/uploads/2016/04/portnikov-3.jpg?itok=IQp0L0-b

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c5dac0238490b3ed0d0a6c825ef2bfb9f04bf9e81f8cd8ca747068d5a3ae534

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 16 Aug 2021 06:54:06 GMT
server: cloudflare
etag: W/"577e-5c9a7aad7802e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaF1Vf%2BNVGbh9PDjF1OVXVMQzizWLtlBsdj5Sr7m0UhiTSPKMoZFmvdKnw9Jw898XFlM9nm3h6cB5%2BywMCKOfFmEou6qI6UTFwo3Bp2APf%2FJcc9A1jNlSZncMKtPcJBTcggpzEd2BU%2BH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa883baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 %D0%91%D1%83%D1%82%D1%83%D1%81%D0%BE%D0%B2.jpg
2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/2022-05/ 29 KB
29 KB 450ms
447ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/foto_polzovatelya_blogi/public/2022-05/%D0%91%D1%83%D1%82%D1%83%D1%81%D0%BE%D0%B2.jpg?itok=rFtl2LjB

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9d2f51c980ee3b7c323f96741e433aad9f3dac594da1c19725663a172c909e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 17 May 2022 14:34:53 GMT
server: cloudflare
etag: W/"7340-5df360b43ea7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9SNEESaTTFQhAtEGMWikzUss1jTKPsk6iM9qnXld3CvoABgMRrGqlpQbjzsrxhySn3BusqYkjeJjGmMsaJZHrKG%2FyndAUqB9EKhzFU1sKFKMa7gm6RQvelV%2F2Oket%2BTGx5SfxmfmpJb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa884baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 gildebrandt_001.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-02/ 54 KB
54 KB 451ms
448ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-02/gildebrandt_001.jpg?itok=LT9Ya9mx

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

857fab77473295b25a5463c312bc843da53b14e4a8d72c19c5d1c6382ff99748

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Feb 2022 16:30:15 GMT
server: cloudflare
etag: W/"d70e-5d84d65d1dd76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOQBTlcN7SMlSromb5TucusvuPE16G%2F2a2qyfdyQZX39PXmIhAb2gm595Z67xhL8jX1Z3VIkeNtMhr1jK7cI5WrcICyTDz9MUlzNw9Yw89yAcYt0vGg%2F7HbiE3Ks0JNHpgczTH29MOCv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa885baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 pushkinskaya_19_1.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-02/ 63 KB
64 KB 451ms
448ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-02/pushkinskaya_19_1.jpg?itok=M4g0ZeOV

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a9e429dc7f1bd781f53c2765eabe87583241d92886c2b0538adbf0d49987bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 11 Feb 2022 16:33:27 GMT
server: cloudflare
etag: W/"fd92-5d7c0a05c9b6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSDwYy6USvgyc0IUIWXPqAqFmofBCVaoGVxuqe5BepG6u0S4Oe%2FkLoapL1dwqsls3qYj5W0T0qWC4PsNsZmCYtm83Vb3oTApvIy%2FpFNkW9J%2FXK0nAwHoZmmnXFXQ3XkOl2dgZA3z3UNg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa886baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 reyngardt_001.jpg
2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-02/ 59 KB
59 KB 452ms
449ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnaya_sredniy_/public/2022-02/reyngardt_001.jpg?itok=xVpwaQHu

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f70c4bdac6b164d8edf952616a5e71788e83cfcaa44728b9c2a459c938e9ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 04 Feb 2022 16:31:46 GMT
server: cloudflare
etag: W/"ea69-5d733c974343e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeW6up4rMqt2%2BvPc8k8rRybenyz3IEAAXeGPqEzUrBeaqrKrl8%2Bab0eSZAwbrcj0W2MlQWf0%2BvSbfzLdnWdTlUMvv%2BGm8ohe3qwiy9uhwdXfeAbpUNaNvsLpkKbI16CFeIZoUHWs3UMK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa888baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 51884961048_b40a55d5eb_b.jpg
2day.kh.ua/sites/default/files/styles/play_wm/public/2022-02/ 10 KB
10 KB 452ms
450ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/play_wm/public/2022-02/51884961048_b40a55d5eb_b.jpg?itok=UDKzXGAQ

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e98441760d3a215ce945011b2afbf7d5f28fa124bf7c6ccde57c80b70fc6e802

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 16 Feb 2022 08:53:48 GMT
server: cloudflare
etag: W/"2767-5d81ec9b634a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl1OI6HZAYAxLgWmDBHSeobnoaFxUccOSlsS66aO0yYZb08A42%2Fk67%2B5j5DKQJaVJj9YVRZKS2875RHidU9CWR5UPr1Zzfqbfo6kxx5Haen8pf3ymKq0vn1enBuyRhnqsZJiNJF18JLr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa88abaee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 snymok_ekrana_ot_2022-08-22_11-52-30.png
2day.kh.ua/sites/default/files/styles/play/public/2022-08/ 179 KB
180 KB 453ms
450ms Image
image/png 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/play/public/2022-08/snymok_ekrana_ot_2022-08-22_11-52-30.png?itok=A_mJmzJ5

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

589690e866bbaaa79a8ce4468bfc9947c4989864492dcdabea85c732de4a177d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Aug 2022 09:43:00 GMT
server: cloudflare
etag: W/"2cd21-5e6d145f9fa18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pUKDzYRjjmc%2BrOWjtXIDZRFPHxR7%2FkMiTd%2F4ALPWXNDZNHvOijhxbKHTd5KNy%2BStYPr49%2FG7sR3HMca3WsaObg%2BcXa3jiPagYpNA9nN5oPONDKY49bzaOl%2FXITZtyeDDdAnmaKOEBMS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa88bbaee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 screenshot_4_5.jpg
2day.kh.ua/sites/default/files/styles/play/public/2022-08/ 20 KB
21 KB 454ms
451ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/play/public/2022-08/screenshot_4_5.jpg?itok=vuY13OSr

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adc5869576c63e5e9e46f964fce56f97e97b13e5fc1932d8afcbf166c1268492

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 20 Aug 2022 16:29:31 GMT
server: cloudflare
etag: W/"5177-5e6aeb81f3a31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmi0zNfAQnUiTt%2FvFFuaLCax3Qqp3yyA2QcfeWJKeUlV73gnq1cJCs75do4THSGbd5SYa9Txrz2iFLTRjCmhSxcWVuNjPpXgd%2FHXDVvPnzyhoK5YVVPnRW1e20hK1hielo%2BR6qFD7b09"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73f2681aa88dbaee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 08:16:32 GMT

GET
H3 200 fb-likebox.js Show response
2day.kh.ua/themes/custom/kharkiv2day/js/ 465 B
868 B 419ms
418ms Script
application/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/themes/custom/kharkiv2day/js/fb-likebox.js?rgfc81

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e97b209351f5ac18e290005aa556c73364fd7d86291e9c719741634a3157bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1064699
cf-polished: origSize=701
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 13 Aug 2021 19:41:07 GMT
server: cloudflare
etag: W/"2bd-5c9760866aef1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElHwgRDrTyPKfGDGfN%2B4EhLkZ%2Fn3Os2JNoWRlhG5kDzFaer3byiCwcgPm6UrnJikmu%2FY3AazEtlZmxd%2Fz8FSgkz2VfpW76ZKRqhwx%2BmtfVNBQNdOu2BDHSrRt5EZUyo4KqhZmff%2BQiAh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 73f2681ae8e5baee-MXP
expires: Thu, 25 Aug 2022 00:31:33 GMT

GET
H3 200 js_el4wlfVOQbFt8cfOImtmwLBRdj0bQsDUw1UY_iCeExU.js Show response
2day.kh.ua/sites/default/files/js/ 11 KB
4 KB 419ms
417ms Script
text/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/sites/default/files/js/js_el4wlfVOQbFt8cfOImtmwLBRdj0bQsDUw1UY_iCeExU.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0146d23ac789b3847e572cc4f617acd341b978e0d88210c60febcfd3e734705b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490832
cf-polished: origSize=13764
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 06:06:17 GMT
server: cloudflare
etag: W/"e3e-5e4af1945bb1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adI8w3SGoQnkSM2srtvjkuCSy2G57KHzPXPfw7fc9P5w9Zeh6NEJqqsleuJxy0uu45%2FnmFhMi28Qe0OAviTdajYv5Pfungs%2BAC0gg42T5saWZAGsLoXVUewuBTg7joKSU5yBYA9D1tTq"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 73f2681ae8e9baee-MXP
expires: Wed, 31 Aug 2022 15:56:00 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/ 50 KB
15 KB 171ms
68ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 10571866
cdn-cachedat: 2021-04-23 00:18:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1460fb8879e167cec40a0e4a89a95a01
cf-ray: 73f2681b8a58cc46-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 149ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7127647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6451
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BCCkThZVh6uSKdTfwc6tg%2B%2Fbqk9V0plIcA%2FK8w6QojukGOQUFv%2B1doNYP388ZEuvrgddCg66KsoXj41dMzjRF3Scr1sO%2FPUCFIQDQlT1ZG8ren7wi%2FO8ddxkO8JYt6MlNKG0l0YcoDml%2BVckJfw4IMr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f2681b7818cc4e-ZRH
expires: Sun, 13 Aug 2023 08:16:32 GMT

GET
H3 200 js_DOuGiDVYdi5SMxsm34rSERocNDLhnzPJC4LeeXKKo80.js Show response
2day.kh.ua/sites/default/files/js/ 1 KB
1 KB 419ms
418ms Script
text/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/sites/default/files/js/js_DOuGiDVYdi5SMxsm34rSERocNDLhnzPJC4LeeXKKo80.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85feef29d611f7c8073a24fbe6a622cd7c393bf0312cc780ccee39bfbb2c79ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
cf-polished: origSize=1687
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 06:06:17 GMT
server: cloudflare
etag: W/"234-5e4af19459027"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bb3dzzsa370GcAgGf1cJ01dmbCfO9uEXEIzUNZgcdLTl05z4MCwQmJ%2B%2FFRMBLYkxLIHzzvbHdSnfUjgXIMFS24zAezf1j%2BXvMBFh5sGGcmevKEbYeuONRDaUN4Ke3P%2BiyzcYjN%2FjaTXg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 73f2681ae8ecbaee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 186ms
44ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Tue, 23 Aug 2022 08:16:32 GMT
x-host: s7.addthis.com
content-length: 116360

GET
H3 200 js_ksKULfaVRhcd8H44caqHSd0-r00wB3yGKhH_-eLP9Jk.js Show response
2day.kh.ua/sites/default/files/js/ 150 KB
46 KB 419ms
418ms Script
text/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/sites/default/files/js/js_ksKULfaVRhcd8H44caqHSd0-r00wB3yGKhH_-eLP9Jk.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

504dfe35cddb32b14324dd38964e6e1592ec412bc8b597e75cc586539ec0f1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434573
cf-polished: origSize=156482
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 06:06:17 GMT
server: cloudflare
etag: W/"b20e-5e4af1945558f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yccw2kfh3Qy21bwrdUBIR%2BuL847bI0u%2FozXNgkqvXocisu1Qy6xF2T810tZI9MgR53TauK0otJLeHmyg0352fi%2FwebIrGCh107at0arqNHQUvSDNFPdSK35S%2BbSP2KNhYSCRk3qc1NbG"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 73f2681ae8edbaee-MXP
expires: Thu, 01 Sep 2022 07:33:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 123ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8066c6b2cea0419ca4caca461f9c88cae859b302cacd7e93fe998002927daae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://2day.kh.ua/ua
Origin: https://2day.kh.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fBgjL1pXYtgwgr8AiKJbJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: so55qgk9be1/XRdB6vKcpuijKnpc4cGkWOZVw4Oidni2TDz0VNY04/0BzHaNhm5gXWX26Xk37dYsU4XgtHS2pQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 8223b8f01e367137ab9b21c5f02110f0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 23 Aug 2022 08:16:32 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661242169156
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f5e3ba385a7f79aa3e6df89bb3fd97bc"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 23 Aug 2022 08:29:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 184ms
95ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cf6738261f58e9bd2d90f01914aa2e9a504999a793a4bef4f25ae5be64743e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57074
x-xss-protection: 0
server: cafe
etag: 12006420887184455696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 08:16:32 GMT

GET
H3 200 invisible.js Show response
2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame A3DF 34 KB
12 KB 418ms
418ms Script
application/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661241600
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c910b97809487c871b6ff99b411454008b5c4101cd983515723ca547a5349867

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FFJQb6gavoSYBcXLwX5l7ldtEt12tP6HGDgOaP6xteMz2olxS1n9ODOryIujXUEwFynFp0nqP%2FFHhCAIBcAjN7mZ96HYqz3jG6Rg9nQru1B8m5YsiRmOlkb8s2mAehWecxBIs%2FWMuI7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 73f2681ae8f1baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4472
date: Tue, 23 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Aug 2022 09:02:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 82ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26535
x-xss-protection: 0
pragma: public
x-fb-debug: ti14CzoZXsOZOqrWTTJBev+U2nMEcdzbagfh3189cndKZpzdMxCrxE8SRHWiYh29IJvNx8opdEzbQgaeRRZg3g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 23 Aug 2022 08:16:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661242369111
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ 341 KB
120 KB 179ms
98ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3699765833214304&plah=2day.kh.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594784e9721f45d78a8b4ca9e75a75bbab8ff2ad1fc50fb8366d46b1a36c7548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122628
x-xss-protection: 0
server: cafe
etag: 14848151233755507607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 08:16:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/ Frame 394A 10 KB
5 KB 129ms
40ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 32875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 23:08:37 GMT
etag: 8616628553774171045
expires: Mon, 05 Sep 2022 23:08:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 184534679422854 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/184534679422854?v=2.9.77&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3b009147dafbfd61514df1db441d2e5483d35291f671027b5550ff822ce9b44

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85831
x-xss-protection: 0
pragma: public
x-fb-debug: 3wvYEqG3m2ljk4ho1JKAEV1sjgwvh7X6uAbnJfTryZeV9l3znfd2u01BjR8eEcbINVkhFJcQcqAlGViEtM+ahA==
x-frame-options: DENY
date: Tue, 23 Aug 2022 08:16:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661242349625
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 127ms
46ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=488693582&t=pageview&_s=1&dl=https%3A%2F%2F2day.kh.ua%2Fua&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%B0%D1%80%D0%BA%D0%BE%D0%B2%D0%B0.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A5%D0%B0%D1%80%D0%BA%D0%BE%D0%B2%D0%B0.%20Kharkiv%20Today.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2041797792&gjid=1989393955&cid=236711182.1661242593&tid=UA-89880217-1&_gid=880796192.1661242593&_r=1&_slc=1&z=187015950

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 130ms
40ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=184534679422854&ev=PageView&dl=https%3A%2F%2F2day.kh.ua%2Fua&rl=&if=false&ts=1661242592910&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.2.1661242592908.1721374718&it=1661242592800&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 23 Aug 2022 08:16:33 GMT

GET
H3 200 pica.js
2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame A3DF 22 KB
8 KB 71ms
70ms Other
application/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f092fc52499e9c9b5143b0c3713ed7416143b367d1748d85581739bebdb3e4ac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WphFFmaWb3TSi8mDGNYMFTb3FKtwopHHk6UNiiH8wXJoig7tYq1Zwc06zN0QcfaqgmvkUgsvVLVp0H2Lno6Bcbty7I2mU0822vZ%2Fhm0S8ziNeR9bcs7uJpSczrSwdS175FpUrf3Hdlaq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 73f2681e0e8dbaee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 55 KB
13 KB 220ms
105ms XHR
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22755851226/2day.kh.ua_970x90_anchor_responsive_DFP&sz=320x100%7C970x90&t=Placement_type%3Dserving&1661242592942

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b29de62de79a3d8b59970a61a884d9ab769e2e22303f7970ade1a5e5c3caf165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
google-lineitem-id: 6039544559
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400243075
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 299 KB
85 KB 81ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=9b18079a56f050c6bba1163f764cf88d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

437c575d301f49f6f35c8d976f5168bfd619adfd75da940aefabdb4f996547de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://2day.kh.ua/ua
Origin: https://2day.kh.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fvX998xWGI8t7DmOEQHXFw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86772
x-fb-rlafr: 0
x-fb-debug: /IuEq1FUl03Qrpb+unnX0CtMOnLPSqLF8KjgCwcy1wOarmGfM3bWm77C5o0HtKZRhfYl2hMjtiavxRvKOUhrnQ==
x-fb-content-md5: 15ce67d6342b6ea0f32a3b734ec80bd9
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 23 Aug 2022 08:16:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9985ad4e61f341ad61ba91a98c823a5f"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Aug 2023 20:32:32 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 132ms
44ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26190
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3 200 invisible.js Show response
2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame A3DF 37 KB
14 KB 70ms
70ms Script
application/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661241600
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5141d6e2a0ff9258555b59e30ca57ed54d37dd8b78c4f82244e7b38300be8cd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53d9ImY8S4kQVJwlsWP8pOmrqdkG1orvueiy%2FjrFb6LE8FC%2FXvy3zV8O5FC58nfLd8MyF9tALr5LsmBzmk4EMIRtLIu1PLo64vnaT6BWmOBMGpX44PuTNxRt7bWzLjAh1Yg8IdbkykXU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 73f2681e4ef2baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 img_5751-1.jpg
2day.kh.ua/sites/default/files/styles/glavnoe/public/2021-03/ 51 KB
51 KB 72ms
71ms Image
image/jpeg 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2day.kh.ua/sites/default/files/styles/glavnoe/public/2021-03/img_5751-1.jpg?h=707772c7&itok=zcLNJjnQ

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/sites/default/files/js/js_ksKULfaVRhcd8H44caqHSd0-r00wB3yGKhH_-eLP9Jk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa06bfa5e5872068d63f93506fcc225c83b73c0a850735e8979a5ec99734535

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 14:27:21 GMT
server: cloudflare
etag: W/"caab-5e1049eaf254f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ViOMTY68AnbCqkCa391nq4H3nsFnn3BHZKp0AeSW6nq6iJCMLIw9iG3T2l%2BTj5ZonJU%2FnV1eMi20v9WNn9%2BVh%2FzDkEqHMCtI3SIJO%2FQcSp0MdpFRDLTJ5qUOeBqTYDkD867cVLV3Z1F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
cf-ray: 73f2681e5f0bbaee-MXP
expires: Mon, 05 Sep 2022 15:23:56 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5c5dee7199102100/ 1 KB
710 B 84ms
83ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5c5dee7199102100/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c3d750a28deaefdd7c3809177bc50ac48fe450f7ac5ea63a126af3c1b74d28ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
etag: -1139485524--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=25, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 533

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 225ms
210ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=63048ce0e3690da0&bkl=0&bl=1&pdt=862&sid=63048ce0e3690da0&pub=ra-5c5dee7199102100&rev=v8.28.8-wp&ln=uk&pc=men&cb=0&ab=-&dp=2day.kh.ua&fp=ua&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1661242593015&jsl=129&uvs=63048ce0cd299e7f000&skipb=1&callback=addthis.cbs.jsonp__95835758544764560
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dffdd5f064425460104a61e133702a3d07063215f6986c4f96ef2f742bc93613

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:33 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3429 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 3B6E 71 KB
26 KB 47ms
47ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Tue, 23 Aug 2022 08:16:33 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.uk.min.json Show response
s7.addthis.com/l10n/ 5 KB
2 KB 158ms
42ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.uk.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

265a63573c96eea39dbebd88e9e6243e77778b7436ceb8615371a861c551225f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-1456"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Tue, 23 Aug 2022 08:16:33 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 2092

POST
H3 200 rum Show response
2day.kh.ua/cdn-cgi/ 0
163 B 64ms
63ms XHR
text/plain 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2day.kh.ua/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://2day.kh.ua
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 73f2681ebfc6baee-MXP
vary: Origin

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
645 B 157ms
48ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=2day.kh.ua&callback=_gfp_s_&client=ca-pub-3699765833214304

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3699765833214304&plah=2day.kh.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6cd57361501d500a05f6b0fd353f95c96554ac7ff2f9574de68e1bd6c2d5c575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 136ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=2day.kh.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 137ms
49ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2day.kh.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 327A 0
19 B 168ms
89ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3699765833214304&output=html&adk=1812271804&adf=3025194257&lmt=1661242593&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F2day.kh.ua%2Fua&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661242592701&bpp=2&bdt=570&idt=360&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7474923011922&frm=20&pv=2&ga_vid=236711182.1661242593&ga_sid=1661242593&ga_hid=488693582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487&oid=2&pvsid=2584115464171774&tmod=896275500&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=377

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 08:16:33 GMT
expires: Tue, 23 Aug 2022 08:16:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 165ms
86ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220818&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a946e0c22c4e80dbc4dda9d2187b5ca687d915cd78972369aaef25f6d7f7b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11217
x-xss-protection: 0

GET
H3 200 pica.js
2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame A3DF 26 KB
9 KB 71ms
70ms Other
application/javascript 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87b08a6572f39a19944fb677b936a8ff53f0a9635957d4c9c78992251967e01

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cmr5LGii03Y4uxX9tlrBC%2B61B%2Bji8ufPh2XdLLf62rpkkexXYgY9GKVYb7WALkMpVrMm1%2Fxj3mv6MFaLzqaFlXam8boP9yO%2BvdP%2BCRUzxzpTmlm7MQR8G4%2BnubYShHArOI%2FMevm6st%2BA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 73f2681f2898baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 47ms
46ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 23 Aug 2022 08:16:33 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 82ms
39ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=919774958438288&ev=fb_page_view&dl=https%3A%2F%2F2day.kh.ua%2Fua&rl=&if=false&ts=1661242593129&sw=1600&sh=1200&at=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 23 Aug 2022 08:16:33 GMT

GET
H3

200

/
www.facebook.com/login/ Frame F413
Redirect Chain

https://web.facebook.com/v5.0/plugins/page.php?adapt_container_width=true&app_id=919774958438288&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a3...
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv5.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D919774958438288%26channel%3Dhttps%253A%252F%252Fstaticxx.fa...
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv5.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D919774958438288%26channel%3Dhttps%253A%252F%252Fstaticxx.fa...

0
0

119ms
118ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv5.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D919774958438288%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a37bc0e13f7b%2526domain%253D2day.kh.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F2day.kh.ua%25252Ff163cd090c347f4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2day.kh.ua%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=9b18079a56f050c6bba1163f764cf88d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 23 Aug 2022 08:16:33 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ShZag2rsDq5WwYZmxRzCueHUg3dRT9S9JPNShnknIyM/YMfTT6MSaAzzOmDDCg45xnDFJ27K1BdWaWRcPvhRQQ==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 23 Aug 2022 08:16:33 GMT
location: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv5.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D919774958438288%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a37bc0e13f7b%2526domain%253D2day.kh.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F2day.kh.ua%25252Ff163cd090c347f4%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2day.kh.ua%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width&_rdc=1&_rdr
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: ZpbbwrzUa1Rwd2L/AidDc9/k9RodtsJIfzLSzmpR+J7B2Yb4o+P89rW18wwu90RVK203fXpmHgPdIFoMRUWD8Q==
x-fb-zr-redirect: 02|1661328993|

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame ED02 480 KB
138 KB 167ms
64ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: HjfY42wqSWw306GoqTYOLw==
age: 6267
x-ms-lease-status: unlocked
last-modified: Mon, 22 Aug 2022 10:30:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 21c249cf-d01e-0020-1112-b68430000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 73f268203f360215-ZRH
expires: Tue, 23 Aug 2022 12:16:33 GMT

POST
H3 200 73f26818280bba8b Show response
2day.kh.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame A3DF 2 B
713 B 90ms
88ms XHR
text/plain 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/cv/result/73f26818280bba8b
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661241600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8RIrv6jN5lWu71S5v9HRTqIC2V9h20NT0ubAxqWjlH10QzZgr%2BIGbmCRwCDQ6LyjK90QFY4FhVKDZPXzq3Y81uFbm2lFIVIUhQQhFvzCijh8IIX1MrTxJhuZL%2BW4tva8IfrQrolznd%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 73f26820eb73baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 142ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 08:16:33 GMT

POST
H3 200 73f26818280bba8b Show response
2day.kh.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame A3DF 2 B
713 B 76ms
73ms XHR
text/plain 2606:4700:3035::ac43:b310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/cv/result/73f26818280bba8b
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661241600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SjYkcT1jB%2BwZAnZ1aPTMLObYv87KJDJ1rw%2FTTI3QHd6k8K6n6vnelnrfz84y%2BiOO4U%2FaG44Vupj1ahi7zIGFTesX0IOOgpjtUDu9ou5q9XuTCzMnJYz2Y4tuynOYN72ampPThtgKM4w"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 73f268220d45baee-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 17CC 0
15 B 39ms
39ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://2day.kh.ua
Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://2day.kh.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 08:16:33 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 110ms
36ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2day.kh.ua%2F&domain=2day.kh.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://2day.kh.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 23 Aug 2022 08:16:32 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1340
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame ED02 159 KB
41 KB 154ms
50ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 23 Aug 2022 07:35:44 GMT
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 16:12:00 GMT
server: AmazonS3
age: 2450
etag: W/"52a6bc60961c702869c58b9d159c8e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P3
content-encoding: gzip
x-amz-cf-id: W5pQCH2j5qConG6FIi8_f6QZ_g-8VNdbtHS400UtxAkeUlWNcpm2Uw==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame ED02 483 B
943 B 201ms
69ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1279000
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ua9y%2F72Uim0wNCOllMbvt3TP3Uf0AKSsE%2ByDzL3KuB%2B6ZlojRZ0RyJDA7pr9gum9BpIoiEsQSCuYSwfF2QPgtes%2BdH%2BNVh0W2wIfPN2uTk0OZt%2BXEhX2zwy0l0WyTgysrrR6K5dUqEmkd5m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 73f268232ae90f7a-MXP

GET
H2

200

sid Show response
mug.criteo.com/ Frame ED02
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2day.kh.ua%2F&domain=2day.kh.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=obMQ13xRc1BhdUd1UWpjRTU0WlZkbktPb0ozMUkyeGg0dnpNQ09FTWR5MWFJa1p3Q1NaVUY4SGJVeXBmWlkwWW8ycFRPNjdNa2k0UUpDaVd5RXNRR3Z0WDc0WDBTTGlRODA1SFF2UVUxVnRUREJITzJ4dGcvV0p1S2ZITE...

358 B
619 B

108ms
37ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=obMQ13xRc1BhdUd1UWpjRTU0WlZkbktPb0ozMUkyeGg0dnpNQ09FTWR5MWFJa1p3Q1NaVUY4SGJVeXBmWlkwWW8ycFRPNjdNa2k0UUpDaVd5RXNRR3Z0WDc0WDBTTGlRODA1SFF2UVUxVnRUREJITzJ4dGcvV0p1S2ZITExXdjlJT1U4REJ2S3d6WXN4YURWRko3U0ZXeWxUckU0eHpTUms2ZEpIVHloaTVOdVFpOUd2Q00xRzMvOW9rdlRQT3ZwSUxqYlJlSVBKdE9QSTg0empyaXgyYjZaYTFNZENyUnNoZVo0dHZTTU16ang1L2dzPXw&cppv=2

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

13b3a7376adbd564583998d5c2bb4bec1e470bd8365f9cda74255b6e9e240e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2794
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:33 GMT
location: https://mug.criteo.com/sid?cpp=obMQ13xRc1BhdUd1UWpjRTU0WlZkbktPb0ozMUkyeGg0dnpNQ09FTWR5MWFJa1p3Q1NaVUY4SGJVeXBmWlkwWW8ycFRPNjdNa2k0UUpDaVd5RXNRR3Z0WDc0WDBTTGlRODA1SFF2UVUxVnRUREJITzJ4dGcvV0p1S2ZITExXdjlJT1U4REJ2S3d6WXN4YURWRko3U0ZXeWxUckU0eHpTUms2ZEpIVHloaTVOdVFpOUd2Q00xRzMvOW9rdlRQT3ZwSUxqYlJlSVBKdE9QSTg0empyaXgyYjZaYTFNZENyUnNoZVo0dHZTTU16ang1L2dzPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1474
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame ED02 213 B
617 B 137ms
43ms XHR
application/json 141.95.98.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.68 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216657.ip-141-95-98.eu

Software

Resource Hash

6be6dd3251932977e82ba5763f06b37fe38859deac022ebca52d6a81ddd247a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2day.kh.ua
date: Tue, 23 Aug 2022 08:16:33 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame ED02 83 KB
29 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0756a2f033b3c0758364d51e77580be8fce4efb0d92e6358a6eec240dccdf65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28616
x-xss-protection: 0
server: sffe
etag: "1311 / 462 of 1000 / last-modified: 1661206097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 Aug 2022 08:16:33 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C8E8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

128ms
40ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Aug 2022 08:16:33 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 23 Aug 2022 08:16:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C12F 13 KB
5 KB 124ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 07:49:07 GMT
expires: Wed, 23 Aug 2023 07:49:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A3A 783 B
1 KB 137ms
50ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f645cdbf12940f8752f80bb4f11d40c29015666c32ff215113c05ee44c699607

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qyS4KSaePD0Mu7OQtSXvAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-qyS4KSaePD0Mu7OQtSXvAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 08:16:33 GMT
expires: Tue, 23 Aug 2022 08:16:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 139ms
44ms Preflight 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://2day.kh.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://2day.kh.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 23 Aug 2022 08:16:33 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame ED02 2 KB
1 KB 306ms
173ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cababc5dc4755b6a2b3de47664173b51961ec4100676ca515ee8f48ff05f250c

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPJ7alxfxHktME%2FXtYx6JLOmcz8oaVKARJbOZ5j7uFRju0ezjGg9Wer6DfzYxe5L68%2BnCn4WZeNjTNEQ6cPCElPJXdXasCWMWP9I3hivaj0dZyJHb11Vaxm%2BIC%2FZaSieuaep0jtDowE%2FIo7aEZnHD%2BbCCnQX"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 73f268238f16ba85-MXP
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame ED02 17 KB
8 KB 380ms
249ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8c55fd6e5282609b017e7502a1003db04654035df7f47fe41246c5943c4676

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTaDC6lU3%2BIlXYe1DUTccERBzENLTRxcC57EjO04MI4ocy02OV2EI8CA2auaj6rYZKQrhcb80fFoyN0gwmrXHkT62f%2BLsUvYALNRlag%2Fvf2UuCP%2BygENAAlEvnDL2juJ6%2BuSJ4IklDZdQa%2B1ZrDSMocV2Wnm"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 73f268238f1bba85-MXP
expires: 0

POST
H2 204 / Show response
hb.emxdgt.com/ Frame ED02 0
156 B 138ms
48ms XHR
text/plain 3.123.245.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1661242593692&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.245.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-245-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2day.kh.ua
date: Tue, 23 Aug 2022 08:16:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame ED02 0
274 B 176ms
99ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2day.kh.ua
date: Tue, 23 Aug 2022 08:16:33 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 66
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame ED02 0
406 B 163ms
75ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:33 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame ED02 0
113 B 125ms
36ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2day.kh.ua
date: Tue, 23 Aug 2022 08:16:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame ED02 15 B
357 B 137ms
43ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://2day.kh.ua
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame ED02 260 B
1 KB 237ms
73ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1923074&size_id=2&alt_size_ids=55&rp_schain=1.0,1!setupad.com,1640,1,,,&rf=https%3A%2F%2F2day.kh.ua%2Fua&tk_flint=pbjs_lite_v6.6.0&x_source.tid=d65a5962-b2e1-4545-9ff2-ca74e6c03f37&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.07708227262142442
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8cec5d8f1d183ea32e426b300a7bf4d552b151dbfc604a75706db703055c8983

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://2day.kh.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame ED02 0
212 B 114ms
35ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=38231699933

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Aug 2022 08:16:32 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://2day.kh.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame ED02 73 B
375 B 101ms
36ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F2day.kh.ua%2Fua&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d65a5962-b2e1-4545-9ff2-ca74e6c03f37&nocache=1661242593701&pubcid=0858aa0b-2ccf-4d2b-9a37-3d859fbc5d7c&schain=1.0%2C1!setupad.com%2C1640%2C1%2C%2C%2C&aus=970x90%2C728x90%2C970x50%2C960x90%2C950x90&divids=div-custom-ad-1661242593189-0&aucs=&auid=557549719
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8427bd0b937570d155765cb42ee876407b60e614c2ad860d0c4eecb41034053a

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://2day.kh.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame ED02 171 B
552 B 183ms
63ms XHR
application/json 81.17.55.112
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame ED02 0
172 B 116ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2day.kh.ua
date: Tue, 23 Aug 2022 08:16:33 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame ED02 94 B
741 B 162ms
66ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 7e11dea0c17e8baa18dcb2ec8d2df4ea619ea328bd1d0e015c2fdb6a1fd9215c

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://2day.kh.ua
access-control-allow-credentials: true
x-sovrn-pod: ad_ap7ams1
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 99

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame ED02 37 B
637 B 237ms
150ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=853123&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22399a4b618faa10d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F2day.kh.ua%2Fua%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224011b5c5ad973c5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22853123%22%2C%22sid%22%3A%222day.kh.ua_970x90_anchor_desktop%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22853123%22%2C%22sid%22%3A%222day.kh.ua_970x90_anchor_desktop%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22853123%22%2C%22sid%22%3A%222day.kh.ua_970x90_anchor_desktop%22%7D%7D%2C%7B%22w%22%3A960%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22853123%22%2C%22sid%22%3A%222day.kh.ua_970x90_anchor_desktop%22%7D%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22853123%22%2C%22sid%22%3A%222day.kh.ua_970x90_anchor_desktop%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%221640%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2727c9ef52475f9911c2c6c0730828f9eca5cb0f748a81a707f8d67dc70a01

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FiMrIxyNdrja14jspyJO1jgvE71OL2JWWA5itJq1TcYcdK1LkJvSoQ9%2BFk9x%2Bhh25U6mkgvRhwyaxR1WEV49WuHRH6g1%2Ff%2FZdHjv0bi2JqBD0tW2CJby4CVIk3lVDCbZftEu%2BdL"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73f26823483a7779-LHR
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ED02 139 B
827 B 129ms
42ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

030fa35a997a81ffaa4016f7f594584696d9111afb005be91d4ca37ea518b751

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:33 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 59ca905f-eff5-4971-917f-c926f5999c7f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://2day.kh.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ Frame ED02 114 B
958 B 214ms
106ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30d72d952edcd10456b1cead39b7c142c100abce5408e23e04b28d1708b37412

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: div-custom-ad-1661242593189-0, Process Shapings. Seat shared_rubicon: No adunits with mapping rule and shaping, Process Shapings. Seat shared_improvedigital: No adunits with mapping rule and shaping, Process Shapings. Seat shared_onetag: No adunits with mapping rule and shaping, Process Shapings. Seat shared_pubmatic: No adunits with mapping rule and shaping, Process Shapings. Seat shared_drbanner: No adunits with mapping rule and shaping
content-encoding: gzip
x-err: Shapings: no adunits with size and seat and mapping
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 73f268238c3b01eb-ZRH
expires: 0

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame ED02 2 B
906 B 144ms
50ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2day.kh.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame C12F 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 07:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 07:00:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A3A 0
0 72ms
72ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220818&jk=2584115464171774&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pubads_impl_2022081701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ED02 384 KB
131 KB 130ms
40ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 06:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133512
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:37:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Aug 2023 06:57:34 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame ED02 662 B
1008 B 137ms
137ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F2day.kh.ua&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://2day.kh.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 662
x-amz-cf-id: 28Gm14_zXxPXtDDoKKi92oqY4SKt6mpChZeoCja1Qmb6nyAkMZng0g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame ED02 23 B
490 B 80ms
79ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F2day.kh.ua%2Fua&pid=LCjalzO1zpwuG&cb=0&ws=300x150&v=22.8.42053&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1661242593189-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22755851226%2F2day.kh.ua_970x90_anchor_desktop%22%7D%5D&schain=1.0%2C1!setupad.com%2C1640%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: HVWB55RNBSSGVAK1NQRE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://2day.kh.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yhUpnNgoZ3_rYIij6qjLKrLeY70DNwIIwHPgZJJ_YQeQn3Vycu4FtQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame ED02 6 KB
3 KB 118ms
40ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 35714
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Mon, 22 Aug 2022 22:21:20 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: n0Ja2IrBesjkBdLHtn3_QZcffaRbdDJAH24sfg1pBrFDtUSlsjHK7w==

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame ED02 72 KB
23 KB 187ms
67ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2426731
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txcf369ce3f58c4a75aa8b8-0062df8537
x-amz-id-2: txcf369ce3f58c4a75aa8b8-0062df8537
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VN89%2FYb5%2FnFHePDCnP1AxHEdiSFySqKbsEzcherJkuvBK9NYIwZTtru620YOF%2B6KRoit2QHnObsJCgAQXlhzr3hdcdzD1%2BfMzP2uM%2FnOVDGulaH8bPQOgk89dNtoWP0VBUfw6F6dlGcsnegv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 73f268247c8e0e22-MXP
access-control-allow-headers: Authorization

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C12F 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?40NACg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C8E8 31 KB
10 KB 40ms
40ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 08:16:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=53282
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Tue, 23 Aug 2022 23:04:35 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 128ms
36ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 23 Aug 2022 08:16:33 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1529
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C8E8 0
239 B 208ms
41ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad&khaos=L75WY53W-K-DBXP
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame ED02 53 KB
17 KB 135ms
41ms Script
application/javascript 23.205.245.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.245.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-245-111.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:34 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 23 Aug 2022 08:31:34 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame ED02 42 KB
12 KB 157ms
55ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:34 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1392
x-amz-server-side-encryption: AES256
x-amz-request-id: TVF7JZ8T34YNK6DD
x-amz-id-2: ePgRPmCOfv9+u6G5pcHq6d8LGHZOay6xaSVAX2GShFkf9F0JlsKLMJ3vf+U3bwe0KiUXgVf9ttU=
last-modified: Wed, 27 Jul 2022 15:06:46 GMT
server: cloudflare
etag: W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 73f268251ca601f4-ZRH

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/ Frame ED02 0
239 B 199ms
45ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame ED02 107 B
122 B 129ms
48ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=2day.kh.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Aug 2022 08:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame ED02 107 B
122 B 129ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2day.kh.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Aug 2022 08:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ED02 42 KB
11 KB 440ms
358ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3835197232741601&correlator=2498806949136530&eid=31068827%2C44764002&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=147246189%3A22755851226%2C2day.kh.ua_970x90_anchor_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x50%7C960x90%7C950x90&ifi=1&adks=2350055029&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_adid%3D5256ad7d6610ed4%26hb_size%3D970x90%26hb_pb%3D0.04%26hb_bidder%3DappnexusS2S&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D722d6f8b109a996d-22f1abe3ffcd00bd%3AT%3D1661242593%3ART%3D1661242593%3AS%3DALNI_MauL6SWWFC7bENNztmnPGhRjeakEw&cdm=2day.kh.ua&abxe=1&dt=1661242594094&lmt=1661242594&dlt=1661242593182&idt=882&adxs=0&adys=5431&biw=1600&bih=1200&isw=300&ish=150&scr_x=0&scr_y=0&btvi=1&ucis=335b6nw4rf70&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2F2day.kh.ua%2Fua&top=https%3A%2F%2F2day.kh.ua%2Fua&frm=23&vis=1&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=236711182.1661242593&ga_sid=1661242594&ga_hid=706881818&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

02543ca1eaf0091401fb221c902c587c1b038bb209f77c053afb9a3b1f708aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10778
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://2day.kh.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ccf698bc7e46a7066d9abb1413fc8cce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D6F 6 KB
4 KB 176ms
48ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ccf698bc7e46a7066d9abb1413fc8cce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 08:16:34 GMT
expires: Wed, 23 Aug 2023 08:16:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame C8E8
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L75WY53W-K-DBXP

0
707 B

259ms
196ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L75WY53W-K-DBXP
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:34 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AE03913D96364360B1FE0717F08C9DF8 Ref B: LON21EDGE2510 Ref C: 2022-08-23T08:16:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXm5C66Wkdk84aMPpk7BA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L75WY53W-K-DBXP
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C8E8 70 B
265 B 125ms
39ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C8E8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bBrlywx7SdO8tdGuX0WmMQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bBrlywx7SdO8tdGuX0WmMQ

43 B
556 B

118ms
118ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bBrlywx7SdO8tdGuX0WmMQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7PY7CY36D1QF44F4MTYZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bBrlywx7SdO8tdGuX0WmMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame C8E8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fYcL_hK6Qp6_l775Gq6eBg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fYcL_hK6Qp6_l775Gq6eBg

43 B
556 B

44ms
44ms

Image
image/gif

52.94.220.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fYcL_hK6Qp6_l775Gq6eBg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Protocol

HTTP/1.1

Server

52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:34 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RE5ZBA4XEPBP5AKYJFYS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fYcL_hK6Qp6_l775Gq6eBg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8E8
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM4YTk5MTY0YTM1MGI0NzYwZTljYjdiZDZiNmI0ZDlkMzExZDczMQ

170 B
188 B

131ms
51ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM4YTk5MTY0YTM1MGI0NzYwZTljYjdiZDZiNmI0ZDlkMzExZDczMQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM4YTk5MTY0YTM1MGI0NzYwZTljYjdiZDZiNmI0ZDlkMzExZDczMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame C8E8 0
0 105ms
37ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C8E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAkhxhihztYgpxTlIpgqof4&google_cver=1

0
239 B

45ms
45ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAkhxhihztYgpxTlIpgqof4&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAkhxhihztYgpxTlIpgqof4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame C8E8
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L75WY53W-K-DBXP&sigv=1&esig=2~0111fbafd5cb8606d560649aa856a52d404d2bd4

0
194 B

151ms
45ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L75WY53W-K-DBXP&sigv=1&esig=2~0111fbafd5cb8606d560649aa856a52d404d2bd4

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:34 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L75WY53W-K-DBXP&sigv=1&esig=2~0111fbafd5cb8606d560649aa856a52d404d2bd4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cookie
cm.adform.net/ Frame ED02 43 B
106 B 134ms
44ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:34 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame ED02
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6471678025609959766

36 B
36 B

84ms
83ms

Image
text/plain

2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6471678025609959766
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H2
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TXKp%2Fz1GBPtRljZRVPpj6Y6XsshmPcowsFpmb7DCultJExd7ChJZuGTilmzritTotaDR3qmoR8%2F4U0t%2BrKxmBg9SKHsO554cuALHlQIKE2EaMFslHdn4cTO5ywHLAJRGweuy6g%2BNP4UhbxA%2BZA94ihpl8%2FB"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 73f268274dcbba85-MXP
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:34 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7bfdbadc-ad5e-481b-94a5-0fbfac26a529
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6471678025609959766
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220818&jk=2584115464171774&bg=!EBOlE1fNAAYUOm8VNDo7ACkAdvg8Wrug38vHlqHcw60jx9-VZfY4-ZYmvadTw8xEOGU3QNRnwa6a4gIAAABVUgAAAAJoAQcKALXkWFfcmLV7GXxyxPsg4lXVKnNWIqmD3bQz81MFZCATvuqPfU5NRPu3x4owa-hVLj5BeVO5aUgGpwhXWO5USupqa4omJInOndCUHpzlPxzYbZZPkBvlt_23hhZbhN8zzBdX_W7dRozOx_dTCWarARh-cUL2u0pPCpfQPeHlal6cbThQ31mbAUmqn9JMSGcSmJm4jIaItO6oejiQ-aWx1vYV0qziHyqR1JNSQ6BNb6sVlrtcRo24mQKfU7i_G2er2IDZQokJJDH4pkmyEc7ejRdhX4-I_2XicWVmG83ENn6NqKpypBr7VL-Mn0B0X5DcRDbYiaeX9mZwpJH_w2AqmE0qcho5ytebpo0xkPQc3OQhcFWb-xAcLG2qLQg8lohbvJHLGlra0YXNQffWGOFDOcOZe1eFLsMQw-Z1cZEbJIUnNSgLKINzQhJJ-v0mw2NQk7XMZH5SxfR7oK9VgKK19-tj-6ww6usRRVoHYinjDi8iC8hLmmOr1zfTBwIu5-wYpNyvyHWCkimJMzFmiYDVyAmY4PBPRR5wpwM-wVtQ8dZ81WJixwysgDBsXpYlFB-QmzsP18ptVYid5IQKrlXqHxSLog9x0_Xq5D-Hsj_t6chV6QC7KAWgOoINSG4xdKu6CXNAytSQsaWxCRBTPYOLYR0_QA9uGCGwhP0M8D3-rI8NkxjIHXqx3d-DsGoyyzLIS42KOpMqb3wuitJmwCYfSnfb409NzKw5nR4gW3nzGbgAmdjHlThLOip8MfAvlV55sYNLEKSyAqvi5k2Ezve-_Vp5AlgqB-EhtQ_JZQU_Hp-gf3zvtBEMYlf3yaZC8T27b6Tg6o_i7yAAeS1j85cQWtjOehFL8h2WQKNG9C5VxphDDtzFyCqAUl6URDjpqIyRTPRa6_hwET6s4Mw2gtZpTQNc5gLDXMNwGR4MTgnZvkBmrXAQ3cNRGvxt4e-S1qV954RYKgYE3xlU0QU-Bme2sSA7IccC_KUOMcb771hxIfsdejypaHJrFWxprh35_7FOIzrjyBYI93qF7XIx5440QHHZqpOG96ywS5LvCxuc9wTohuZorNegCgnw2hSsOJeZAPQLGsOKVRS_Jvk-wZWXEyRQXtjO2UQPRkfUKtz1dM7K9o8mxjBD00I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 prebid
rtb.openx.net/sync/ Frame ED02 43 B
351 B 98ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: g4empi67m8rir1vjrbkkj85ve1dm86eo

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042208121708000/ Frame 6598 221 KB
60 KB 164ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042208121708000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2082d842effe6dff4e0c3f91583f090389abcd286d1290de9766b517d0e4faf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 497528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61579
x-xss-protection: 0
server: sffe
date: Wed, 17 Aug 2022 14:04:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f03bab817f82be97"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Aug 2023 14:04:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042208121708000/v0/ Frame 6598 14 KB
5 KB 160ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 548782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Tue, 16 Aug 2022 23:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Aug 2023 23:50:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042208121708000/v0/ Frame 6598 94 KB
28 KB 240ms
123ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 549175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Tue, 16 Aug 2022 23:43:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Aug 2023 23:43:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042208121708000/v0/ Frame 6598 5 KB
3 KB 157ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 548782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Tue, 16 Aug 2022 23:50:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Aug 2023 23:50:12 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042208121708000/v0/ Frame 6598 40 KB
13 KB 233ms
117ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042208121708000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 549175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Tue, 16 Aug 2022 23:43:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Aug 2023 23:43:39 GMT

GET
DATA 200
OK truncated
/ Frame 6598 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71356ce2e660c6cb41a4e59a46f845d820461b36b42dbc0cda827729443d0a1f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 13164848852127562001
tpc.googlesyndication.com/simgad/ Frame 6598 26 KB
26 KB 42ms
41ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13164848852127562001?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmuhRPaJDm7q-ECiqV8zOZt3tylrw

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73ade84828b9d87aecdeeca2f104088f5650b09a4d6c9b02e4ed8f407d5e2f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:30:49 GMT
x-content-type-options: nosniff
age: 45945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26524
x-xss-protection: 0
last-modified: Thu, 18 Jun 2020 19:42:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Aug 2023 19:30:49 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6598 3 KB
3 KB 50ms
48ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:42:15 GMT
x-content-type-options: nosniff
server: cafe
age: 63259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Tue, 23 Aug 2022 14:42:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6598 344 B
368 B 49ms
48ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 2day.kh.ua
URL: https://2day.kh.ua/ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 04:58:13 GMT
x-content-type-options: nosniff
server: cafe
age: 11901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 24 Aug 2022 04:58:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6598 0
0 132ms
47ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQd1ooX-kCBAub7E2G8i10ZxZMeqCulOjS9alXQd-f0bxRDio1JV_r_WDYMb8S4ClQgbq6BLfmK9AwZVcdSsr_XZpB5xA
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6598 0
0 87ms
86ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cepii4owEY-jND8upx_APifyxUO2o5OxrgvvQ6-8PjvaM2PcvEAEgjeS9KWC7hoCA0AqgAZXn19QDyAEC4AIAqAMByAMIqgSPAk_QAtzPoMChVst_CrlM2qBCGLpKrYF5McNpFsrBX5jyGl61BbEOJq_3mX9woG2scgm070uyqRldJcj9Y07kS2vxupA-9CzxKvail2wOnHoXtCwtKK25xsalbAgYa8VHTexzeCBQ3Ii0QUzVZr5Y92iAex7plCCON_tiJbGFrbkiush1ozQmuzVemOdklE5Z6QKHOUR5Or6-lJ8yI3L7-peFxHxTtBbWZ0RYAFLPLd4lUMpfqm-SVjaBrrt77fSirPRWZCmJToA0cvUkhcFlc8IozSWHDXgcvzDFIx80h-CNKFpYKsDLCe-SK261Ffch2ROO4ZKFRdzLJkozxk1dAP99aIoQcPos0GWqsfyhDu3ABKTqtKaMBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfTmKgrqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnLAF0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwrQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzM4MzE3MTgzMDYxNDIxNhiV4h8&sigh=Vq_cyFrTmVA&uach_m=[UACH]
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame ED02 0
209 B 138ms
42ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2day.kh.ua/ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 23 Aug 2022 08:16:34 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 21E2 15 KB
6 KB 137ms
40ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=116228
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 23 Aug 2022 08:16:34 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 24 Aug 2022 16:33:42 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 21E2 0
42 B 109ms
34ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1128047&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:34 GMT
content-length: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6598
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

53ms
53ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 2day.kh.ua
URL: https://2day.kh.ua/ua
Protocol: H3
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Aug 2022 08:16:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 um
cs.emxdgt.com/ Frame 61B0 0
0 173ms
41ms Document
text/html 18.158.8.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 23 Aug 2022 08:16:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ED02 14 KB
11 KB 88ms
88ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdaa95c17d16f24d30092e5d6c8ee0c116ef9fe9d09d2bb9d425dc48450584ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Aug 2022 08:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11160
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ED02 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 08:16:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8315 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 07:49:07 GMT
expires: Wed, 23 Aug 2023 07:49:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BEAF 783 B
534 B 50ms
50ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e3ff28c887f7426711c52410568a852e0b95c053eb0ddbda8f420e8f9a8cf8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jg4RusRPgloBh-RWBhaSMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-jg4RusRPgloBh-RWBhaSMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 08:16:35 GMT
expires: Tue, 23 Aug 2022 08:16:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8315 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 07:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 07:00:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BEAF 0
0 72ms
72ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=3835197232741601&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8315 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VwrJVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6598 42 B
64 B 80ms
80ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQNo963raO-1Gf4__zG4ZU_03EDWgy9ElzzCmuPiYkir1ilzSobWBuKAk7xeqJ35LwmIjrQ9ihzlZGDZm5nwF7wHJUWO4ghc1Ht4TkIjEb--k38TCIRGk6zBYUxlWFBRNtmer4EEagXMQj&sai=AMfl-YRk1lxTSqQdPSmvIPv6d2PbVr5HukTXSWAf5YySzBXInlrfmwe2hlzaimQSBLa--_OG1SB81Sqw5Dbla08L9X271qP5qeFBHjtcEAjwky4N6wFSQ_xvYZctZHE&sig=Cg0ArKJSzELXNrX-8sXuEAE&cid=CAASF-RonSrj_RuWCHMS116LATn7CyhqdbRU&id=ampim&o=315,1106&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=307&tls=1307&g=100&h=100&tt=1307&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame ED02 0
277 B 45ms
45ms Image
text/plain 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Aug 2022 08:16:35 GMT
access-control-allow-credentials: true
x-sovrn-pod: ad_ap7ams1
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED02 0
0 76ms
76ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=3835197232741601&bg=!m5ilmNzNAAYUOm8VNDo7ACkAdvg8WhwpREi4j9n_ng-zvd8oVxaf48sZFQUX4GdnsweADnczmgs7QQIAAABHUgAAAAJoAQcKAFNr0HDa-JaAKYM5bpmqjPoXPXYsD92Bpl2rH7lZgPOFms53AQPLLJMKqlNKs_vZ5Rwo7zfz6HDNIZD5qW-mzep1znUhI0SpGoLmy2M8ZAfT2ZFKGJkCoy4nWvzDnNZ7be_TdF3xkdd6B-GZoDw6ipXDEtIzZxao8k7Da-OSo4a2lLsp4cTEFXgvsWFhanbhkJ5hJrdoUKUb7eW4_Zo74p_PNWdMtUt1pA_OzuRpokzrDmQSEisTv5trca5CQF1r4mYhCd2F55BeGLgqJVpIbQPZmrjJoC_yNOHtRKGK7PrlkD1nZOlRQ4RNc8fI9GvqxcYhvxPPbyHR6tN0826RVZMfGVAeMS8Y4gwV4UtK3PR8n6l3ZXPcnyyEWRyyw3Sh3cq7exbe-YqrkGSyDHYUJ3Hj-g6QLmQj7H7Tdm2_g_QX1wx8ml2gTXnkkFGeTSXcqQ7HY5gjGyBQ4rZj8vBV8MXFSHogKYAjf-88TIhlW0jUlTDGk3bDNYpTVASp1y2BjyQ4EW5_m1OYTGbVl2J17zDBmi9EhuFsMGm6BJXdz1ga76qsl5rgN2sW6I-__95wrnUuRNKpoI-N5jubdVeiBTMj_N-kcf_Bz2gUNyaL5ipdND9cAuXghZzdH6d-IMXuE994nlkrxMmjCcjqhlsZJKAINdhaTAe9F5XKLXAVgwC6p0BVCZsoIMjja6oLxP1kdg2mPHpGIfh0z1Hiey7KDOoH2j28MFN2EcjkTvdWLfSwGlcr0hI7Dv6v48X2SmsNc9eDjwLMQ8Y45-pUOMa1CZPwkKf1X9AjQi0UrDIt6mtf1YYuLg7TlI9Xiw1Kkrb65bbXLElhi7IX2QMqm2kW2sjNte5Nolo39tTMCgejmGVvrOCKdgIfMGkudDW9JeZWLMgiSdCKrLM_-c0-PuYarK5_Ud2lHj8vCvDTOMawdg-Dxd2eF8w_qlB75Kg8KnXFOmucDrwJWbDuNz87fzbREFgBp911rTKbBsy-50SsDLIZCfTCjsFfiDpFgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame ED02
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D&s=184932&C=1
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwSM5PIgxXMAEZZ5oA0.aQAA%264528

36 B
36 B

88ms
88ms

Image
text/plain

2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwSM5PIgxXMAEZZ5oA0.aQAA%264528
Protocol: H2
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7%2FZQjHqKLdTQyfPQxwzNraJwYvwiU3xv5QpDhTyIvVSegNrvK7KGndnVRGTkf4ylTXiOLareN4L6kKlypLal2o3fKcCfoorKJgHaEja%2FuKE0uLNYFlljNXxIeq9S%2BJofjPfQu6R0M%2Fd%2BRu0ropG6R1%2Bwh1e"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 73f26832aaf3ba85-MXP
content-length: 36
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJ2j2Tb%2Fs2K3%2FnS%2Bs0bk2VJrNqB2PwGeStkaKLD6huGLn6%2Bi2VC4IaYAQVMESJky89c6DRz3EFL5AGYvf%2FAO0smOM2gdjGb1MvtW5Sg2EQIz78MWx0lJw0X3y%2BbL%2FReccV8JkPBo"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwSM5PIgxXMAEZZ5oA0.aQAA%264528
cache-control: no-cache
cf-ray: 73f26831eec572ac-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame ED02 87 KB
28 KB 185ms
64ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:36 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 24 Aug 2022 08:16:36 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D2BA 15 KB
6 KB 60ms
60ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2day.kh.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 08:16:36 GMT
server-processing-duration-in-ticks: 1578
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame ED02 87 KB
29 KB 106ms
37ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2day.kh.ua/ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:37 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:45 GMT
server: nginx
etag: W/"62fb454d-15cfe"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 24 Aug 2022 08:16:37 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D2BA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=2day.kh.ua&sn=ChromeSyncframe&so=3&topUrl=2day.kh.ua&bundle=98-D019zcEJXeGNpMU0wazRUOXoybnIlMkJlVnpNSzZxRjkxUFZmUjNWeXRxRHhpQTRYUCUyRjhpTG...
https://mug.criteo.com/sid?cpp=fw9cfnxza3FGOVlOVHVyamE5dlRVS3Z1eFlObTV3NGRwQVpIdmZBVEMyQVFpL0JNK2Vyc242TVcraFg5UUxaNmdJdlZZK1Z3aktkSmR6NUpkT2c5WmN0aGE2ajNmcjBROTN5b3VPZlFkVm83WU9TOEtHWm9Ld0o0c0lHOG...

422 B
627 B

40ms
38ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fw9cfnxza3FGOVlOVHVyamE5dlRVS3Z1eFlObTV3NGRwQVpIdmZBVEMyQVFpL0JNK2Vyc242TVcraFg5UUxaNmdJdlZZK1Z3aktkSmR6NUpkT2c5WmN0aGE2ajNmcjBROTN5b3VPZlFkVm83WU9TOEtHWm9Ld0o0c0lHOGY3cHZSSzBPMkI3d1BRSDd0L3RVRDVNc3lOUGFNMk1ZdWtaMndDNmJNeUlRRjQ3U2FyazFhTUlLS3RZemJQbjQ4eEFCdjJOMUdGM3hpVnRBVmd3ZzZmaDI4b24vcXViM3oyc2tGVkZUSHh4d3lXU1JmNXliZ2ZCUWRjakl4WU9HdUR2Q0s0bzE5Smpxd2RoTU90WGpuODZGemk1NjRWUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6cf8076cf67e33910f9f825e0072d577ca8acd0016a516ca950207b9f3345afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:36 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4343
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:36 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=fw9cfnxza3FGOVlOVHVyamE5dlRVS3Z1eFlObTV3NGRwQVpIdmZBVEMyQVFpL0JNK2Vyc242TVcraFg5UUxaNmdJdlZZK1Z3aktkSmR6NUpkT2c5WmN0aGE2ajNmcjBROTN5b3VPZlFkVm83WU9TOEtHWm9Ld0o0c0lHOGY3cHZSSzBPMkI3d1BRSDd0L3RVRDVNc3lOUGFNMk1ZdWtaMndDNmJNeUlRRjQ3U2FyazFhTUlLS3RZemJQbjQ4eEFCdjJOMUdGM3hpVnRBVmd3ZzZmaDI4b24vcXViM3oyc2tGVkZUSHh4d3lXU1JmNXliZ2ZCUWRjakl4WU9HdUR2Q0s0bzE5Smpxd2RoTU90WGpuODZGemk1NjRWUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1638
content-length: 541
expires: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0ECC 15 KB
6 KB 50ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=116225
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 23 Aug 2022 08:16:37 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 24 Aug 2022 16:33:42 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 199A 0
91 B 47ms
31ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 23 Aug 2022 08:16:37 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4DEE 281 B
554 B 54ms
46ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Aug 2022 08:16:37 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame AC49 661 B
840 B 54ms
46ms Document
text/html 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e85753917f733aa2052a2f13e84a645367791a59765286f5c5d903765e3c3fa5

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 661
content-type: text/html

GET
H/1.1

200
OK

beacon Show response
ap.lijit.com/ Frame B636
Redirect Chain

https://ap.lijit.com/beacon?informer=13401985
https://ap.lijit.com/beacon?informer=13401985&dnr=1

5 KB
6 KB

50ms
48ms

Document
text/html

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 3bdb807b223acc5ccc02e14d43679ffab414daf5380a6ba1bafe76a1c9ad87a1

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 5586
content-type: text/html
date: Tue, 23 Aug 2022 08:16:37 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
x-sovrn-pod: ad_ap7ams1

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 0
date: Tue, 23 Aug 2022 08:16:37 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
location: https://ap.lijit.com/beacon?informer=13401985&dnr=1
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
x-sovrn-pod: ad_ap7ams1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FBCA 52 KB
17 KB 116ms
35ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 12503
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 23 Aug 2022 08:16:37 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 58847
X-Served-By: cache-lga21930-LGA, cache-lcy19282-LCY
X-Timer: S1661242597.198703,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame 87F8 0
0 49ms
46ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1661242593847

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame ACC2 3 KB
2 KB 170ms
41ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Aug 2022 08:16:37 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame AAB1 926 B
1 KB 105ms
34ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://2day.kh.ua/ua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Age: 1352
CF-Cache-Status: HIT
CF-RAY: 73f26838683c54d0-MAN
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 23 Aug 2022 08:16:37 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 23 Aug 2022 09:16:37 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: TEaHLRBIbHjYMOFhGTzvIZy2PzjlbwQZ4Pmn1wJ4NZ6PfdodaogyuLrUihoJ51VqKHgPwjvkpDU=
x-amz-request-id: FKK67Q5YQT5Q7AX7

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4DEE 31 KB
10 KB 45ms
44ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 08:16:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=53278
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Tue, 23 Aug 2022 23:04:35 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame AC49
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
https://x.bidswitch.net/sync?dsp_id=59&user_id=428c2f8c-1c8a-4eb3-b566-883e5bd6a3b1&ssp=between
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057

68 B
607 B

44ms
44ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057
Date: Tue, 23 Aug 2022 08:16:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame AC49
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uPaco0ND3zDo.AikABlGCycZgDg

68 B
607 B

46ms
46ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uPaco0ND3zDo.AikABlGCycZgDg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f6-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uPaco0ND3zDo.AikABlGCycZgDg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 btw
sync.dmp.otm-r.com/match/ Frame AC49 0
69 B 151ms
51ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=4623186f-6c80-52eb-8978-3d09ea7cb1e8
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Aug 2022 08:16:37 GMT
server: nginx/1.17.0

GET
H2

200

match
ads.betweendigital.com/ Frame AC49
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=FMWQvNZHfejfDhvqSvS47PzE

68 B
607 B

44ms
44ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=FMWQvNZHfejfDhvqSvS47PzE
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

date: Tue, 23 Aug 2022 08:16:37 GMT
location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=FMWQvNZHfejfDhvqSvS47PzE
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
access-control-allow-credentials: true
connection: close
x-sovrn-pod: ad_ap7ams1
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 6EFF 4 KB
1 KB 225ms
40ms Document
text/html 151.236.71.19
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4623186f-6c80-52eb-8978-3d09ea7cb1e8&CACHEBUSTER=648502
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 08:16:37 GMT
etag: W/"60bf907f-ee9"
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 312
x-cdn-request-id: e45d32e793913f100ade0efc9a7d1b9b

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=TaGmqUPx86hWp6T4SqC7-B3wr61W8PeqGaNqjA5t

0
765 B

125ms
42ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=TaGmqUPx86hWp6T4SqC7-B3wr61W8PeqGaNqjA5t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
x-merge: GDPR Optout true
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=TaGmqUPx86hWp6T4SqC7-B3wr61W8PeqGaNqjA5t
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://um.simpli.fi/lj_match?r=1661242597177&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=2&3pid=4D1F5C1F5B5F410ABA7A73BF2EB0344C

0
765 B

105ms
35ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4D1F5C1F5B5F410ABA7A73BF2EB0344C
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
x-merge: GDPR Optout true
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Tue, 23 Aug 2022 08:16:37 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=4D1F5C1F5B5F410ABA7A73BF2EB0344C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 22 Aug 2022 08:16:37 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B636 0
191 B 123ms
44ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:36 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=5141210821457485543

0
765 B

56ms
42ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=5141210821457485543
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
x-merge: GDPR Optout true
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=5141210821457485543
Date: Tue, 23 Aug 2022 08:16:37 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=RD9IJKVSAucK&ev=1&pid=558511&gdpr_consent=&gdpr=0

43 B
1 KB

36ms
35ms

Image
image/gif

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=RD9IJKVSAucK&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type: image/gif
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-GB
location: https://ce.lijit.com/merge?pid=49&3pid=RD9IJKVSAucK&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-54b7cdb645-6xkkd
expires: -1

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame B636 70 B
264 B 46ms
38ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FMWQvNZHfejfDhvqSvS47PzE/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=FMWQvNZHfejfDhvqSvS47PzE/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=

43 B
818 B

101ms
35ms

Image
image/gif

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type: image/gif
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
expires: 0
cache-control: no-cache
x-server: 10.45.26.152
content-length: 0
x-consent: absent

GET
H/1.1 200
OK ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame B636 0
0 121ms
119ms Image
text/html 52.94.220.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame B636
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7145289971331374289&ref=%2Feucm%2Fp%2Fsv
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

40ms
39ms

Image
image/gif

23.75.246.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-246-168.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 08:16:37 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Tue, 23 Aug 2022 08:16:37 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=8f0df7b0-9e2a-4d82-8812-f20c076ad9a4

0
939 B

35ms
35ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=8f0df7b0-9e2a-4d82-8812-f20c076ad9a4
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
x-merge: GDPR Optout true
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=8f0df7b0-9e2a-4d82-8812-f20c076ad9a4
Date: Tue, 23 Aug 2022 08:16:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=92&3pid=6471678025609959766&gdpr=0&gdpr_consent=

43 B
967 B

110ms
34ms

Image
image/gif

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=92&3pid=6471678025609959766&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type: image/gif
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:37 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f479d760-6501-4bfc-a1eb-66a41c7386c1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ce.lijit.com/merge?pid=92&3pid=6471678025609959766&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=12&3pid=6471678025609959766&gdpr=0&gdpr_consent=

43 B
1 KB

35ms
34ms

Image
image/gif

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=12&3pid=6471678025609959766&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type: image/gif
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:37 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3d6dde35-d4d0-4da8-bfc0-d174f0feb327
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ce.lijit.com/merge?pid=12&3pid=6471678025609959766&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ce.lijit.com/merge?pid=85&3pid=AACu3U7GCRoAAA9_344I-Q&gdpr=0

43 B
1 KB

43ms
43ms

Image
image/gif

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AACu3U7GCRoAAA9_344I-Q&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type: image/gif
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AACu3U7GCRoAAA9_344I-Q&gdpr=0
Date: Tue, 23 Aug 2022 08:16:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B636 0
239 B 620ms
107ms Image
image/gif 69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: f69a50991384d09413b97a37bb74928b
Content-Type: image/gif

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=FMWQvNZHfejfDhvqSvS47PzE&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:72ec09f7da0c022b93e8266636b0312a

0
977 B

42ms
42ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:72ec09f7da0c022b93e8266636b0312a
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
x-merge: GDPR Optout true
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Tue, 23 Aug 2022 08:16:37 GMT
server: Aorta/20220823.10fb48f9
location: https://ce.lijit.com/merge?pid=84&3pid=c:72ec09f7da0c022b93e8266636b0312a
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 2b6e37f5b324
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame B636 0
239 B 43ms
43ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8f0df7b0-9e2a-4d82-8812-f20c076ad9a4&ssp=fmx
https://ce.lijit.com/merge?pid=26&3pid=4bf65ce9-5917-46cb-ae63-6d454aef4057&gdpr=&gdpr_consent=

0
977 B

44ms
43ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=4bf65ce9-5917-46cb-ae63-6d454aef4057&gdpr=&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
x-merge: GDPR Optout true
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location: //ce.lijit.com/merge?pid=26&3pid=4bf65ce9-5917-46cb-ae63-6d454aef4057&gdpr=&gdpr_consent=
Date: Tue, 23 Aug 2022 08:16:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=Z3EgoN5I9JJ3aqE9hsRo&pi=sovrn&gdpr=0&gdpr_consent=&tc=1

43 B
1 KB

42ms
42ms

Image
image/gif

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=Z3EgoN5I9JJ3aqE9hsRo&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type: image/gif
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=Z3EgoN5I9JJ3aqE9hsRo&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT, Tue, 23 Aug 2022 08:16:37 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B636
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FMWQvNZHfejfDhvqSvS47PzE&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=989b6304-8ce5-4e00-8d53-49864b58beb0&gdpr=0&gdpr_consent=

43 B
2 KB

37ms
36ms

Image
image/gif

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=989b6304-8ce5-4e00-8d53-49864b58beb0&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type: image/gif
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Tue, 23 Aug 2022 08:16:37 GMT
Server: MT3 4494 7cf1da7 master cdg-pixel-x32 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=989b6304-8ce5-4e00-8d53-49864b58beb0&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Aug 2022 08:16:36 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame B636 44 B
291 B 387ms
71ms Image
image/gif 2.18.235.93

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=FMWQvNZHfejfDhvqSvS47PzE&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Tue, 23 Aug 2022 08:16:37 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 44
x-mnet-hl2: E
expires: Tue, 23 Aug 2022 08:16:37 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame B636
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1661242597859
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1877322453

70 B
264 B

39ms
38ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1877322453
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
etag: RXf8dab940d3d544c98a2c50942e779378003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1877322453
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B636
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Rk1XUXZOWkhmZWpmRGh2cVN2UzQ3UHpF&gdpr=0

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Rk1XUXZOWkhmZWpmRGh2cVN2UzQ3UHpF&gdpr=0

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 Aug 2022 08:16:37 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Rk1XUXZOWkhmZWpmRGh2cVN2UzQ3UHpF&gdpr=0
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
access-control-allow-credentials: true
connection: close
x-sovrn-pod: ad_ap7ams1
access-control-allow-headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame B636
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=Rk1XUXZOWkhmZWpmRGh2cVN2UzQ3UHpF&gdpr=0
https://ap.lijit.com/dsp/google/reporting?gdpr=0

43 B
552 B

100ms
34ms

Image
image/gif

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
access-control-allow-methods: GET, POST, DELETE, PUT
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
access-control-allow-credentials: true
x-sovrn-pod: ad_ap7ams1
content-type: image/gif
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F8E4 15 KB
6 KB 41ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://ap.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=116225
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 23 Aug 2022 08:16:37 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 24 Aug 2022 16:33:42 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200
OK

merge Show response
ce.lijit.com/ Frame 61D6
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=8831316738167446054&gdpr=0&gdpr_consent=

43 B
966 B

45ms
34ms

Document
image/gif

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=8831316738167446054&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 43
content-type: image/gif
date: Tue, 23 Aug 2022 08:16:37 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pod: X-Sovrn-Pod: ad_ap6ams1
pragma: no-cache

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
date: Tue, 23 Aug 2022 08:16:36 GMT
location: https://ce.lijit.com/merge?pid=1&3pid=8831316738167446054&gdpr=0&gdpr_consent=
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma: no-cache

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D57A 15 KB
6 KB 44ms
43ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://ap.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=116225
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 23 Aug 2022 08:16:37 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 24 Aug 2022 16:33:42 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H3

200

cm Show response
us-u.openx.net/w/1.0/ Frame 8EA6
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...

755 B
488 B

66ms
35ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401985&dnr=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f8f25b04bccc89afcebc30ed52153f29a8f6214f55dfa5da7b2d14586c55b6df

Request headers

Referer: https://ap.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 469
content-type: text/html
date: Tue, 23 Aug 2022 08:16:37 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 23 Aug 2022 08:16:37 GMT
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FBCA 0
745 B 43ms
43ms Script
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:37 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ab2e0b51-2a0d-4211-bcfb-7996b6e766f1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 3723 2 KB
2 KB 186ms
90ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7adc51fda6d825c455bea23a5ec60000d3e7808fe8eee8258ce45b3616c6dd

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73f26839c8068891-LHR
content-encoding: br
content-type: text/html
date: Tue, 23 Aug 2022 08:16:37 GMT
dropped-udsids: 39|241|45|230|196|3|51|105
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBRVzaZzfBYDDaQO62mBAYDvSQ9wnQsi33mRdP2uTgWa3qR0i1T89kJcrKloOWFAemyvjSzeuZZNtt4tAEKgrL04m%2BJUY%2Fx%2BsIFX7dYnp2qeMgyao4ID42DhainHO4m2hViLxUhIOo3U1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame 8EA6 0
765 B 126ms
42ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=8756d8f5-7d35-084b-275d-529912bd8034
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
x-merge: GDPR Optout true
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8EA6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=989b6304-8ce5-4e00-8d53-49864b58beb0

43 B
122 B

37ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=989b6304-8ce5-4e00-8d53-49864b58beb0
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 23 Aug 2022 08:16:37 GMT
Server: MT3 4494 7cf1da7 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=989b6304-8ce5-4e00-8d53-49864b58beb0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Aug 2022 08:16:36 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 8EA6
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=XUOG1FMT09VGRYHXX0abhgpHg9BGQ47UXkNHLUCB

43 B
61 B

32ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=XUOG1FMT09VGRYHXX0abhgpHg9BGQ47UXkNHLUCB
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=XUOG1FMT09VGRYHXX0abhgpHg9BGQ47UXkNHLUCB
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 8EA6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1561807666265651053

43 B
61 B

32ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1561807666265651053
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1561807666265651053
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 8EA6 70 B
264 B 39ms
38ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=ebb80635-9781-3246-60e1-e43f6a0cbf66&gdpr=0
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 8EA6 170 B
188 B 52ms
51ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzdkN2Q1ZmYtNWVmNi02Y2UyLTc1MDEtYmU4NmEwZWU3MTA2

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 8EA6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDBLeAHSjOFva6GhjJP2qLQ&google_cver=1

43 B
61 B

35ms
34ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDBLeAHSjOFva6GhjJP2qLQ&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDBLeAHSjOFva6GhjJP2qLQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 6EFF
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D4bf65ce9-5917-46cb-ae63-6d454aef405...
https://x.bidswitch.net/sync?dsp_id=80&user_id=989b6304-8ce5-4e00-8d53-49864b58beb0&expires=30&ssp=between&bsw_param=4bf65ce9-5917-46cb-ae63-6d454aef4057&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057

68 B
607 B

44ms
44ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=4bf65ce9-5917-46cb-ae63-6d454aef4057
Date: Tue, 23 Aug 2022 08:16:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 3723 70 B
264 B 39ms
39ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3723
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwSM5PIgxXMAEZZ5oA0-aQAAEbAAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwSM5PIgxXMAEZZ5oA0-aQAAEbAAAAAB&dcc=t

43 B
645 B

115ms
115ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwSM5PIgxXMAEZZ5oA0-aQAAEbAAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:37 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WXK8Y7CCF0E8MM20Q28R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:37 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 782DFGX5KCW7VPWB28ND
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwSM5PIgxXMAEZZ5oA0-aQAAEbAAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3723
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwSM5PIgxXMAEZZ5oA0.aQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKgVwJIWWFtz0JUNyUcjaU&google_cver=1&gdpr=1&google_hm=2

43 B
909 B

108ms
93ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKgVwJIWWFtz0JUNyUcjaU&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73f2683d7f1f7541-LHR
pragma: no-cache
date: Tue, 23 Aug 2022 08:16:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i60ImAHDkcwIYK1XisiaTYy6Rf5Z8VxLyQ3gAaZN8OVWqpFRwMuEdlwBgy0gSdFzvK%2BuugYSOMrKXG9KeWxxFUaS3K9DfVfqtFa37TN7Ljj6%2FkBb2MEh5gIybZd584cvnb3fidZa6L6HjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKgVwJIWWFtz0JUNyUcjaU&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3723 170 B
188 B 51ms
49ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwSM5PIgxXMAEZZ5oA0-aQAAEbAAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3723
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
948 B

130ms
85ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73f2683d7f207541-LHR
pragma: no-cache
date: Tue, 23 Aug 2022 08:16:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zemJ8Tl6m5kgZPvBG4jW9m6zycFa1lj5FBSKD%2Be77YVG%2FM0JBD8pzSOVZbnwt30TDDUUY3mHXwYz3tqxRBggofWIsaSqtSfSklCgCsU%2FM0hPziMUayGA%2FbNVZGghYJgdSszJCrz9GTd81w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Tue, 23 Aug 2022 08:16:37 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 3723
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=989b6304-8ce5-4e00-8d53-49864b58beb0&gdpr=1&gdpr_consent=

43 B
432 B

392ms
92ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=989b6304-8ce5-4e00-8d53-49864b58beb0&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73f2683c994f7689-LHR
pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iD4ruu5FAYvUuG%2F35gVzSLfcBL1pe7fNWLDFT5mbDY3eDwMn2qNc6Ip4f90shF2BW3lDI097gtom9jiUuPa%2FLRAjuwyW2QQ0ia%2BwzE%2FJcVhCQyE5hq2YQpBAtuZzTF9GpEfd%2BeOKnIkvjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Tue, 23 Aug 2022 08:16:37 GMT
Server: MT3 4494 7cf1da7 master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=989b6304-8ce5-4e00-8d53-49864b58beb0&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Aug 2022 08:16:36 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3723 43 B
220 B 43ms
41ms Image
image/gif 3.127.193.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.193.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-193-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 08:16:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 3723
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
417 B

76ms
75ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73f2683cd99e7689-LHR
pragma: no-cache
date: Tue, 23 Aug 2022 08:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2ibs5L5m496H6YlqWj7R2EucYf4tUfcSzpYekoX6w%2FYk2ixT2AsoPKfbxonMFuYsszd0F%2FnL3e3tvgUabfaW7ZZMh69WLI06k6xYffP1rpoYvfGOMuiO%2FRrnR8Ef%2FmN1NJvs6GX8UXtFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Tue, 23 Aug 2022 08:16:37 GMT
server: nginx/1.20.0
content-length: 76

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 3723 43 B
424 B 402ms
60ms Image
image/gif 2606:4700::6812:c4c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YwSM5PIgxXMAEZZ5oA0.aQAA%264528
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F2day.kh.ua%2Fua&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:16:37 GMT
cf-cache-status: HIT
age: 68
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "da1f1d-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 73f2683cad2f01e7-ZRH
expires: Tue, 23 Aug 2022 12:16:37 GMT

GET
H2

200

e8d7f48c-22bb-11ed-a044-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 6EFF
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjlmZKYBqIBEOjX9IwiuxHtoEQAJZDIJDc*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=e8d7f48c-22bb-11ed-a044-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=e8d7f48c-22bb-11ed-a044-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=Zv13%2F3dFl6cxosG5czh0dw&
https://an.yandex.ru/mapuid/adsniperis/e8d7f48c-22bb-11ed-a044-002590c82437
https://an.yandex.ru/mapuid/adsniperis/e8d7f48c-22bb-11ed-a044-002590c82437?redir-setuniq=1

43 B
108 B

93ms
93ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/e8d7f48c-22bb-11ed-a044-002590c82437?redir-setuniq=1

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:38 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 08:16:38 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 23 Aug 2022 08:16:38 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Aug 2022 08:16:38 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 08:16:38 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/adsniperis/e8d7f48c-22bb-11ed-a044-002590c82437?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 23 Aug 2022 08:16:38 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FBCA 0
745 B 43ms
40ms Script
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 08:16:38 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4f19abc7-a7dd-4059-a02e-8367eb6301fe
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

usync.html
eus.rubiconproject.com/ Frame CE62
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.2day.kh.ua/	1970-01-20 15:03:22	Name: _ga Value: GA1.3.236711182.1661242593
.2day.kh.ua/	1970-01-20 05:28:48	Name: _gid Value: GA1.3.880796192.1661242593
.2day.kh.ua/	1970-01-20 05:27:22	Name: _gat Value: 1
.2day.kh.ua/	1970-01-20 07:36:58	Name: _fbp Value: fb.2.1661242592908.1721374718
2day.kh.ua/	1970-01-20 14:57:36	Name: __atuvc Value: 1%7C34
2day.kh.ua/	1970-01-20 05:27:24	Name: __atuvs Value: 63048ce0cd299e7f000
.facebook.com/	1970-01-20 07:36:58	Name: fr Value: 0ZMEsVms0V6vuWmLZ..BjBIzh...1.0.BjBIzh.
.addthis.com/	1970-01-20 14:57:36	Name: uvc Value: 1%7C34
.addthis.com/	1970-01-20 14:57:36	Name: loc Value: MDAwMDBFVUdCMDAyMzE0MTc4NzA0NTAwMDBDSA==
2day.kh.ua/	1970-01-20 05:27:24	Name: stpdOrigin Value: {"origin":"direct"}
2day.kh.ua/	1970-01-20 06:10:34	Name: _pbjs_userid_consent_data Value: 3524755945110770
.2day.kh.ua/	1970-01-20 05:27:24	Name: __cf_bm Value: xfI9tGQ2e.K3KGk.uVm95oS.t_.NKWH5JCEs67TLNSU-1661242593-0-AbkUcMHjzsJrjFcqozWnXhiKLVSY1Ueqdvh86nAgajhzFxKfrYIDnzu1kLT2oqFXws4UiIZJTP7EStn+sYwDMzIH6ejhzagtpUVK1RXlHR+Oqbn699glXkninn4ETaArhQ==
.betweendigital.com/	1970-01-20 14:12:58	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 14:12:58	Name: tuuid Value: 4623186f-6c80-52eb-8978-3d09ea7cb1e8
.betweendigital.com/	1970-01-20 14:12:58	Name: ss Value: 1
.betweendigital.com/	1970-01-20 14:12:58	Name: unm Value: 1
.prebid.a-mo.net/	1970-01-20 14:12:58	Name: __amc Value: 1_1661242593_1661242593
.rubiconproject.com/	1970-01-20 14:12:58	Name: khaos Value: L75WY53W-K-DBXP
.rubiconproject.com/	1970-01-20 14:12:58	Name: audit Value: 1\|SDziDG3X/Egu4dJafOchAlqbBgMWySGKoH1GQZR6kujqv1ZNWvFZDKOxJR5egIBuQ4Zon56C/pYqM9i914k4nlH/KItGfOsm0A+VO7RH1E0=
.2day.kh.ua/	1970-01-20 14:48:58	Name: cto_bidid Value: RlM1519FRUtUayUyRlVieFI1V0hCNUF2YSUyQnJTQndqQVpJckdNYjVGc1I0RCUyRm14Y1VucEpJbkNwWkElMkJVYkpjQ0RCQlNuZTBrdmNaJTJCcmxCN3haUVZMZXR6ZGRqNkElM0QlM0Q
.adnxs.com/	1970-01-20 07:36:58	Name: uuid2 Value: 6471678025609959766
.amazon-adsystem.com/	1970-01-20 15:03:22	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-20 14:48:58	Name: IDE Value: AHWqTUnSbqvDykqsubFZDTVWheocKvr6s0iQgTtkdQD_x529wgSFvmcusNQtZDN41bE
.2day.kh.ua/	1970-01-20 14:48:58	Name: __gads Value: ID=722d6f8b109a996d:T=1661242593:S=ALNI_MZygMz5W-0pZqxgipuc0SC0YdThXw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:12:58	Name: bcookie Value: "v=2&0a7bd93f-1281-4be3-8e1b-3680f4d72070"
.linkedin.com/	1970-01-20 09:46:34	Name: li_gc Value: MTswOzE2NjEyNDI1OTQ7MjswMjFPfLQJVhCWhTwMkqlzzlCHPncJSeR/J52C5OgJf2brrA==
.linkedin.com/	1970-01-20 05:28:48	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2794:u=1:x=1:i=1661242594:t=1661328994:v=2:sig=AQGP0CazbaIMoc_uprehcr9g8gaOFnY9"
.amazon-adsystem.com/	1970-01-20 10:45:36	Name: ad-id Value: AyBJApvOZkCdtZ0AK_QozfA
.ads.pubmatic.com/	1970-01-20 05:28:48	Name: KCCH Value: YES
.doubleclick.net/	1970-01-20 05:27:26	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 14:12:58	Name: CMID Value: YwSM5PIgxXMAEZZ5oA0.aQAA
.casalemedia.com/	1970-01-20 07:36:58	Name: CMPS Value: 4528
.casalemedia.com/	1970-01-20 07:36:58	Name: CMPRO Value: 4528
.criteo.com/	1970-01-20 14:48:58	Name: uid Value: 8172df6a-5795-48fc-abc5-0ed091229ff4
.lijit.com/	1970-01-20 14:12:58	Name: ljt_reader Value: FMWQvNZHfejfDhvqSvS47PzE
.2day.kh.ua/	1970-01-20 14:48:58	Name: cto_bundle Value: bia5MV9zcEJXeGNpMU0wazRUOXoybnIlMkJlVjl4ZkRQbTRnRDZFQWNha0tqVlJYa2ZqZExQcUFEMGsyZXF4THltSXFvNWNqRTJMdU5QODAxcVc5UXFzVG04ZTVsQ29NeHlucnlDODVZNDVHeG1CSWMxVGkxWEU1SnR5JTJCZzE4UDlwQVFjMDQ3cFlhSjQySWJtNmM0Vlo0aFRaNFFnJTNEJTNE
.lijit.com/	1970-01-20 14:12:58	Name: ljtrtbexp Value: eJxdjzkSgDAMA%2F%2BSmsJ2fPI1hr%2BTAI1Vrj2zkq7B42R3npJVcQx5UdSEN86OwZ2NCC5MwCAM%2F%2FJSY26uldobrEuCwzsnZCS0TAU2YPRFZ0Ffwf%2FfIGnxcsAm2KzgU%2FAZ9LHsfqbe6H4A2VdWSA%3D%3D
.openx.net/	1970-01-20 14:12:58	Name: i Value: 3814396c-3e06-0db1-3a37-2cd70e2b8c9b\|1661242597
.betweendigital.com/	1970-01-20 14:12:58	Name: ut Value: YwSM5QAD_3AGwwyVVaqfISD7TpsKKoBYuz8XVA==
.openx.net/	1970-01-20 05:48:58	Name: pd Value: v2\|1661242597\|gekin0vNiygu
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.simpli.fi/	1970-01-20 14:14:24	Name: suid Value: 4D1F5C1F5B5F410ABA7A73BF2EB0344C
.owneriq.net/	1970-01-20 15:03:22	Name: si Value: Q7145289971331374289
.owneriq.net/	1970-01-20 05:41:46	Name: p2 Value: sv
.quantserve.com/	1970-01-20 07:36:58	Name: d Value: ENoBDAH2JoqsMA
.quantserve.com/	1970-01-20 14:57:36	Name: mc Value: 63048ce5-57746-fa750-38453
.bidswitch.net/	1970-01-20 14:12:58	Name: tuuid Value: 4bf65ce9-5917-46cb-ae63-6d454aef4057
.bidswitch.net/	1970-01-20 14:12:58	Name: c Value: 1661242597
.bidswitch.net/	1970-01-20 14:12:58	Name: tuuid_lu Value: 1661242597
.turn.com/	1970-01-20 09:46:34	Name: uid Value: 8831316738167446054
.adhigh.net/	1970-01-20 14:12:58	Name: gi_u Value: uPaco0ND3zDo.AikABlGCycZgDg
.lijit.com/	1970-01-20 14:12:58	Name: _ljtrtb_92 Value: 6471678025609959766
.rfihub.com/	1970-01-20 14:48:58	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjQxNTexMDU1MRbiM9QtKneOKrb0TfYsLksEAHkVxBMlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjQxNTexMDU1MRbiM9QtKneOKrb0TfYsLksEAHkVxBMlAAAA
.rfihub.com/	1970-01-20 14:48:58	Name: eud Value: H4sIAAAAAAAA_zvEyGtoZmZoZGJkamluYmwEADnllMUQAAAA
.mathtag.com/	1970-01-20 14:53:17	Name: uuid Value: 989b6304-8ce5-4e00-8d53-49864b58beb0
.lijit.com/	1970-01-20 14:12:58	Name: _ljtrtb_1 Value: 8831316738167446054
.casalemedia.com/	1970-01-20 07:36:58	Name: CMTS Value: 4458
.casalemedia.com/	1970-01-20 05:28:48	Name: CMST Value: YwSM5WMEjOUA
.casalemedia.com/	1970-01-20 14:12:58	Name: CMRUM3 Value: c463048ce505a0&3363048ce505a0&f163048ce505a0&0363048ce505a0&e663048ce52760&6963048ce505a0&2763048ce50b40&2d63048ce505a0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6471678025609959766 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.ampproject.org/rtv/042208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwSM5PIgxXMAEZZ5oA0.aQAA%264528 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2day.kh.ua
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
an.yandex.ru
aorta.clickagy.com
ap.lijit.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c1.adform.net
cache.betweendigital.com
ccf698bc7e46a7066d9abb1413fc8cce.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
d.adroll.com
d.turn.com
data.adsrvr.org
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
js-sec.indexww.com
m.addthis.com
match.adsrvr.org
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
node.setupad.com
onetag-sys.com
openweathermap.org
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
pubads.g.doubleclick.net
px.adhigh.net
px.ads.linkedin.com
px.owneriq.net
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s7.addthis.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
stackpath.bootstrapcdn.com
static.cloudflareinsights.com
static.criteo.net
stpd.cloud
sync.1rx.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
us-u.openx.net
v1.addthisedge.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
x01.aidata.io
z.moatads.com
eus.rubiconproject.com
s7.addthis.com
104.17.119.107
104.18.18.126
104.75.88.126
135.125.160.160
138.201.197.100
141.95.98.68
142.250.181.226
142.250.186.34
147.75.85.234
151.101.1.108
151.236.71.19
159.122.14.34
159.89.25.223
178.250.0.157
178.250.0.165
18.158.8.202
18.159.205.245
18.203.96.202
18.210.134.164
185.184.8.90
185.29.134.244
185.64.189.112
188.42.191.196
193.0.160.129
193.232.148.145
195.201.57.28
198.148.27.140
198.47.127.19
2.18.235.93
2001:678:cb4:bbbb::13
213.19.147.44
216.52.2.30
216.52.2.39
216.58.212.130
23.205.235.133
23.205.245.111
23.35.236.201
23.35.236.247
23.35.237.151
23.75.240.210
23.75.246.168
2602:803:c003:200::41
2606:4700:10::6816:3556
2606:4700:20::681a:8a9
2606:4700:20::ac43:44a2
2606:4700:3035::ac43:b310
2606:4700:440e::6812:2fe6
2606:4700::6811:180e
2606:4700::6812:1f31
2606:4700::6812:272
2606:4700::6812:bcf
2606:4700::6812:c4c
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:810::200e
2a00:1450:4001:812::2001
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:830::2002
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8::90
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.245.227
3.127.193.182
31.172.81.172
35.186.253.211
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.234
37.157.6.248
37.252.173.27
37.252.173.62
51.89.9.252
52.222.209.55
52.46.155.104
52.94.220.185
54.216.196.145
54.220.105.73
54.72.196.78
66.155.71.25
69.173.144.138
69.173.144.139
69.173.144.165
69.173.151.100
81.17.55.112
89.108.119.28
0146d23ac789b3847e572cc4f617acd341b978e0d88210c60febcfd3e734705b
02543ca1eaf0091401fb221c902c587c1b038bb209f77c053afb9a3b1f708aef
030fa35a997a81ffaa4016f7f594584696d9111afb005be91d4ca37ea518b751
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0756a2f033b3c0758364d51e77580be8fce4efb0d92e6358a6eec240dccdf65a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c90985892d44cbf907f1560e7750672819fa34a791817d302e51d297d47cc81
0ceefca755cfe064ca5b7ddc6ec797fd02a770812cb77bbbd0ce52146786f006
0e2727c9ef52475f9911c2c6c0730828f9eca5cb0f748a81a707f8d67dc70a01
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f70c4bdac6b164d8edf952616a5e71788e83cfcaa44728b9c2a459c938e9ea3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b3a7376adbd564583998d5c2bb4bec1e470bd8365f9cda74255b6e9e240e6e
145de3a9a334c26c3cdeffcbcd5de713fb7f6eac88bb8ccba7a20f9a69341dc4
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
1a37e9c65f2865f65da62e8288b64acbcf9a1876053e72616bab3f81eeabc946
1c4ffb97f7c3abefe68aafd2238fd52592f454a2c9ccfa01e256bb95c1add8c4
1fb26a989f3ca60f737c65c284b4af2db5574d313622beb510ac85c7cbdc31b9
1ff3f6b890d7d0a4ccb40505d2c0275fa17510d9dcc0afc1b053ec792cf20a98
2082d842effe6dff4e0c3f91583f090389abcd286d1290de9766b517d0e4faf7
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
24ccc7db302898c259cd6c54ae8e85f9b4cf5a2ce92a0ad777c6f967b5f42cfe
265a63573c96eea39dbebd88e9e6243e77778b7436ceb8615371a861c551225f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
296cca0e384d048f1f1fa8557ef318422f9ce2b4238b92f78f475a4974b06e5e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
2cc215fe06a9957f87164e3b5ac2b18e3864d89f2f482df2561aea584e2d94c8
2cf6738261f58e9bd2d90f01914aa2e9a504999a793a4bef4f25ae5be64743e5
2e99cdbb3f470bbf77a2f4571689fd19d1f53360b24fb1433222629c9cd52e2c
30d72d952edcd10456b1cead39b7c142c100abce5408e23e04b28d1708b37412
333a487db2cc80764376a27c12b997065c5fd3274840c8c111e06b82bf6f7126
33bb4a2a18b01b3f102283231472df2bd7a94c473a4525de27743dea4554d67e
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3bdb807b223acc5ccc02e14d43679ffab414daf5380a6ba1bafe76a1c9ad87a1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
437c575d301f49f6f35c8d976f5168bfd619adfd75da940aefabdb4f996547de
43ac67ad6d09de7e5051c43c890c1aa7147357bf91298bf9548e4a22fcc61cc9
4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
504dfe35cddb32b14324dd38964e6e1592ec412bc8b597e75cc586539ec0f1ce
5141d6e2a0ff9258555b59e30ca57ed54d37dd8b78c4f82244e7b38300be8cd7
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
589690e866bbaaa79a8ce4468bfc9947c4989864492dcdabea85c732de4a177d
594784e9721f45d78a8b4ca9e75a75bbab8ff2ad1fc50fb8366d46b1a36c7548
5a9e429dc7f1bd781f53c2765eabe87583241d92886c2b0538adbf0d49987bcf
5c5dac0238490b3ed0d0a6c825ef2bfb9f04bf9e81f8cd8ca747068d5a3ae534
5de5bca71d92593252e0f13d4e73a1afbbee9bae8e3aa72182ab6d6b7caff685
5e97b209351f5ac18e290005aa556c73364fd7d86291e9c719741634a3157bad
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6aa06bfa5e5872068d63f93506fcc225c83b73c0a850735e8979a5ec99734535
6be6dd3251932977e82ba5763f06b37fe38859deac022ebca52d6a81ddd247a2
6cd57361501d500a05f6b0fd353f95c96554ac7ff2f9574de68e1bd6c2d5c575
6cf8076cf67e33910f9f825e0072d577ca8acd0016a516ca950207b9f3345afc
6e3ff28c887f7426711c52410568a852e0b95c053eb0ddbda8f420e8f9a8cf8c
6f859adc0a452c5e1e679eedc17fe09b5d86e9554673689538d41627ac8aaddb
6ff304c1b05f32d1055bde9ed903c44d3270f380df61f05ee5500a74efce525a
71356ce2e660c6cb41a4e59a46f845d820461b36b42dbc0cda827729443d0a1f
73ade84828b9d87aecdeeca2f104088f5650b09a4d6c9b02e4ed8f407d5e2f21
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76d0c097ff2308bcc8cfe92f268f2dfc65d628820be39880d26f2849da609ad8
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e11dea0c17e8baa18dcb2ec8d2df4ea619ea328bd1d0e015c2fdb6a1fd9215c
7e7adc51fda6d825c455bea23a5ec60000d3e7808fe8eee8258ce45b3616c6dd
7fa16f33d6d3cbedc76ac53bb6e8980b3355a03fcd031b45ece5daf0130839d4
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
8427bd0b937570d155765cb42ee876407b60e614c2ad860d0c4eecb41034053a
857fab77473295b25a5463c312bc843da53b14e4a8d72c19c5d1c6382ff99748
85feef29d611f7c8073a24fbe6a622cd7c393bf0312cc780ccee39bfbb2c79ea
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8a946e0c22c4e80dbc4dda9d2187b5ca687d915cd78972369aaef25f6d7f7b75
8c9cb47531f9949441132c9ee7768a17e9bb25dcaad08e72298f762d3be3234c
8cec5d8f1d183ea32e426b300a7bf4d552b151dbfc604a75706db703055c8983
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
9019c5eb032790984a7ad92b232a629e194b0cd89083f58ef9c7d65ac4d3012d
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
928f998af3de3c869422dab59ef6db225240bdba9cf7f51f89c6960857a93415
95f156c307b5f1db0c8aa96767bc4d8ae94bd50e8f79a7bbe3cd4bc5be0a2ba2
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9debf91901787f835ea44cbbe916316ee74b525efe830c0d49cead79a48c386d
9e8c55fd6e5282609b017e7502a1003db04654035df7f47fe41246c5943c4676
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a47fd71bae82a7a1b6998cc9d4e0ffb4a179f59725832a98f15bfe74c910d5cd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6400a1f37c0d60543c6f9b9c233cd047d7945fa48793dfeca82fa38b5a5be79
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77364a83ea421d142f14da8c45e3e1d5c30ffb37fcec69027e8b338d36c553e
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ace5b0416c0a7407104f37fb3ef6d9d93f6d8cae628d55cc5a8de73ec7719c9e
adc5869576c63e5e9e46f964fce56f97e97b13e5fc1932d8afcbf166c1268492
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19c8ed6d45d2a43a19ef5c6538df40928648bcb372bfd0c303feead377c53da
b29de62de79a3d8b59970a61a884d9ab769e2e22303f7970ade1a5e5c3caf165
b2f3a49a09c3b05153e7354e240268d4ad9a716a264151dfa49d776853d9ec40
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b5549c6fbea0af29c85538a511d02108dee2373899a22cdc5583d427bb6b386e
b8066c6b2cea0419ca4caca461f9c88cae859b302cacd7e93fe998002927daae
b9d2f51c980ee3b7c323f96741e433aad9f3dac594da1c19725663a172c909e4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d750a28deaefdd7c3809177bc50ac48fe450f7ac5ea63a126af3c1b74d28ef
c42f10fdcae83086f84dfbbdcba6ce95ca6304c1989302b6c569f61fc96f60d7
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c734a74bc83cd6d3af221db2918395f01c6f2aa0505bbe0239c39a59c7266dce
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
c87b08a6572f39a19944fb677b936a8ff53f0a9635957d4c9c78992251967e01
c910b97809487c871b6ff99b411454008b5c4101cd983515723ca547a5349867
cababc5dc4755b6a2b3de47664173b51961ec4100676ca515ee8f48ff05f250c
cb70cdda0beed41885daa09bfc2df6138fbda339244c8595656bb3cef18c6a59
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dff7806dd8d4c32df56e5a64b30abee9c7f5006fa3c24fd13f8c9fcc15da6262
dffdd5f064425460104a61e133702a3d07063215f6986c4f96ef2f742bc93613
e1873888f36f806b549c946f11c034665818ca30636e0496e4efc4f4b8fbf93f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85753917f733aa2052a2f13e84a645367791a59765286f5c5d903765e3c3fa5
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e98441760d3a215ce945011b2afbf7d5f28fa124bf7c6ccde57c80b70fc6e802
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f092fc52499e9c9b5143b0c3713ed7416143b367d1748d85581739bebdb3e4ac
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f2fe4600224f1d65406e8feb13f8c529a7bcc68630acab579c7121515e21dcc9
f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11
f3b009147dafbfd61514df1db441d2e5483d35291f671027b5550ff822ce9b44
f645cdbf12940f8752f80bb4f11d40c29015666c32ff215113c05ee44c699607
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f8f25b04bccc89afcebc30ed52153f29a8f6214f55dfa5da7b2d14586c55b6df
fcbcd7e479bfc01fa507f30d2700e92723d6e1e9aa1f4f15617e3da33cb11f37
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fdaa95c17d16f24d30092e5d6c8ee0c116ef9fe9d09d2bb9d425dc48450584ec

2day.kh.ua Open in urlscan Pro 2606:4700:3035::ac43:b310 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

243 Requests

82 %HTTPS

32 %IPv6

69 Domains

108 Subdomains

75 IPs

10 Countries

5079 kBTransfer

8346 kBSize

61 Cookies

5 Outgoing links

Page URL History

Redirected requests

243 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

2day.kh.ua Open in urlscan Pro
2606:4700:3035::ac43:b310 Public Scan

Screenshot
Live screenshot

Full Image

243
Requests

82 %
HTTPS

32 %
IPv6

69
Domains

108
Subdomains

75
IPs

10
Countries

5079 kB
Transfer

8346 kB
Size

61
Cookies

243 HTTP transactions
1 data transactions