hyser.ua Open in urlscan Pro
2606:4700:3033::ac43:8f44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hyser.ua/
Effective URL:
https://hyser.ua/
Submission: On August 04 via api (August 4th 2022, 3:43:05 am UTC) from GB — Scanned from GB

Summary HTTP 153 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 67 IPs in 12 countries across 60 domains to perform 153 HTTP transactions. The main IP is 2606:4700:3033::ac43:8f44, located in United States and belongs to CLOUDFLARENET, US. The main domain is hyser.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2022. Valid for: 3 months.

This is the only time hyser.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2606:4700:303... 2606:4700:3033::ac43:8f44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::ac43:b689	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:a0b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	89.187.169.39 89.187.169.39	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2 6	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	52.28.173.192 52.28.173.192	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2.18.168.202 2.18.168.202	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2.18.168.189 2.18.168.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
6	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2 6	18.210.31.151 18.210.31.151	14618 (AMAZON-AES) (AMAZON-AES)
2	5.178.65.252 5.178.65.252	50673 (SERVERIUS-AS) (SERVERIUS-AS)
4	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 1	34.236.219.105 34.236.219.105	14618 (AMAZON-AES) (AMAZON-AES)
2 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
15	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 5	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:6b06:26e1:4300:34b	16509 (AMAZON-02) (AMAZON-02)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 6	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 5	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f600:6235:8475:2669:58c5	() ()
2 2	2a05:d018:24:... 2a05:d018:24:b002:32a0:48fa:dc36:ac0b	16509 (AMAZON-02) (AMAZON-02)
2 2	54.216.133.37 54.216.133.37	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	15169 (GOOGLE) (GOOGLE)
1	185.15.245.83 185.15.245.83	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	52.17.214.109 52.17.214.109	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	34.250.36.127 34.250.36.127	16509 (AMAZON-02) (AMAZON-02)
2	52.214.253.121 52.214.253.121	16509 (AMAZON-02) (AMAZON-02)
1	168.119.79.223 168.119.79.223	24940 (HETZNER-AS) (HETZNER-AS)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	92.123.37.164 92.123.37.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.224.113.183 34.224.113.183	() ()
1	104.96.159.57 104.96.159.57	() ()
1 1	63.35.160.214 63.35.160.214	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	104.18.18.126 104.18.18.126	() ()
1 1	34.111.151.213 34.111.151.213	15169 (GOOGLE) (GOOGLE)
2 3	23.75.246.168 23.75.246.168	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.66.97.8 18.66.97.8	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	212.129.3.112 212.129.3.112	12876 (Online SAS) (Online SAS)
1 2	18.184.216.10 18.184.216.10	() ()
153	67

21 2606:4700:3033::ac43:8f44 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hyser.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:b689 (United States)

ASN13335 (CLOUDFLARENET, US)

aixcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.aixcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

s.getstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:a0b5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.getpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

cdn-b.notsy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-39.cdn77.com

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.173.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-173-192.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

717be019e47e0ba2652158e7addacf1f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.168.202 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-202.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.168.189 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-189.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.240.210 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.210.31.151 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-31-151.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.252 (Hilversum, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.178.65.245 (Hilversum, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.219.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-219-105.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (Middleburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.143.56 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:6b06:26e1:4300:34b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.94.222.140 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.41 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f600:6235:8475:2669:58c5 (None, )

ASN- ()

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:32a0:48fa:dc36:ac0b (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.133.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-133-37.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Rogeno, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Rottweil, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.214.109 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-214-109.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.36.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.253.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-253-121.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.37.164 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.113.183 (None, ) 1 redirects

ASN- ()

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.159.57 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.160.214 (None, ) 1 redirects

ASN- ()

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN- ()

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.246.168 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.129.3.112 (France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.216.10 (None, ) 1 redirects

ASN- ()

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	rubiconproject.com 8 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 eus.rubiconproject.com — Cisco Umbrella Rank: 588 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040 token.rubiconproject.com — Cisco Umbrella Rank: 707 pixel.rubiconproject.com — Cisco Umbrella Rank: 326 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2288	38 KB
21	hyser.ua 1 redirects hyser.ua	430 KB
15	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1856 mwzeom.zeotap.com — Cisco Umbrella Rank: 1478	5 KB
10	amazon-adsystem.com 6 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 288 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264	7 KB
10	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	200 KB
9	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 4971 s.e-planning.net — Cisco Umbrella Rank: 7332 u-ams02.e-planning.net — Cisco Umbrella Rank: 62489 i.e-planning.net — Cisco Umbrella Rank: 7366	4 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 717be019e47e0ba2652158e7addacf1f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	40 KB
7	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1365 r.casalemedia.com — Cisco Umbrella Rank: 713 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530 dsum.casalemedia.com	7 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 acdn.adnxs.com — Cisco Umbrella Rank: 584	31 KB
6	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2305	10 KB
6	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5331 s.adtelligent.com — Cisco Umbrella Rank: 4875 sync.adtelligent.com — Cisco Umbrella Rank: 4266	4 KB
5	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 834 tags.crwdcntrl.net — Cisco Umbrella Rank: 1275	17 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 469	1 KB
4	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 496 image6.pubmatic.com — Cisco Umbrella Rank: 636	12 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	8 KB
4	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 3659 dmp.adform.net — Cisco Umbrella Rank: 4473	3 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 988	1 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 502 usermatch.krxd.net	943 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	793 B
3	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 98	2 KB
3	notsy.io cdn-b.notsy.io — Cisco Umbrella Rank: 77760	176 KB
3	aixcdn.com aixcdn.com — Cisco Umbrella Rank: 362167 c.aixcdn.com — Cisco Umbrella Rank: 405871	10 KB
2	eyeota.net 1 redirects ps.eyeota.net	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 623	856 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24215	683 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 188	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1201	752 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 cms.analytics.yahoo.com — Cisco Umbrella Rank: 774	2 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 792
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	57 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 652 eb2.3lift.com — Cisco Umbrella Rank: 411	642 B
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8094	684 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	getstat.net s.getstat.net — Cisco Umbrella Rank: 356867	8 KB
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 7074	535 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 5347	17 KB
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1919	367 B
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 3082	187 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 791	425 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	215 B
1	bluekai.com tags.bluekai.com	145 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 968	770 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1972	361 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 451	526 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 19732	220 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1669	596 B
1	bemail.it 1 redirects bn01.er.bemail.it — Cisco Umbrella Rank: 118447	659 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7524	324 B
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 653	162 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 611	98 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 361	732 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 2479	308 B
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4710	792 B
1	google.de www.google.de — Cisco Umbrella Rank: 5596	501 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	2 KB
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 81134
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	29 KB
1	getpush.net cdn.getpush.net — Cisco Umbrella Rank: 124772	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	43 KB
153	60

	Domain	Requested by
21	hyser.ua	1 redirects hyser.ua
12	mwzeom.zeotap.com	ads.us.e-planning.net
6	cm.g.doubleclick.net	2 redirects spl.zeotap.com r.casalemedia.com
6	a.audrte.com	2 redirects ads.us.e-planning.net a.audrte.com
6	eus.rubiconproject.com	cdn-b.notsy.io eus.rubiconproject.com s.adtelligent.com ads.us.e-planning.net
6	ib.adnxs.com	2 redirects cdn-b.notsy.io acdn.adnxs.com spl.zeotap.com
5	aax-eu.amazon-adsystem.com	3 redirects ads.us.e-planning.net
5	s.amazon-adsystem.com	3 redirects r.casalemedia.com
4	dsum-sec.casalemedia.com	1 redirects r.casalemedia.com
4	pixel.tapad.com	3 redirects ads.us.e-planning.net
4	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
4	token.rubiconproject.com	4 redirects
4	u-ams02.e-planning.net	ads.us.e-planning.net r.casalemedia.com vid.vidoomy.com
4	sync.adtelligent.com	s.adtelligent.com ads.us.e-planning.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	fastlane.rubiconproject.com	cdn-b.notsy.io
3	px.owneriq.net	2 redirects r.casalemedia.com
3	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
3	dmp.adform.net	2 redirects spl.zeotap.com
3	match.adsrvr.org	spl.zeotap.com r.casalemedia.com
3	spl.zeotap.com	ads.us.e-planning.net spl.zeotap.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	cdn-b.notsy.io	aixcdn.com cdn-b.notsy.io
2	ps.eyeota.net	1 redirects
2	tags.crwdcntrl.net	s.e-planning.net tags.crwdcntrl.net
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	spl.zeotap.com ads.us.e-planning.net
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com spl.zeotap.com
2	s.e-planning.net	ads.us.e-planning.net
2	secure-assets.rubiconproject.com	2 redirects
2	onetag-sys.com	s.adtelligent.com ads.us.e-planning.net
2	ads.us.e-planning.net	1 redirects cdn-b.notsy.io
2	ads.pubmatic.com	cdn-b.notsy.io s.adtelligent.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn-b.notsy.io static.criteo.net
2	www.google.com	hyser.ua tpc.googlesyndication.com
2	a4p.adpartner.pro	1 redirects cdn-b.notsy.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.getstat.net	hyser.ua
2	aixcdn.com	hyser.ua aixcdn.com
1	js.cookieless-data.com	s.e-planning.net
1	vid.vidoomy.com	ads.us.e-planning.net
1	dmp.brand-display.com	1 redirects
1	dsum.casalemedia.com	r.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	ad.turn.com	1 redirects
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	id.rlcdn.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	i.e-planning.net	ads.us.e-planning.net
1	r.casalemedia.com	ads.us.e-planning.net
1	ssum.casalemedia.com	1 redirects
1	ssp.disqus.com	1 redirects
1	eb2.3lift.com	cdn-b.notsy.io
1	s.adtelligent.com	cdn-b.notsy.io
1	acdn.adnxs.com	cdn-b.notsy.io
1	mug.criteo.com
1	717be019e47e0ba2652158e7addacf1f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	c.aixcdn.com
1	www.google.de	hyser.ua
1	ghb.adtelligent.com	cdn-b.notsy.io
1	tlx.3lift.com	cdn-b.notsy.io
1	bidder.criteo.com	cdn-b.notsy.io
1	adx.adform.net	cdn-b.notsy.io
1	cdn.jsdelivr.net	cdn-b.notsy.io
1	ym-tack.b-cdn.net	cdn-b.notsy.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	aixcdn.com
1	cdn.getpush.net	hyser.ua
1	www.googletagmanager.com	hyser.ua
153	90

This site contains links to these domains. Also see Links.

Domain
t.me
glamur.hyser.ua
hyser.com.ua

Subject Issuer	Validity	Valid
hyser.ua Cloudflare Inc ECC CA-3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
cdn-b.notsy.io R3	`2022-07-10` - `2022-10-08`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
ads.us.e-planning.net R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-07-31` - `2022-10-29`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.audrte.com Amazon	`2022-02-24` - `2023-03-24`	a year	crt.sh
*.e-planning.net R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-23` - `2023-02-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
dmp.theadex.com R3	`2022-06-27` - `2022-09-25`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
*.cookieless-data.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-23` - `2023-03-22`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://hyser.ua/
Frame ID: A587BC86383C41BA60CB4AE58E9D9033
Requests: 60 HTTP requests in this frame

Frame: https://717be019e47e0ba2652158e7addacf1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE0544F955813FEB5D0C826BDD4DEBA1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE7C46E1894836D27BBBEC721AE3B731
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21A24CB18AB0206B6C2BD4989FF0C44A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hyser.ua
Frame ID: C57633E119C5DAE363C4122B3AFAE041
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 44B0AC139CB2F48EC00F953D891AAE59
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 89A1B7A8883B0C8D159D27ACD416E8A7
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B22E5D0B40A1E0A9C06B8DB52A88B72B
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: F52113A98EFC05965EC6EB1EC05B2F90
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 97E038A530A5FA4FB8C30ED1EB5489AD
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 047A1A09621E70BBA3C16C9C80D0B46C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: D4CF06DF17494166478C28FAD4F5336C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 01185F819B60B6D3DE6552E268110B81
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 2CB73C29ADBEB9A5F25FAC56CA3EDBF4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 1E8178C65B0EC8DEE0052B34AE909014
Requests: 3 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Frame ID: 9293E8FD06D415125F9B3B20346D9F3C
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: FB4F6BF046CDB3E8DB0D0AEEEC8C1B2C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: DC34905A7E0F3221394D8F391848859E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&cmp=0
Frame ID: AA53788C3752F6BB1C38E9C12859B37D
Requests: 30 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: D35BF25945C400D4C72F7DC5C777C9EF
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=232173b3ca152897&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 083944F1D609488E25429939FE73E04D
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ACpoN00AS%2fqtgYIa
Frame ID: 160676218098997144986FE86257D3E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Последние актуальные новости Киева, Украины и мира. Hyser.ua

Page URL History Show full URLs

http://hyser.ua/ HTTP 301
https://hyser.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

153
Requests

77 %
HTTPS

36 %
IPv6

60
Domains

90
Subdomains

67
IPs

12
Countries

1183 kB
Transfer

2816 kB
Size

66
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/joinchat/AAAAAFTQBelrQDF73NcIaQ

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/
Title: Гламур

Search URL Search Domain Scan URL

URL: https://hyser.com.ua/privacy-policy
Title: Политикой конфиденциальности

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183990-kak-hochu-tak-i-sazhus-eks-zhena-potapa-pokazala-foto-na-kortochkah-v-mini-shortikah
Title: "Как хочу, так и сажусь": экс-жена Потапа показала фото на корточках в мини-шортиках

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183983-pust-uvidit-kazhdyy-layma-vaykule-vyshla-na-scenu-s-bolshim-flagom-ukrainy-video
Title: Пусть увидит каждый: Лайма Вайкуле вышла на сцену с большим флагом Украины. Видео

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183979-zamanchivaya-poza-i-rasstavlennye-nozhki-nastya-kamenskih-pokazala-foto-na-stupenkah

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183974-izvestneyshaya-televedushchaya-trebuet-sostavlyat-donosy-na-teh-kto-slushaet-ukrainskie-hity

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183990-kak-hochu-tak-i-sazhus-eks-zhena-potapa-pokazala-foto-na-kortochkah-v-mini-shortikah?utm_source=mobile&utm_campaign=news-item&utm_content=left-panel

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183983-pust-uvidit-kazhdyy-layma-vaykule-vyshla-na-scenu-s-bolshim-flagom-ukrainy-video?utm_source=mobile&utm_campaign=news-item&utm_content=left-panel

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183979-zamanchivaya-poza-i-rasstavlennye-nozhki-nastya-kamenskih-pokazala-foto-na-stupenkah?utm_source=mobile&utm_campaign=news-item&utm_content=left-panel

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183974-izvestneyshaya-televedushchaya-trebuet-sostavlyat-donosy-na-teh-kto-slushaet-ukrainskie-hity?utm_source=mobile&utm_campaign=news-item&utm_content=left-panel

Search URL Search Domain Scan URL

URL: https://glamur.hyser.ua/183967-nezhno-i-ochen-stilno-elena-zelenskaya-pokazala-avgustovskiy-naryad?utm_source=mobile&utm_campaign=news-item&utm_content=left-panel

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hyser.ua/ HTTP 301
https://hyser.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://gum.criteo.com/sid/json?origin=publishertag&domain=hyser.ua&sn=ChromeSyncframe&so=0&topUrl=hyser.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=PfVz-XxWbkJGeER6V3dPY28xUjhlQjg1SUErRk5kSjlDbitndlhLa3Uyb2l5RDMxM0FZamczZzRsbDZyWjNEd00ycERtVTBpNnJ2Z2kyaTBMVkpDMnZtcXRzY2RpbkcwSk8raUwreHcyRzVMVjNBRXVpcFJJOVRPK2xWaDk4U0xRRklMTEtjbGFZTTEvUnVBYmZKUDZMWnVyd0VFdHhlYUZESEpMNUZ0ekZRMmZBYkN0NVpxUmxxalpGa2pPekRERjJtV0hSYzZQZFNHODFwUVVucmVuUTV1Z1lxVGVkVi9VbW1EY2JFUmQ2dHJYcGtxakN6UGtFdXlSMVhXNUJSUnFDYXpVWHhNem8yZ3NwblhLOUdVeU5YL3Rhdz09fA&cppv=2

Request Chain 64

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 69

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3465838954826850956

Request Chain 70

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6b112386-6bda-4fdb-9411-b709fc0ba2eb

Request Chain 74

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184-d

Request Chain 78

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D232173b3ca152897%26uid%3D%24UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=232173b3ca152897&uid=3465838954826850956

Request Chain 79

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D232173b3ca152897%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=232173b3ca152897&uid=81485676-e17b-0c35-e7dd-fd8cf7425237

Request Chain 80

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 81

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1

Request Chain 87

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6EHT4FS-O-DXRO

Request Chain 88

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ims46S2ZTxi5vQw5QhbS4A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ims46S2ZTxi5vQw5QhbS4A

Request Chain 89

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/HwbXUDjcHnldBOE0lZYyMg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6486809755426186052

Request Chain 91

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWM2YzUwZGY4NWQ1ZTBiMmI0MDRhYTg1YzU1NjI3MTFmY2Y2ZDNjMA

Request Chain 93

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZFSFQ0RlMtTy1EWFJP

Request Chain 94

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ffkkiuWsQVODy9-2uS4UHA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ffkkiuWsQVODy9-2uS4UHA

Request Chain 97

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=afc59637-fe54-4e2f-8d17-d03e0b774423&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Request Chain 103

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=a96d94cc-f7f2-40bc-8628-ba6f082967c5&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 104

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a48af7db-08e6-4c39-610b-3b379bf283e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a48af7db-08e6-4c39-610b-3b379bf283e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=34846941667414694201909504004623527519&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Request Chain 106

https://bn01.er.bemail.it/zeotap.php?_bid=a48af7db-08e6-4c39-610b-3b379bf283e3&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2022080411-69517-0.877520001659605070-b1ba787fcf34903c5507a493d85c179d&zdid=533&env=mWeb

Request Chain 107

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7127861504651557013&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Request Chain 108

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a48af7db-08e6-4c39-610b-3b379bf283e3 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a48af7db-08e6-4c39-610b-3b379bf283e3

Request Chain 109

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a48af7db-08e6-4c39-610b-3b379bf283e3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a48af7db-08e6-4c39-610b-3b379bf283e3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361&bounce=1&random=4189262477 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=a1qgOeFC7TAUDo7fJw2/Pe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Request Chain 111

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a48af7db-08e6-4c39-610b-3b379bf283e3?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a48af7db-08e6-4c39-610b-3b379bf283e3?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Request Chain 112

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-jMKUCn5E2ooB6_n7n6KwVPtHUFEdkXKpPg--~A&zpartnerid=570&env=mWeb

Request Chain 113

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=2AlcFsEkph42wtVhGz2ACQGpNaXF5cBx%2BS41iYitP1U%3D

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361&_test=YutARwAD2rFq8AAK HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YutARwAD2rFq8AAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&_test=YutARwAD2rFq8AAK

Request Chain 117

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=898562eb-4046-4400-abfc-098f2e36b7f7&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Request Chain 118

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Request Chain 119

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a48af7db-08e6-4c39-610b-3b379bf283e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a48af7db-08e6-4c39-610b-3b379bf283e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&dcc=t

Request Chain 121

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Request Chain 129

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YutARqou.XH99Lzwqn4LXwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBbIcZTrilqr4eNmAsl158s&google_cver=1&gdpr=1&google_hm=2

Request Chain 131

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YutARqou-XH99Lzwqn4LXwAABJ8AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YutARqou-XH99Lzwqn4LXwAABJ8AAAIB&dcc=t

Request Chain 132

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3057633094038444722

Request Chain 133

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1659670983&gdpr=1

Request Chain 134

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=97f8860e-7741-9450-2e0d1a5f

Request Chain 135

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7128709821487426411&uid=Q7128709821487426411&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 148

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=7603403023929077092 HTTP 302
https://a.audrte.com/p

Request Chain 149

https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent=

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent=&google_gid=CAESEPTTfKIvuynA3knd5GxJlW0&google_cver=1 HTTP 302
https://a.audrte.com/p

153 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hyser.ua/
Redirect Chain

http://hyser.ua/
https://hyser.ua/

191 KB
34 KB

179ms
84ms

Document
text/html

2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hyser.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07580a44df0cd752939e696d928fa1b7a046c0e31b0119f337c629223805f362

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-h2-pushed: </fonts/icons.woff2?mpderz>,</fonts/PTSerif-Bold.woff2>,</fonts/Lato-Regular.woff2>,</fonts/Lato-Bold.woff2>
cf-ray: 73544939de4288b6-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 03:42:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: </fonts/icons.woff2?mpderz>; rel=preload; as=font; crossorigin="anonymous",</fonts/PTSerif-Bold.woff2>; rel=preload; as=font; crossorigin="anonymous",</fonts/Lato-Regular.woff2>; rel=preload; as=font; crossorigin="anonymous",</fonts/Lato-Bold.woff2>; rel=preload; as=font; crossorigin="anonymous"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOmYYK5e%2B0c8w%2BopkOsC3fd5FxazLhEjfDZS5%2Ftwt6eYRCfULLC%2FZy8tQRa9K5RuPDND%2F0OwAyqs1ULunlEHMkBYqTl05kF5cu1tQZbX%2FIVZFb%2BwGGYzLLjUs%2FlF59Xf7EHGR0LIDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: HIT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 73544938db10e620-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 04 Aug 2022 03:42:57 GMT
Expires: Thu, 04 Aug 2022 04:42:57 GMT
Location: https://hyser.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4U6mSDWhOrpJqp36rTcysltAdAi2Yo0sli2HbDYyHwxwia1nzbElfRJlfiXuCFndjEmOJzSmjMT91od6LQRv6T0FpR9NClpSEH5FTAoa27hYuy9ORBLPQAMYNFPyGAZ4rQ049Z6fNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 icons.woff2
hyser.ua/fonts/ 2 KB
2 KB 26ms
0ms Font
font/woff2 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hyser.ua/fonts/icons.woff2?mpderz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8074d53bf18a06aa5618ded643481db00ec1c9b6a2ba394f550a8a8aeb0ecd4c

Request headers

Referer: https://hyser.ua/
Origin: https://hyser.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20789238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2136
pragma: public
last-modified: Fri, 12 Nov 2021 17:26:12 GMT
server: cloudflare
etag: "618ea3b4-858"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tQZ04DS841C5FYheqTMDLOWfofDNvYr%2BEAfuaSOajh%2BvWWmAau3wa%2FgRFoJSu3v8cglyPytOAnLk70ZcHh6waEYlvrVCWWDBT3zps8rrC2RD18IhVazQnXipKIuJScEkGlvft78LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493a0e9088b6-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PTSerif-Bold.woff2
hyser.ua/fonts/ 47 KB
48 KB 4ms
0ms Font
font/woff2 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hyser.ua/fonts/PTSerif-Bold.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c02889abfef54353507d98c9dafc3748cdd9971a25d03248032a183f9c80476d

Request headers

Referer: https://hyser.ua/
Origin: https://hyser.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20789238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48424
pragma: public
last-modified: Fri, 12 Nov 2021 17:26:12 GMT
server: cloudflare
etag: "618ea3b4-bd28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knxC4OFW6N7jYDUQwMqoPGs9DFkZsQmrLVps1vC4Mud31xCfUylgdXvPXUCB8mP%2BiyYr9k1MeV3kzAQmrncv00aj60X4yKMhfqVwqOZOH%2Fk91SwJyHihSK9xv7ZEI2JfrHF7Z7CShw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493a0e9188b6-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Lato-Regular.woff2
hyser.ua/fonts/ 49 KB
49 KB 31ms
0ms Font
font/woff2 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hyser.ua/fonts/Lato-Regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e55e331c84e7dd7daf6b6c11f5521fa0891c5403e9979d9e55fbd5fe4e09df7

Request headers

Referer: https://hyser.ua/
Origin: https://hyser.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20135744
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50288
pragma: public
last-modified: Fri, 12 Nov 2021 17:26:12 GMT
server: cloudflare
etag: "618ea3b4-c470"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILNh19nF3QBt6yKau6cnISK7ZGR0OZh5T9PfVCfhZeZok0kkK79gGFTdPVePlyF0gGDTTnxhhEQbSVjRleEQ3%2FUKg8aUaQsVZpveNzM2olHGFUuy0MwLWOYnU6beQ1jD1dfQsLR3Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493a0e9388b6-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Lato-Bold.woff2
hyser.ua/fonts/ 49 KB
50 KB 27ms
0ms Font
font/woff2 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hyser.ua/fonts/Lato-Bold.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e487193d1b9eb2d9d2123473f3c0c80ca7361bee68c030b6ac2e2aa4b4d7ce

Request headers

Referer: https://hyser.ua/
Origin: https://hyser.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20135744
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50376
pragma: public
last-modified: Fri, 12 Nov 2021 17:26:12 GMT
server: cloudflare
etag: "618ea3b4-c4c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UptyeFUY5vRVZZrhoRAQymFYdd4PGK6jc8LbMGmtNcHx5EEavCtz6WYotS8Ie4UKe8kPKqFaq93kn3KsJJr5K9nG45hIMVnPmqf9seVUL32McbupG1yd71STGuP3jqqGb8qa0mXD1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493a0e9488b6-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
43 KB 182ms
66ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDZQGC9

Requested by

Host: hyser.ua
URL: https://hyser.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c61eebf48665cde246a9c46148d4bde272ba51a6802f70b190e4f46d6f5fdb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43464
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Aug 2022 03:42:57 GMT

GET
H3 200 svTZFkG42oUUwUT2f67xU2lY4PwQZ00t7zi0tCoW.jpeg
hyser.ua/crops/a822fe/150x100/2/0/2022/08/03/ 3 KB
4 KB 50ms
50ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/a822fe/150x100/2/0/2022/08/03/svTZFkG42oUUwUT2f67xU2lY4PwQZ00t7zi0tCoW.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92153891c97c265d1d9e31590e7c8d7c482673635a7710abc7009d2033e58e99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22422
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3345
last-modified: Wed, 03 Aug 2022 19:22:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLAKV3RsJOZ7qKGyAshZ5U49Q1k7e3jbgTSgboCa7CyhIcEM2ZwdIqpIio%2BQ7xyUEtEUQUqoD3Vo8KaE6tZvBskIIgaYA8c3%2BVQqL9TX%2Fmc6RSNN0hSWfcXMzGufgXyS22ADWqWRSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493aeb1f7192-LHR

GET
H3 200 app.js Show response
hyser.ua/desktop/js/ 87 KB
25 KB 52ms
52ms Script
application/javascript 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hyser.ua/desktop/js/app.js?id=c3fb42835dc583b0c62c
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e2e8afa3450f7688ca73bd2cdfe40214eb70a1d0abbcce3e58f7b8a673c054

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115100
cf-polished: origSize=89544
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 08 Jun 2022 20:32:42 GMT
server: cloudflare
etag: W/"62a1076a-15dc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5gICXCSwiKh3TL2i%2Ftc55UBPLfmhzfCgU75zYdEdYePz0UKB8LHvuvXP7zGpIUZJomMN6fZIt76yYsyB9kkkalLF2I11DM9uF5rdZZlPFjyhWD6jow8tPkzeU%2BLnEDR2e%2BxpdZwgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
cache-control: public, max-age=315360000
cf-ray: 7354493aeb217192-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
aixcdn.com/ 23 KB
9 KB 162ms
54ms Script
application/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/client.js?165959

Requested by

Host: hyser.ua
URL: https://hyser.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Aug 2022 15:12:27 GMT
server: cloudflare
etag: W/"62e7ed5b-5a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6TukhYRZyWFjL%2FN71mCj5XKkGc0YWSNSExQalJgs8G2kYaaGkXOX9yXM9ydfhkWxoRaj26iKqm%2FSrhUHLjLdOMJefHhyEsRJYx%2FrpHOsQ0dREjUNU9nNNS1bAHyl82lWMAa7TiVf9mo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7354493b9a0a8e21-LHR
expires: Thu, 04 Aug 2022 04:22:12 GMT

GET
H2 200 client.js Show response
s.getstat.net/cdn/ 16 KB
7 KB 158ms
50ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.getstat.net/cdn/client.js

Requested by

Host: hyser.ua
URL: https://hyser.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6100
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 15:15:08 GMT
server: cloudflare
etag: W/"6260237c-3e9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWoajW3p1PbxDO0MV%2BM%2BPOoNQS%2BguJNHYal7AEmJ0KQTR%2Bla2IKDi%2F8u4GSDb6%2FDtb403u9NaBODcjMyG74VVGyjPqj%2F3Qk8OA3gRuqDMmwpMHIb3U2HwkZiWdkaPGx0f5n9QGODyYxpbkK9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7354493b9c71768c-LHR
cf-bgj: minify

GET
H2 200 client.js Show response
cdn.getpush.net/s/swsdvsaruzw8n3j7kkdzlrlnzhts3eg1/ 58 KB
18 KB 159ms
52ms Script
application/javascript 2606:4700:3030::ac43:a0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getpush.net/s/swsdvsaruzw8n3j7kkdzlrlnzhts3eg1/client.js
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e196a8bd26ef69574a221c1378024e9e865ec865eff0aae979a3b49387abd68b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1874
x-cache: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Aug 2022 01:14:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GmrD2N%2FoHtNtGJgJKU7CoewohrXE7TbdGtPA%2BjKM9Z%2FSWUYVTJnIkHLeZh6ytgWTQ3sz8%2B%2BiVgkhjIsumEZuj3t8vuxwNlxUKVKbeWKpaB3bxaDrx8qheF%2B3Bdb8FgIimKaMrnYQjzKHbpCdDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://hyser.ua
cache-control: max-age=14400, public
cf-ray: 7354493b995e7556-LHR
cf-bgj: minify

GET
H3 200 PTSerif-Regular.woff2
hyser.ua/fonts/ 56 KB
56 KB 92ms
92ms Font
font/woff2 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hyser.ua/fonts/PTSerif-Regular.woff2
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd98d01a833cc73d151cb09112775dec0af6f13b059835b9baea6cd9a31bf17

Request headers

Referer: https://hyser.ua/
Origin: https://hyser.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6008955
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57060
pragma: public
last-modified: Fri, 12 Nov 2021 17:26:12 GMT
server: cloudflare
etag: "618ea3b4-dee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4KMrzGU%2Bp0i0fbqbIav%2BbmD9xKKbRyBzjt%2BLScrTqSR5KsRcXWGrOTNI%2FkhAkesQcTsN%2FmgySS8zyPc6l9PPB4K%2BxpqR5taFyNvxNvn9LmqMEmSOnOarTVSYvpm1oFhSIGHmc3maQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493aeb297192-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 XpkSXYVJhvTYl6FJ99Vy0v8ddqDTD57LLsNtzW55.jpeg
hyser.ua/crops/f4ea9a/150x100/2/0/2022/01/28/ 4 KB
4 KB 87ms
86ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/f4ea9a/150x100/2/0/2022/01/28/XpkSXYVJhvTYl6FJ99Vy0v8ddqDTD57LLsNtzW55.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd09ae49faf599e8900ab47e3a9630b8528245664b0421216404de04479328f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22421
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3922
last-modified: Fri, 28 Jan 2022 11:19:03 GMT
server: cloudflare
etag: "61f3d127-f52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNqzMw7w5%2FiMilKSfZx4MoKMxgEV%2B2P32gTU6Ru8LwgpVr5w6A%2FnURiF6w%2F0xKqsx19ymT0UMTIkVXH%2FgcH9guFIPk%2FVZIq49jLNPZRQKLvXs7swRJUtTf7BRXtZaDM713oCxHtTZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7354493babca7192-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 a6DOvHk83ELHEE2hdUQv4Y9OU2WFFaUWXLdga7Xm.jpeg
hyser.ua/crops/caa4dd/150x100/2/0/2022/08/03/ 4 KB
4 KB 64ms
62ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/caa4dd/150x100/2/0/2022/08/03/a6DOvHk83ELHEE2hdUQv4Y9OU2WFFaUWXLdga7Xm.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d51fe33c4f0a044fdb249842d7c6844fbb7de7f47a2e1cc3a36f645b2ee295

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22421
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3688
last-modified: Wed, 03 Aug 2022 17:00:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lZADR2FtJ%2Ftf4uNT2P2RIh4CSdd35gLfgUwJPjz4FvSu578jz7LCkVBtb39B9hhHkElrqVGfSu5gTjykmU22oIlQ9LSjvKEiyNPEPGdsgMsPvbv4cgO8kFwtf0kvaK%2Bg1SMbS3%2BbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493babcd7192-LHR

GET
H3 200 ehiGxizk9u1SwlknajkPBEUiWFLh0yC3oApwZPUl.jpeg
hyser.ua/crops/75c7a6/150x100/2/0/2022/08/03/ 3 KB
4 KB 65ms
63ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/75c7a6/150x100/2/0/2022/08/03/ehiGxizk9u1SwlknajkPBEUiWFLh0yC3oApwZPUl.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddb8f72756fef5ac68b1007eefd1a19f3e4fdb67f3edf93a1e45fe7a7a940ab2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22421
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3413
last-modified: Wed, 03 Aug 2022 17:30:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46h6MzAzEY6REBE5I1P3RCBuJA2Dn5WJWXX%2FJnyNuQLTj2cn4xnLsXUlCNC0ODBl%2BbYnNxpR%2Brs5YytKmiGqwc5P4BJrPAChXUea3pk2qGQOpy%2FxmH9tz4EFcgORZHDwUmHP7Qh%2FQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493babce7192-LHR

GET
H3 200 21dTvS6ZXmVfLY3XcVh5mRPyX9tqTDqaPFNZSg4D.jpeg
hyser.ua/crops/ae9ae6/150x100/2/0/2022/08/03/ 5 KB
5 KB 65ms
64ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/ae9ae6/150x100/2/0/2022/08/03/21dTvS6ZXmVfLY3XcVh5mRPyX9tqTDqaPFNZSg4D.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb0b56c69bde126b7b82b88e8e4c89cce60bca5a8541a4a36d7fb1a3a79e76c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22421
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4782
last-modified: Wed, 03 Aug 2022 17:21:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBYZm8c%2BLeqjgomvTXYHD7qajWy%2BgS8Xy60PLbHfX05n6Z%2Ba63uWJLMfDTi%2BhyjEX15LH4htXGUVws2VuuYgT0SkvUXlTCyfg%2B51qbg%2BpN84CaDURzlXuOqylls0rDVWqwA%2Bl0rEpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493babcf7192-LHR

GET
H3 200 59UeNwmt5eA7q5B5EEjK2vwL9G74uAlQuh2UUszI.jpeg
hyser.ua/crops/3429ed/150x100/2/0/2022/08/03/ 4 KB
5 KB 65ms
64ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/3429ed/150x100/2/0/2022/08/03/59UeNwmt5eA7q5B5EEjK2vwL9G74uAlQuh2UUszI.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f231cb8da1013b3ad46886afb44328c9c5891e0f6a938c44d37712bd379da350

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22421
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4482
last-modified: Wed, 03 Aug 2022 15:50:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07q%2FwF4geyqyjc2jFfShbTgfubkICf%2B26uaAlRJTjO%2BWNj1IZCoS7jAv0XcPcb2zC8WmgOn7o5j7Lg1wPK%2F%2Bq5%2F7y7AVR8hIWzNw0o0IkTKTWZ%2BsFyJ4LfIZqa6SvMr3b0T3dtzUng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493babd07192-LHR

GET
H3 200 ehiGxizk9u1SwlknajkPBEUiWFLh0yC3oApwZPUl.jpeg
hyser.ua/crops/b87fb3/735x400/2/0/2022/08/03/ 28 KB
29 KB 66ms
65ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/b87fb3/735x400/2/0/2022/08/03/ehiGxizk9u1SwlknajkPBEUiWFLh0yC3oApwZPUl.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd21d1b8bd04879d0237ec0fedfac5871524c0559bbcc57fc2e49bd6e47b953d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22421
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28871
last-modified: Wed, 03 Aug 2022 17:31:37 GMT
server: cloudflare
etag: "62eab0f9-70c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mxg8kF4N%2F85jYFSdKXxQkkeeCWlibztMa6XMCtTMndterfsWiNHQM4Z%2B1Q%2BRiz24zhavmDfy7soTnLh9w3tZljCiWIvkP4puxUZ82U3LrIro0dz46CIqnOfLEA4VGP%2Bbui5sPhLJcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7354493babd17192-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 aHMd4Xnf8M3Im3VqAmYKhCuPfNLoWwG0UNSzzsdO.jpeg
hyser.ua/crops/bc0ecb/735x400/2/0/2022/06/22/ 32 KB
33 KB 67ms
66ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/bc0ecb/735x400/2/0/2022/06/22/aHMd4Xnf8M3Im3VqAmYKhCuPfNLoWwG0UNSzzsdO.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aded931ea686274d54e94e7a891a56d0d76acb4a9c36d30c232c1be05681071

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47347
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32855
last-modified: Wed, 03 Aug 2022 14:31:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beymQbiCeHcehpOfYgIeiwKvNzsOiNaKhQBlSePHNcVJJh749iNcLacPrLWcVXZEIhsAZrLTnosAltbjrd4LOVoKVO%2FVnCJLXX8wldgJns5gC%2BYbPEut3mVZAJ4wtv9Rek6tNq4ObA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493babd27192-LHR

GET
H3 200 svTZFkG42oUUwUT2f67xU2lY4PwQZ00t7zi0tCoW.jpeg
hyser.ua/crops/690395/225x180/2/0/2022/08/03/ 7 KB
7 KB 114ms
113ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/690395/225x180/2/0/2022/08/03/svTZFkG42oUUwUT2f67xU2lY4PwQZ00t7zi0tCoW.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34033f4ab3af9e032dea37af9451b50d0b8b9a7a19dbf3d3c18c959d0a23ef67

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Aug 2022 19:23:20 GMT
server: cloudflare
x-cache-status: MISS
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5teXldUeLgK%2BreVMAsQn2GbjR12GcfJqx9%2BmYSSCHeXsFkIGCrr2WENApaOXqLDEtizbz1Xi2PRThtTgbwqFcKuSywMIVWZ4raFqh9cbGBr7Zej5ffOklorNWm0jRSCWb6WsFUSJdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7354493babd57192-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6788

GET
H3 200 59UeNwmt5eA7q5B5EEjK2vwL9G74uAlQuh2UUszI.jpeg
hyser.ua/crops/24d08e/225x180/2/0/2022/08/03/ 9 KB
9 KB 106ms
105ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/24d08e/225x180/2/0/2022/08/03/59UeNwmt5eA7q5B5EEjK2vwL9G74uAlQuh2UUszI.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426cc1723fd7c2c051e3d5f37523cf76cebca9a2ff6f42d8a4f32df4c40f8d1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19876
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9037
last-modified: Wed, 03 Aug 2022 16:32:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzfcO4US0lGlnP%2B8dMW%2BXPKrjdnEc%2F0v73dId0OyeufwCKYZR45hVzlJVZ1N5PHmv77LUYn2%2FN0qw9KtkgRrudeFAj%2FF1NS4LUtBSNe81ArTcJC1ioylvNBpDiqqYCjLetLdEwCNRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354493babd77192-LHR

GET
H3 200 SalyUtOTHOYC3D99FidyDHiqAl3sxM2BrznpANTH.jpeg
hyser.ua/crops/839023/225x180/2/0/2022/08/03/ 8 KB
9 KB 106ms
105ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/839023/225x180/2/0/2022/08/03/SalyUtOTHOYC3D99FidyDHiqAl3sxM2BrznpANTH.jpeg
Requested by: Host: hyser.ua
URL: https://hyser.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daeafe1210534e202fe86725d2854f80f3b4ae97d6aebef5c831488d70ee385d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Aug 2022 15:36:27 GMT
server: cloudflare
x-cache-status: MISS
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjjojzIgwAaA2nU0wWfbG9Nju%2FcUcAz62PwKgc2cCvCcFISGI35EdYALLT429LGqmlFUdMGuked9We6pSw5ZFGOHd%2B%2FrE5rQ1KwN6OEVl5M9mnYKWhvCksvueaZoSxaqy9KMrhlDhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7354493babd87192-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8274

GET
H3 200 pv
s.getstat.net/ 42 B
789 B 116ms
67ms Image
image/gif 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.getstat.net/pv?u=https%3A%2F%2Fhyser.ua%2F&d=hyser.ua&s=&t=&l=ru&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=4&r=0.7624902691491586

Requested by

Host: hyser.ua
URL: https://hyser.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pBupYKPEnRedo%2BJ0FjxMz5CSmUTTSixtWNhv7DTuJR8ImUq1Acu9hRbzyLbqEXhyXLIxMFuM6%2Fhc6UkRUkqA%2B7rdvX9Y0Xrkr%2F4x7T9MGVsVh3UtXqK6UbNqEscVBiSAoQC%2BDW173G2tKnh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store
cf-ray: 7354493c3b24072e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H3 200 264 Show response
aixcdn.com/p/ 377 B
882 B 102ms
52ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/264

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165959

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec6533597b9cfe5c936ed998760efacecd0967a68b93a38cfde85ef7908370e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Aug 2022 10:34:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRngFRTCi1DgoDtzhrW52d4G8JJvLwJ0ryS6nhkQ2WdWotE3Z6WCuIsRMQlpmDJXn8gT8%2FKX%2FbjjZ1EQulfGac9RJWsXQ1b%2BA4VV2m1Z0j67Meh%2Bii2jr%2FlEorD5mmvhx92zaKcLhSMS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7354493c4ab2f423-LHR

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 177ms
54ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDZQGC9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2221
date: Thu, 04 Aug 2022 03:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 04 Aug 2022 05:05:57 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 179ms
62ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165959

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ba38138a82a016b541079da9e6e079c0f94fb5e8c28bb5e40a5541f06ff730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28617
x-xss-protection: 0
server: sffe
etag: "1293 / 358 of 1000 / last-modified: 1659568641"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Aug 2022 03:42:58 GMT

GET
H2 200 ym.js Show response
cdn-b.notsy.io/hys/ 341 KB
107 KB 307ms
100ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/hys/ym.js
Requested by: Host: aixcdn.com
URL: https://aixcdn.com/client.js?165959
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 21639ee6fa2b73fb6aebef3aadaa475cbba281cacd824e7ab6b6a87ea148a88d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:58 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-fileserver: 271
cdn-storageserver: DE-165
cdn-cachedat: 08/03/2022 17:00:06
cdn-pullzone: 139012
server: BunnyCDN-AT-731
last-modified: Wed, 27 Jul 2022 09:14:21 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62e101ed-5529f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: REVALIDATED
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 03bb6040006044ffeb675b73a6316963
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 172ms
62ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=459020726&t=pageview&_s=1&dl=https%3A%2F%2Fhyser.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B0%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0.%20Hyser.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=778037351&gjid=1379320782&cid=1146811391.1659584578&tid=UA-63174230-1&_gid=71148784.1659584578&_r=1&gtm=2wg811WDZQGC9&z=1846542105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:42:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hyser.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022080101.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 185ms
54ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js?cb=31068763

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132749
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 16:11:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 02 Aug 2023 17:39:40 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 113 B
728 B 195ms
64ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hyser.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e724b0c72e06188794c17f0b7de009df65d23ebff444dc725670e639494ca409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 03:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Thu, 04 Aug 2022 03:42:58 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 172ms
55ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63174230-1&cid=1146811391.1659584578&jid=778037351&gjid=1379320782&_gid=71148784.1659584578&_u=YEBAAEAAAAAAAC~&z=144984810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Aug 2022 03:42:58 GMT
content-type: text/plain
access-control-allow-origin: https://hyser.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 277ms
160ms Ping
text/html 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?HYS;desktop;;main_page_desktop;c667db|edefc0
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-39.cdn77.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn-b.notsy.io/video/ 210 KB
68 KB 68ms
68ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/video/video.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 6f49fe92e9877d88197b9bc1b5901f8b32d3e286e534003aa11a1358813353f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:58 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-fileserver: 224
cdn-storageserver: DE-164
cdn-cachedat: 08/03/2022 23:02:09
cdn-pullzone: 139012
server: BunnyCDN-AT-731
last-modified: Wed, 03 Aug 2022 23:01:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62eafe65-348bc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 5d8591d610b95c13431aa5ae00856d22
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 147ms
55ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220804

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccfb76940b94d6423d4924aa4cd5915562036c41841790d4b7025cf1318762a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Aug 2022 03:42:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2518
x-jsd-version: 1.0.1421
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-iad-kiad7000048-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66c-WxitOesYuiPCBnsDLT25//xKK2o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tNVk5k2dtLHFHAxTHGdraG%2Fo%2FtHt3dQ8M6edwlNo1mDCnT%2F5XfK1JqG0UJ1iCo0vakCVKj%2FL51At%2BaL2RajjndGM4uFrYc8vGh8YlZT%2BdqsMD3ANd3CnC%2FuczRT1sXeP9LEeCuAl1YM3mlCsEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73544940788b7566-LHR
access-control-expose-headers: *

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
1 KB 360ms
132ms XHR
application/json 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEzMjQzODMmdHJhbnNhY3Rpb25JZD01ZmFjOTZjMy03ZWUzLTRiN2YtOTk3MS1lMTdmMmEyMjVlNjEmcmN1cj1FVVI%3D&bWlkPTEzMjMzNTUmdHJhbnNhY3Rpb25JZD1kNzZmNGFkNi02MjQ5LTRlYzMtOWY0OS00Nzc4Mzg3NDg0NDkmcmN1cj1FVVI%3D&bWlkPTEzMjMzNTYmdHJhbnNhY3Rpb25JZD0zZDI4ZGIxZi1mMTEwLTRlNGUtYWEzYy1hNWRhNjM3NjMxYTkmcmN1cj1FVVI%3D&bWlkPTEzMjQzOTEmdHJhbnNhY3Rpb25JZD02M2JmYWEzYS1mMTNiLTRkNDctYWMzOC1lM2NmZjc1ZTgwNDgmcmN1cj1FVVI%3D&pt=gross&stid=e72448a1-aa95-4492-9c3c-43b06bce41c7&fd=1

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

37f421bd46bc809134c8c45b3d3aaf49d15179540298638f5f662a6a060641de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:42:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hyser.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 28 KB
11 KB 324ms
180ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3efa610bb2e54ab5d9bfe33e721c0d5d7f08849758e872fccf2f9a46a4548b4e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 04 Aug 2022 03:42:58 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f135ecfc-c5b3-400e-a7b0-35287b398bb7
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hyser.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 298ms
119ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294622&size_id=16&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=5fac96c3-7ee3-4b7f-9971-e17f2a225e61&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19899730535876925
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cdb9423ca768a9ef3108db0f2d88867474f33639427e9343e3c316c7b2444600

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:42:58 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hyser.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 309ms
131ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294414&size_id=10&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=d76f4ad6-6249-4ec3-9f49-477838748449&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11028753341143704
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3a2211d6ab17180976c25848f2b962e4508e0c5b0b94657bc18b66f0deacfe34

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:42:58 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hyser.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 323ms
145ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294416&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=3d28db1f-f110-4e4e-aa3c-a5da637631a9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7261665571362192
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6fd9af0663509bb0a51c0cec5771eddf0487b0713707492f052fd6c46ef86b5a

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:42:58 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hyser.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 298ms
118ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=409704&zone_id=2294630&size_id=16&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fhyser.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=63bfaa3a-f13b-4d47-ac38-e3cff75e8048&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2604865913502712
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 587b76ac3ae9cf4c7258c8f53b425939dc9b1d48175c8e554da10596f78f06fb

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:42:58 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hyser.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
210 B 316ms
57ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=43248338530

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Aug 2022 03:42:57 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://hyser.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 386 B
427 B 526ms
364ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8199,8203,8204,8196&sizes=336x280,300x600,300x600|300x250,336x280&referer=https%3A%2F%2Fhyser.ua%2F
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 5ef5eaac8a3ca0a29077489110661eff056fdc6d7ac2e96e76b7c31e17f97d78

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hyser.ua
date: Thu, 04 Aug 2022 03:42:59 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
502 B 308ms
157ms XHR
application/json 52.28.173.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fhyser.ua%2F&tmax=1000

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.173.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-173-192.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:42:58 GMT
accept-ch: sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hyser.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 7 KB
1 KB 465ms
297ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8048d717ebf7bb8af027aedc8f72b24e6e2e0aaadeab99e70863e4116e2459a3

Request headers

Referer: https://hyser.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 04 Aug 2022 03:42:58 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://hyser.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 891

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 181ms
65ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63174230-1&cid=1146811391.1659584578&jid=778037351&_u=YEBAAEAAAAAAAC~&z=703799782

Requested by

Host: hyser.ua
URL: https://hyser.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:42:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 179ms
64ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63174230-1&cid=1146811391.1659584578&jid=778037351&_u=YEBAAEAAAAAAAC~&z=703799782

Requested by

Host: hyser.ua
URL: https://hyser.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:42:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 geolocation.json Show response
cdn-b.notsy.io/ 3 B
646 B 209ms
68ms Fetch
text/plain 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/geolocation.json
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/video/video.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:58 GMT
cdn-edgestorageid: 731
cdn-fileserver: 309
cdn-storageserver: DE-164
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cdn-cachedat: 08/03/2022 15:41:14
cdn-pullzone: 139012
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-ym-country: DE
content-length: 3
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "622b54c3-3"
content-type: text/plain
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 741149aafb1f37ddb756d204e3f4cda1
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
c.aixcdn.com/ 42 B
397 B 89ms
79ms Image
image/gif 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aixcdn.com/?4113&r=4328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab037c2cbbde510127db317534973d375a4a142c4bae4fbe3a42b3dfe420cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:58 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGBlXVTpXaJCotJdMc80UAuYCh%2BOVfLAyrHccGfVv73uMfQJD6ROpwzGWRB2BxNaJ5coq%2FzaCWoHSm3Hg8fJASh%2BSo9f6aXbD7BAvPW%2B8tPTkeELgfyBxjyoVfY0rnfe8EpYf4Yb3l02E1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 735449424dcd8e21-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 218ms
63ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=hyser.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js?cb=31068763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 03:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 200ms
63ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hyser.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js?cb=31068763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 03:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 290 KB
67 KB 525ms
413ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1325088796665314&correlator=1000115554540198&eid=31068631%2C31068763%2C31068529%2C42531606%2C42531608&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fifs&iu_parts=21863949019%2CHYS_ITA_336%2CHYS_SBR_300c%2CHYS_SBR_300c_1%2CHYS_BTA_336&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C336x280%2C300x600%2C300x600%7C300x250%2C320x50%7C336x280&fluid=height%2C0%2C0%2Cheight&ifi=1&adks=118323584%2C1830702087%2C95717922%2C4043827992&sfv=1-0-38&fsbs=1%2C1%2C1%2C1&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D36640f2bb484657%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D36640f2bb484657%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_adform%3Dbanner%26hb_source_adform%3Dclient%26hb_size_adform%3D300x600%26hb_pb_adform%3D0.14%26hb_adid_adform%3D38972ea6fae727d%26hb_bidder_adform%3Dadform%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D378e526ba84e50a%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.14%26hb_adid%3D38972ea6fae727d%26hb_bidder%3Dadform%7Cr_imp%3D0%26r_cnt%3D0&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1659584579110&lmt=1659584579&dlt=1659584577646&idt=972&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhyser.ua%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=1146811391.1659584578&ga_sid=1659584579&ga_hid=459020726&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js?cb=31068763

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

99192c7cbe7115baa24a58685946cdc0b5fc0f22b0081d8e0867ba016fb77cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68928
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hyser.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 206ms
68ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js?cb=31068763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d95aa09479451650b46a35566bf3551381931b76007e3322a8eb1c69535e86b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 03:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10604
x-xss-protection: 0

GET
H2 200 container.html Show response
717be019e47e0ba2652158e7addacf1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE05 6 KB
4 KB 254ms
62ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://717be019e47e0ba2652158e7addacf1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js?cb=31068763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 03:42:59 GMT
expires: Fri, 04 Aug 2023 03:42:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 201ms
68ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js?cb=31068763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 03:42:59 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 255ms
121ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:59 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Aug 2022 03:42:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE7C 13 KB
5 KB 176ms
54ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 10216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 00:52:43 GMT
expires: Fri, 04 Aug 2023 00:52:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 21A2 783 B
536 B 183ms
63ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e1726531a4d76984a307340157893a7cec63c95371308026ff9c079ebeff0de0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RI46mwQNNRMZw1G7h_WotA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-RI46mwQNNRMZw1G7h_WotA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 03:42:59 GMT
expires: Thu, 04 Aug 2022 03:42:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame FE7C 36 KB
14 KB 164ms
54ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14162
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 19:30:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 21A2 0
0 196ms
88ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080101&jk=1325088796665314&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C576 15 KB
6 KB 184ms
61ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hyser.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 03:42:59 GMT
server-processing-duration-in-ticks: 1513
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 164ms
56ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:42:59 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Aug 2022 03:42:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE7C 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CTxRtw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame C576
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=hyser.ua&sn=ChromeSyncframe&so=0&topUrl=hyser.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=PfVz-XxWbkJGeER6V3dPY28xUjhlQjg1SUErRk5kSjlDbitndlhLa3Uyb2l5RDMxM0FZamczZzRsbDZyWjNEd00ycERtVTBpNnJ2Z2kyaTBMVkpDMnZtcXRzY2RpbkcwSk8raUwreHcyRzVMVjNBRXVpcFJJOVRPK2xWaD...

435 B
627 B

286ms
60ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PfVz-XxWbkJGeER6V3dPY28xUjhlQjg1SUErRk5kSjlDbitndlhLa3Uyb2l5RDMxM0FZamczZzRsbDZyWjNEd00ycERtVTBpNnJ2Z2kyaTBMVkpDMnZtcXRzY2RpbkcwSk8raUwreHcyRzVMVjNBRXVpcFJJOVRPK2xWaDk4U0xRRklMTEtjbGFZTTEvUnVBYmZKUDZMWnVyd0VFdHhlYUZESEpMNUZ0ekZRMmZBYkN0NVpxUmxxalpGa2pPekRERjJtV0hSYzZQZFNHODFwUVVucmVuUTV1Z1lxVGVkVi9VbW1EY2JFUmQ2dHJYcGtxakN6UGtFdXlSMVhXNUJSUnFDYXpVWHhNem8yZ3NwblhLOUdVeU5YL3Rhdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2301ef50c6b889160c5da5f9cf1d0ecd5036d4aeeec7d50f8ac0d18934c69b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:00 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5444
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:42:59 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=PfVz-XxWbkJGeER6V3dPY28xUjhlQjg1SUErRk5kSjlDbitndlhLa3Uyb2l5RDMxM0FZamczZzRsbDZyWjNEd00ycERtVTBpNnJ2Z2kyaTBMVkpDMnZtcXRzY2RpbkcwSk8raUwreHcyRzVMVjNBRXVpcFJJOVRPK2xWaDk4U0xRRklMTEtjbGFZTTEvUnVBYmZKUDZMWnVyd0VFdHhlYUZESEpMNUZ0ekZRMmZBYkN0NVpxUmxxalpGa2pPekRERjJtV0hSYzZQZFNHODFwUVVucmVuUTV1Z1lxVGVkVi9VbW1EY2JFUmQ2dHJYcGtxakN6UGtFdXlSMVhXNUJSUnFDYXpVWHhNem8yZ3NwblhLOUdVeU5YL3Rhdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1587
content-length: 541
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
91ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080101&jk=1325088796665314&bg=!U1ClUBTNAAZGjrx1Zo47ACkAdvg8WlEdklnrt3Wy370s5WwtKCkO-RK_RyU2oJ3mPxDUvg3VwLJncgIAAABLUgAAAAdoAQeZApxV8bpurpdMcVdIOhTHVtuXc4TzK9B4AxvMFL4i9So0SRgJPltGGKiKE2pDylMfhiDoTruyBo0gl2RJxdXHm_SHtMIlInCSMDO7r1V5cs15M3Ic9rVtkNlfF3kRzI7PGFcDBlRCCe8_j87cLls51_fAZR2zg7a0cjpgm-5w1T06qvPVddVTVsU267Q19CvQU-mi9ldEeksGpewkpXIhQ44rhgwyyVfdIK0luSnUHKtcaIUaw7V8q0lztpvipv05qV7liEdKfVID_0TV0ttKgnOijJVnYfIlofRzM9vttHU_hIH9oBzksoSYk7IPwmrXQq0l1Nh5ajmk9XFszIzzBEVIyAV9FC11gI7HPImxRUCVZCnUuDundULnmI_0AsusGEQN1VHu0zqvbxpRKKLtNZvyE_IaSjyTGmCGZtJWjhiksA5D3arv-2vPgUBv77iI3luqrJrdhZHPZ65UdKhIvaElECtsasq8YGnEopfxiY0-BZuiw9FraW2EygWZerW_rTuPk9N_gVXM-OVSPgxvRfRe9LVD3uT4JMwBz8W_pbw3QytaOCcFawc80PwJngbOJZe7RDunClgxhG7VZHRsCH86LBVRwxRJkXMQyU1a9i-sfjzMLwxtFTJFCB9hSlVZfRRbotpZQ9bQCN-oM3UsinvEREohYp0cpDhzQuqNW65hsElUXxvCkLEuadA3wGwOWqJZYrSIdb9X9xwkMMh_uJ0pe22-7BMhxitmCl2z7Ash7ZvAYoYYggdXqelOhioVrqgqU4L3grC-aFyMOnLuDQQVPl4R9kv7HPKej6OAbJOFz2jJPjGgeCNWrgGQ7DnYUyRMCaAmHtROHnAHVVGS6_ahDAucDeCYXC6oymCENs_vy2VH2ve6ze7bBGrteQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 44B0 15 KB
6 KB 233ms
68ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92717
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 03:43:02 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 05 Aug 2022 05:28:19 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 89A1
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

2 KB
1 KB

52ms
52ms

Document
text/html

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: d702a1cbf965781cfa761a53694962804118468272aa1729bb1d5e2aa69c6efd

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 04 Aug 2022 03:43:02 GMT
expires: Thu, 04 Aug 2022 03:43:02 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-739

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Thu, 04 Aug 2022 03:43:02 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-739

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B22E 52 KB
17 KB 311ms
74ms Document
text/html 2.18.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.189 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-189.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 04 Aug 2022 03:43:02 GMT
ETag: "623de86a-cf34"
Expires: Fri, 05 Aug 2022 03:43:04 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame F521 1 KB
1 KB 204ms
44ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2da35fbda1d1846dafe19cd1bc79afce518145cf24e6e7f318c5c4a18b811a0b

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hyser.ua
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 788
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Aug 2022 03:43:01 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 97E0 281 B
573 B 191ms
54ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Aug 2022 03:43:02 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 047A 37 B
140 B 210ms
62ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/hys/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://hyser.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 04 Aug 2022 03:43:02 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3465838954826850956

0
387 B

600ms
113ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3465838954826850956
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:02 GMT
Server: Adtelligent
Etag: 40e3e2f6084da863
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:02 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1811e4e6-10dc-40ee-a9bc-ec37e15259ce
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3465838954826850956
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6b112386-6bda-4fdb-9411-b709fc0ba2eb

0
404 B

572ms
112ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6b112386-6bda-4fdb-9411-b709fc0ba2eb
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:02 GMT
Server: Adtelligent
Etag: 40e3e2f6084da863
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6b112386-6bda-4fdb-9411-b709fc0ba2eb
date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 97E0 31 KB
10 KB 70ms
69ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10625
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Thu, 04 Aug 2022 06:40:07 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame D4CF 0
0 209ms
58ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0118 15 KB
6 KB 68ms
68ms Document
text/html 2.18.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92717
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 03:43:02 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 05 Aug 2022 05:28:19 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2CB7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
https://eus.rubiconproject.com/usync.html?p=17184-d

281 B
573 B

56ms
54ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Aug 2022 03:43:02 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 04 Aug 2022 03:43:02 GMT
location: https://eus.rubiconproject.com/usync.html?p=17184-d
server: AkamaiGHost

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame F521 43 B
320 B 452ms
112ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:02 GMT
Server: Adtelligent
Etag: 8585c10436dcbbba
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame 89A1 5 KB
2 KB 546ms
134ms Script
text/plain 18.210.31.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-31-151.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:02 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1681

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 89A1 566 B
521 B 174ms
50ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.252 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 03 Aug 2027 03:43:02 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame 89A1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D232173b3ca152897%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=232173b3ca152897&uid=3465838954826850956

42 B
104 B

169ms
50ms

Image
image/gif

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=232173b3ca152897&uid=3465838954826850956
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 5.178.65.245 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:02 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5b46ece8-d193-4a11-bb34-c53087300d4b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=232173b3ca152897&uid=3465838954826850956
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame 89A1
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D232173b3ca152897%26uid%3D%24UID&partner=eplanning
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=232173b3ca152897&uid=81485676-e17b-0c35-e7dd-fd8cf7425237

42 B
103 B

50ms
50ms

Image
image/gif

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=232173b3ca152897&uid=81485676-e17b-0c35-e7dd-fd8cf7425237
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 5.178.65.245 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
server: openresty
content-type: image/gif

Redirect headers

location: https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=232173b3ca152897&uid=81485676-e17b-0c35-e7dd-fd8cf7425237
pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1E81
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
573 B

114ms
58ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Aug 2022 03:43:02 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 04 Aug 2022 03:43:02 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 9293
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1

2 KB
2 KB

205ms
79ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0a5cd0c42cc4b5535217dee7df2149c29f10d22ff3123a595c86d7ffde8d15

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73544959cbb87743-LHR
content-encoding: br
content-type: text/html
date: Thu, 04 Aug 2022 03:43:02 GMT
dropped-udsids: 230|45|39|241|4|65|191|31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPdiuaKuitIBFryHyM%2FAyFK%2BA9Q6nTiHFl2HKXDPv1Hx14ukqKN%2BgJm%2Ff6EWnW6XrV8kTQu06tasAZA5Q18e1bMfWe5p0KhAsSnc6Eb9dFp6mmHdOd7dRABIXurrVrfRZfsF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 735449589dcf75de-LHR
content-type: text/html; charset=iso-8859-1
date: Thu, 04 Aug 2022 03:43:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjJ1yJ4vsdy3WUs%2FFxDPJ06rUO29amrrbT9n94ehUwiOkC4AD%2BIv610moAKcd4vygDE3fy0TSIm8KtYDdfsh%2Bs%2FeA%2BTxLBSn2ZtBpm679CjAyKoiMIrV25TfNqu03Sky0GPPbqJj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame FB4F 1 KB
1002 B 231ms
57ms Document
text/html 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 136949
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Thu, 04 Aug 2022 03:43:02 GMT
etag: W/"61ddbb71-5f5"
expires: Tue, 18 May 2027 11:39:16 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: ff1514cbcbe797f9c59afb5989969214
x-cf-tsc: 1653097306
x-cf1: 29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2: H
x-cf3: H
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame DC34 0
0 185ms
57ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame AA53 8 KB
2 KB 173ms
59ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820ccae7dba3bd1546dbf8cb5b9d269ac785332b61d64dd9d01e9c4d1fd57895

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 73544958899a7737-LHR
content-encoding: br
content-type: text/html
date: Thu, 04 Aug 2022 03:43:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 44B0 0
42 B 219ms
54ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89514819&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:01 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B22E 0
743 B 55ms
55ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:02 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 333b163e-ca37-4543-a64e-f24374fe505e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 97E0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6EHT4FS-O-DXRO

0
732 B

495ms
238ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6EHT4FS-O-DXRO
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3A9FD08FC51B48F9A47E2AF0DFC36F68 Ref B: FRAEDGE1217 Ref C: 2022-08-04T03:43:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-source-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXlYiWMrwXhBDswHN+ajQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6EHT4FS-O-DXRO
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 97E0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ims46S2ZTxi5vQw5QhbS4A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ims46S2ZTxi5vQw5QhbS4A

43 B
556 B

143ms
142ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ims46S2ZTxi5vQw5QhbS4A

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S59CWMMRS09TYEYY38RR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ims46S2ZTxi5vQw5QhbS4A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 97E0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/HwbXUDjcHnldBOE0lZYyMg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6486809755426186052

0
239 B

55ms
54ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6486809755426186052
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Thu, 04 Aug 2022 03:43:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6486809755426186052
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 97E0 70 B
265 B 223ms
54ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 97E0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWM2YzUwZGY4NWQ1ZTBiMmI0MDRhYTg1YzU1NjI3MTFmY2Y2ZDNjMA

170 B
232 B

75ms
74ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWM2YzUwZGY4NWQ1ZTBiMmI0MDRhYTg1YzU1NjI3MTFmY2Y2ZDNjMA

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWM2YzUwZGY4NWQ1ZTBiMmI0MDRhYTg1YzU1NjI3MTFmY2Y2ZDNjMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 97E0 0
98 B 223ms
62ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 97E0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZFSFQ0RlMtTy1EWFJP

170 B
232 B

98ms
98ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZFSFQ0RlMtTy1EWFJP

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZFSFQ0RlMtTy1EWFJP
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 97E0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ffkkiuWsQVODy9-2uS4UHA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ffkkiuWsQVODy9-2uS4UHA

43 B
556 B

63ms
63ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ffkkiuWsQVODy9-2uS4UHA

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RJZ16DTNJJG61TT44SHX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ffkkiuWsQVODy9-2uS4UHA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame AA53 0
0 54ms
53ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame AA53 170 B
502 B 227ms
70ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=afc59637-fe54-4e2f-8d17-d03e0b774423&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da...

95 B
164 B

92ms
71ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=afc59637-fe54-4e2f-8d17-d03e0b774423&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495b1ca57737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=afc59637-fe54-4e2f-8d17-d03e0b774423&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame AA53 0
331 B 242ms
75ms Image
text/plain 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame AA53 70 B
264 B 183ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame AA53 0
162 B 195ms
65ms Image
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 varnish
server: nginx
x-timer: S1659584583.690854,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-lon4255-LON

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame AA53 0
411 B 818ms
132ms Image
text/html 2600:1f18:6593:f600:6235:8475:2669:58c5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f600:6235:8475:2669:58c5 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame AA53 0
163 B 59ms
55ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48af7db-08e6-4c39-610b-3b379bf283e3%26reqId%3Dd941c987-bf62-40da-4798-9f50863da3a6%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=136...
https://mwzeom.zeotap.com/mw?cid=a96d94cc-f7f2-40bc-8628-ba6f082967c5&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
177 B

66ms
64ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=a96d94cc-f7f2-40bc-8628-ba6f082967c5&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495bfd8f7737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=a96d94cc-f7f2-40bc-8628-ba6f082967c5&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a48af7db-08e6-4c39-610b-3b379bf283e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a48af7db-08e6-4c39-610b-3b379bf283e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=34846941667414694201909504004623527519&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-...

95 B
153 B

60ms
59ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=34846941667414694201909504004623527519&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495b3cc07737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v038-014595e4a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: O/ll0dgIQKc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=34846941667414694201909504004623527519&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame AA53 0
324 B 391ms
58ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=a48af7db-08e6-4c39-610b-3b379bf283e3&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-...
https://mwzeom.zeotap.com/mw?cid=BE1-2022080411-69517-0.877520001659605070-b1ba787fcf34903c5507a493d85c179d&zdid=533&env=mWeb

95 B
154 B

67ms
66ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2022080411-69517-0.877520001659605070-b1ba787fcf34903c5507a493d85c179d&zdid=533&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495b3cc67737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2022080411-69517-0.877520001659605070-b1ba787fcf34903c5507a493d85c179d&zdid=533&env=mWeb
Date: Thu, 04 Aug 2022 09:24:30 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7127861504651557013&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-...

95 B
154 B

58ms
58ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7127861504651557013&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495b6cfd7737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7127861504651557013&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Date: Thu, 04 Aug 2022 03:43:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame AA53
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a48af7db-08e6-4c39-610b-3b379bf283e3
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a48af7db-08e6-4c39-610b-3b379bf283e3

95 B
113 B

64ms
64ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a48af7db-08e6-4c39-610b-3b379bf283e3

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a48af7db-08e6-4c39-610b-3b379bf283e3
date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a48af7db-08e6-4c39-610b-3b379bf283e3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a48af7db-08e6-4c39-610b-3b379bf283e3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=a1qgOeFC7TAUDo7fJw2/Pe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40...

95 B
154 B

63ms
62ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=a1qgOeFC7TAUDo7fJw2/Pe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495c8e387737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
last-modified: Thu, 04 Aug 2022 03:43:03 GMT
server: Weborama Collect Frontend
location: https://mwzeom.zeotap.com/mw?webouuid=a1qgOeFC7TAUDo7fJw2/Pe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 202 2.gif
dmp.theadex.com/d/949/i/ Frame AA53 0
220 B 194ms
59ms Image
text/plain 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a48af7db-08e6-4c39-610b-3b379bf283e3&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a48af7db-08e6-4c39-610b-3b379bf283e3?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a48af7db-08e6-4c39-610b-3b379bf283e3?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-479...

95 B
154 B

59ms
59ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495bfda07737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
expires: 0
cache-control: no-cache
x-server: 10.45.25.117
content-length: 0
x-consent: absent

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-jMKUCn5E2ooB6_n7n6KwVPtHUFEdkXKpPg--~A&zpartnerid=570&env=mWeb

95 B
153 B

73ms
73ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-jMKUCn5E2ooB6_n7n6KwVPtHUFEdkXKpPg--~A&zpartnerid=570&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495c9e517737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-jMKUCn5E2ooB6_n7n6KwVPtHUFEdkXKpPg--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=2AlcFsEkph42wtVhGz2ACQGpNaXF5cBx%2BS41iYitP1U%3D

95 B
153 B

59ms
58ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=2AlcFsEkph42wtVhGz2ACQGpNaXF5cBx%2BS41iYitP1U%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495d1edc7737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:03 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=2AlcFsEkph42wtVhGz2ACQGpNaXF5cBx%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame AA53 0
338 B 184ms
54ms Image
text/plain 52.214.253.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.253.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-253-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1659584583
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame AA53 95 B
361 B 216ms
61ms Image
image/png 168.119.79.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a48af7db-08e6-4c39-610b-3b379bf283e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.79.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YutARwAD2rFq8AAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f5...

95 B
154 B

67ms
66ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YutARwAD2rFq8AAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&_test=YutARwAD2rFq8AAK
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495defc47737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1659584583.297375,VS0,VE0
x-served-by: cache-hhn4052-HHN
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YutARwAD2rFq8AAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&_test=YutARwAD2rFq8AAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=898562eb-4046-4400-abfc-098f2e36b7f7&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c98...

95 B
154 B

57ms
56ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=898562eb-4046-4400-abfc-098f2e36b7f7&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495d7f447737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Thu, 04 Aug 2022 03:43:03 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=898562eb-4046-4400-abfc-098f2e36b7f7&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 04 Aug 2022 03:43:02 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame AA53
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863d...

0
337 B

55ms
54ms

Image
text/plain

52.214.253.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 52.214.253.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-253-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1659584583
x-served-by: beacon-n010-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
date: Thu, 04 Aug 2022 03:43:03 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame AA53
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a48af7db-08e6-4c39-610b-3b379bf283e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a48af7db-08e6-4c39-610b-3b379bf283e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610...

43 B
645 B

59ms
59ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a48af7db-08e6-4c39-610b-3b379bf283e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&dcc=t

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AJ6ETDM0MQT0G6D07GVM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: M35NSEA99JHTVE3K2YZA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a48af7db-08e6-4c39-610b-3b379bf283e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame AA53 0
145 B 436ms
242ms Image
text/plain 104.96.159.57

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=a48af7db-08e6-4c39-610b-3b379bf283e3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.159.57 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AA53
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da48...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361

95 B
154 B

63ms
63ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7354495e48377737-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
date: Thu, 04 Aug 2022 03:43:03 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame AA53 557 B
473 B 59ms
58ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3f7f00d02485cd9ec9639387d0dd7538b7c51f28b409e5d8c56c43ce4fdcf1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 735449590a387737-LHR
date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2CB7 31 KB
10 KB 103ms
57ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10625
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Thu, 04 Aug 2022 06:40:07 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame AA53 0
0 60ms
58ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
cf-cache-status: DYNAMIC
cf-ray: 735449597ab07737-LHR
date: Thu, 04 Aug 2022 03:43:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1E81 31 KB
10 KB 63ms
59ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10625
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Thu, 04 Aug 2022 06:40:07 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2CB7 0
239 B 235ms
55ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&khaos=L6EHT4FS-O-DXRO
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1E81 0
239 B 299ms
55ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=L6EHT4FS-O-DXRO
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9293 170 B
232 B 64ms
64ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YutARqou-XH99Lzwqn4LXwAABJ8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9293
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YutARqou.XH99Lzwqn4LXwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBbIcZTrilqr4eNmAsl158s&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

86ms
86ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBbIcZTrilqr4eNmAsl158s&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 7354495cbd627193-LHR
pragma: no-cache
date: Thu, 04 Aug 2022 03:43:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFj%2F%2B8zuuaLbeF73RtHyeazhcVXXFBY8tCZz0nktb1VGMb%2FKU7lgZYBalS%2BkF90z1%2BPTlNC%2B08wink1htHQznVYXgskG%2BO3no%2F8ry1oqkRLdxNnL5ap7Ohdpn%2BtdKfEDB43WEWZ94Vgfmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBbIcZTrilqr4eNmAsl158s&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9293 70 B
264 B 55ms
54ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9293
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YutARqou-XH99Lzwqn4LXwAABJ8AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YutARqou-XH99Lzwqn4LXwAABJ8AAAIB&dcc=t

43 B
645 B

140ms
140ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YutARqou-XH99Lzwqn4LXwAABJ8AAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TPD8XNNJ4GN67D5TJDGJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NSP725BVJKDCQTR1Y3W2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YutARqou-XH99Lzwqn4LXwAABJ8AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9293
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3057633094038444722

43 B
873 B

86ms
86ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3057633094038444722
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 7354495b9c2188a7-LHR
pragma: no-cache
date: Thu, 04 Aug 2022 03:43:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZQ1MMkfWFW%2FIX9atndhuWFy2k25pFWe97hnN7nizeJz66s9R1%2BDrTgfcad18Qzwd9dGPw5l3PwNig3yAhXuUJuxCF6Gfnnyeyu3w3LIHEAWToe2o8N5vbbZ0pdBRUhFYdv3kTui1IuFTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3057633094038444722
pragma: no-cache
date: Thu, 04 Aug 2022 03:43:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

rum
dsum.casalemedia.com/ Frame 9293
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1659670983&gdpr=1

43 B
609 B

209ms
90ms

Image
image/gif

104.18.18.126

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1659670983&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.18.126 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4kvKxZfE2aNbRKUixhHddfV2mNQQq6upRH%2BF2QH%2Fe8wcO%2Fau38jl%2B1El3a5LqsV6wbmvQjU%2Fcru%2BecJxHBVaNGjLNNq0Y5HsAWt4ER7N1RNvIrDIX6784pG8W30Jzcde96ZYZFn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 7354495d48f47767-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1659670983&gdpr=1
pragma: no-cache
date: Thu, 04 Aug 2022 03:43:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9293
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=97f8860e-7741-9450-2e0d1a5f

43 B
1 KB

131ms
84ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=97f8860e-7741-9450-2e0d1a5f
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 7354495c7d217193-LHR
pragma: no-cache
date: Thu, 04 Aug 2022 03:43:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2B%2BQuXvqJul7%2BodFaduLaR9spd%2Bx%2FMHkkjmMTmUoztEbm%2Fm%2F10qhtb3KOBQwNm0MIbF1qxzsDxuNBsYwgK5axWeYx%2F%2Fy%2FJjeP1wQZ2VPOOfhiC9XW7dPPsEz0%2Fhe%2FlTy9aBvgo%2F1Pirk9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

date: Thu, 04 Aug 2022 03:43:02 GMT
via: 1.1 google
server: nginx/1.23.1
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=97f8860e-7741-9450-2e0d1a5f
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 9293
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7128709821487426411&uid=Q7128709821487426411&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

54ms
54ms

Image
image/gif

23.75.246.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-246-168.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:03 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 04 Aug 2022 03:43:03 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 um
u-ams02.e-planning.net/ Frame 9293 42 B
103 B 50ms
50ms Image
image/gif 5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=232173b3ca152897&uid=YutARqou.XH99Lzwqn4LXwAA%261183
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D232173b3ca152897%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
server: openresty
content-type: image/gif

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 89A1 49 KB
16 KB 191ms
65ms Script
text/javascript 18.66.97.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 03 Aug 2022 18:35:08 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 18:30:08 GMT
server: AmazonS3
age: 32876
etag: W/"fdcd13007d5be3c218bd461a6aad998b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: oMUP6hrgCUxQfqjKpFcGnaNyRiG5G2_BQdwFfNFremfQJE0pOUDk7Q==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame D35B 636 B
577 B 52ms
49ms Document
text/html 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.252 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=157680000
content-encoding: gzip
content-type: text/html
date: Thu, 04 Aug 2022 03:43:02 GMT
etag: W/"601b131c-27c"
expires: Tue, 03 Aug 2027 03:43:02 GMT
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
server: openresty

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 0839 49 KB
17 KB 262ms
110ms Document
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D232173b3ca152897%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html
date: Thu, 04 Aug 2022 03:43:03 GMT
etag: W/"61c991db-c5bc"
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: AcO1rgVQ54Sh
x-77-nzt-ray: 0x17uMzLnI8
x-77-pop: frankfurtDE
x-accel-expires: @1660621383
x-cache: MISS

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 1606 0
384 B 114ms
112ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ACpoN00AS%2fqtgYIa
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 04 Aug 2022 03:43:02 GMT
Etag: 8585c10436dcbbba
Server: Adtelligent

GET
H3 200 bVEFQ6k4IbRqCR1OUJwtKFGFhOyFuI6goKzbomAR.jpeg
hyser.ua/crops/30f2a9/150x100/2/0/2022/03/18/ 5 KB
5 KB 52ms
51ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/30f2a9/150x100/2/0/2022/03/18/bVEFQ6k4IbRqCR1OUJwtKFGFhOyFuI6goKzbomAR.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0911087d3f49b8541da184e7fe44f89ffb95d7d68cc2a1059756eb42ac9162e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4943
last-modified: Fri, 18 Mar 2022 05:00:07 GMT
server: cloudflare
etag: "623411d7-134f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IF0HoBB%2Fu5bqR4qGBPcmjgDHLVC8TyQwVnFZK2j0rNNmkXCSX%2FmGMpdlcblPT5%2Fseo2cSXZc0m%2BqregFK%2BwklwMdQj5vMq9da3%2Bs%2B7e3vkUOGk6EoeZhk5avTdoY72RkM4SaT%2Blk7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7354495b3fcd7192-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ Frame D35B 0
535 B 205ms
69ms Script
text/plain 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1659584582953

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 , France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H3 200 e8q0Rl1Ti1k6UyQrMxTJqpJnPlrEM4xfDJRlhKgw.jpeg
hyser.ua/crops/883783/735x400/2/0/2022/08/03/ 45 KB
46 KB 57ms
51ms Image
image/jpeg 2606:4700:3033::ac43:8f44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hyser.ua/crops/883783/735x400/2/0/2022/08/03/e8q0Rl1Ti1k6UyQrMxTJqpJnPlrEM4xfDJRlhKgw.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0268ac5226224ec3880af59c09a34646dd8f847a25eec9878195fb21312eae94

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hyser.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:43:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58156
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46468
last-modified: Wed, 03 Aug 2022 11:33:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlmZe8Q2xNRh0fMCSQK3jGQvWuKNQiCMCN046NDuGm769RlQbDhm5QsCHas95z85RsV8wRD49uxklM4oKjpRWUQouzPCc%2B%2B5X%2BkLs35vC9q46ahuy%2Bd4iicBEaO6VpMmDrzWjaeIDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7354495cd9417192-LHR

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B22E 0
743 B 160ms
53ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 03:43:03 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a5142083-b5f0-4faf-acb6-b8136ae864c8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame 89A1 368 B
880 B 262ms
262ms XHR
text/plain 18.210.31.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?arlocation=82.199.130.41&p=M1353665098&artime=2022-08-04T03:43:03.845Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=aHlzZXIudWEv
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-31-151.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 55be39d1e4763ad9149f386c41646aede4a39071a2da800ce251e286f0326a72

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:04 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://ads.us.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 263

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 89A1 155 B
631 B 162ms
53ms XHR
application/json 18.66.97.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 18:35:08 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
age: 32876
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 155
last-modified: Wed, 03 Aug 2022 18:30:08 GMT
server: AmazonS3
etag: "1a1722e9cedbdc8af0dcd3345e46c73a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: 7PGMfMGDC7n5H94O-Fs8Ytxyym18KjUF_ghZCxK2Y0Zya1YrjEwxMw==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 89A1 20 B
311 B 64ms
63ms XHR
application/json 52.17.214.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.214.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-214-109.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 03:43:04 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ads.us.e-planning.net
expires: 0
cache-control: no-cache
x-server: 10.45.12.34
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 20
x-consent: absent

GET
H/1.1

200

p
a.audrte.com/ Frame 89A1
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=7603403023929077092
https://a.audrte.com/p

68 B
617 B

194ms
134ms

Image
image/png

18.210.31.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-31-151.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:04 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 04 Aug 2022 03:43:04 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/pixel/bounce/ Frame 89A1
Redirect Chain

https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent=

1 KB
1 KB

57ms
57ms

Image
application/javascript

18.184.216.10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 18.184.216.10 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:04 GMT
Content-Type: application/javascript
Content-Length: 1239
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=kh51m51&t=ajs&uid=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent=
Date: Thu, 04 Aug 2022 03:43:04 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200

p
a.audrte.com/ Frame 89A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=30fTPp0T79PRYOfkJupzrIeQA&gdpr=0&gdpr_consent=&google_gid=CAESEPTTfKIvuynA3knd5GxJlW0&google_cver=1
https://a.audrte.com/p

68 B
617 B

277ms
133ms

Image
image/png

18.210.31.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-31-151.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 03:43:04 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 04 Aug 2022 03:43:04 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 um Show response
u-ams02.e-planning.net/ Frame 0839 42 B
103 B 50ms
50ms Document
image/gif 5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=232173b3ca152897&uid=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D232173b3ca152897%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-type: image/gif
date: Thu, 04 Aug 2022 03:43:04 GMT
server: openresty

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hyser.ua/	1970-01-20 04:59:45	Name: _gs_lp Value: 2a0c975e
.hyser.ua/	1970-01-20 04:59:45	Name: _gs_d Value: 1
.hyser.ua/	1970-01-20 04:59:45	Name: _gs_sd Value: 1
.hyser.ua/	1970-01-20 04:59:45	Name: _gs_s Value:
.hyser.ua/	1970-01-20 13:38:08	Name: _gs_ul Value: 62eb4042
.hyser.ua/	1970-01-20 04:59:45	Name: _gs_ss Value:
.s.getstat.net/	1970-01-20 04:59:45	Name: _gs_si Value: 70f87b5fe8b192a0
.s.getstat.net/	1970-01-20 13:45:20	Name: _gs_ui Value: 2d3c652b-81f6-4d51-85d1-b3e5e8d86893
.hyser.ua/	1970-01-20 14:35:44	Name: _ga Value: GA1.2.1146811391.1659584578
.hyser.ua/	1970-01-20 05:01:10	Name: _gid Value: GA1.2.71148784.1659584578
.hyser.ua/	1970-01-20 04:59:44	Name: _gat_UA-63174230-1 Value: 1
hyser.ua/	1969-12-31 23:59:59	Name: notsy_session_counter Value: 1
.adnxs.com/	1970-01-20 07:09:20	Name: icu Value: ChgInql9EAoYASABKAEwwoCtlwY4AUABSAEQwoCtlwYYAA..
.adnxs.com/	1970-01-20 07:09:20	Name: uuid2 Value: 3465838954826850956
.rubiconproject.com/	1970-01-20 13:45:20	Name: khaos Value: L6EHT4FS-O-DXRO
.rubiconproject.com/	1970-01-20 13:45:20	Name: audit Value: 1\|naVuGyos1qpoEz2w7UeHbK2qEsFCZ0ctSdOhPT1GMTnqan9zV6B01BwxK1hp9eG12J+X9ZSb+aEmGweUluV0N0Xw9PyuwhrFpmvllXEtYN4=
a4p.adpartner.pro/	1970-01-20 06:26:08	Name: apuid Value: 6b112386-6bda-4fdb-9411-b709fc0ba2eb
.hyser.ua/	1970-01-20 14:21:20	Name: __gads Value: ID=e3ee832143c6d3d6-221c3943e5cd000d:T=1659584579:S=ALNI_MZTWgFCHCsIPkp9LV2aI809vFyHww
.criteo.com/	1970-01-20 14:21:20	Name: uid Value: 07efb19b-edf6-4445-adbc-cce9b943736c
.hyser.ua/	1970-01-20 14:21:20	Name: cto_bundle Value: RIpMYl9jbVloYUtWQVN1OWNleHpZdCUyQlFCTlhncVV1ZiUyQllCbDZIM0lNakg3N0xpdjFONU1GeWpkeDBJNGJZS0dhUW1oJTJCRkJ5dmtqRVhKNUF3aVhrTWh3RDNjSEVjNGdGQWhpWURaUlp2T2VQRkdCaWF4RHZrNkkwMGZzVyUyQnlRdWtSJTJCY1Y3dWtkcDRaUWhHdWlFM1lldzltYVBnJTNEJTNE
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-20 14:35:44	Name: E Value: ACpoN00AS/qtgYIa
.ads.pubmatic.com/	1970-01-20 05:01:10	Name: KCCH Value: YES
.zeotap.com/	1970-01-20 13:45:20	Name: zc Value: a48af7db-08e6-4c39-610b-3b379bf283e3
.zeotap.com/	1970-01-20 05:01:10	Name: zsc Value: %FE%B0%7B%7F%B3%12%F9%AC%AE%15R%07%ADU%A1-%2BXB%9B%07%94yu%A2%E9%1BLo%CAC%B4%15%3B%3E%02+.%22%F4%5D%97%EA%8A%A4%83%16%E7%00%1Av%C1%DC%1C%14%E0%9D%5D%934%F8%B1S%AA%87%98m%0A%CB%3EL%7C%82%1C%E9%7Fys%99gV%AD%F6+rt%99%F9J%9Cz%C0%DD%1F%C5%95%E0%1F%9Fuv2%FC%8A%EEb%AF%5E%7F~%B5%21%DB%A4%A6%88%D3%E1%26C%5C%82%EF%F0%16%3C%3E%8BS%F1%0A%F6%876%60%1B%2C%5C%08%07%E0%03%60+%CB%8A+o%19%C5%A6%C9%1B%12%F1%12y%2F%E2ap.%C22%A2E0O
.casalemedia.com/	1970-01-20 13:45:20	Name: CMID Value: YutARqou.XH99Lzwqn4LXwAA
.casalemedia.com/	1970-01-20 07:09:20	Name: CMPS Value: 5171
.casalemedia.com/	1970-01-20 07:09:20	Name: CMPRO Value: 1183
.adtelligent.com/	1970-01-20 06:29:01	Name: a307558 Value: 6b112386-6bda-4fdb-9411-b709fc0ba2eb
.adtelligent.com/	1970-01-20 06:29:01	Name: a584890 Value: 3465838954826850956
.adtelligent.com/	1970-01-20 06:29:01	Name: vmuid Value: 8585c10436dcbbba
.demdex.net/	1970-01-20 09:18:56	Name: demdex Value: 34846941667414694201909504004623527519
.tapad.com/	1970-01-20 06:26:08	Name: TapAd_3WAY_SYNCS Value:
.tapad.com/	1970-01-20 06:26:08	Name: TapAd_TS Value: 1659584582699
.tapad.com/	1970-01-20 06:26:08	Name: TapAd_DID Value: afc59637-fe54-4e2f-8d17-d03e0b774423
.dpm.demdex.net/	1970-01-20 09:18:56	Name: dpm Value: 34846941667414694201909504004623527519
.adfarm1.adition.com/	1970-01-20 07:09:20	Name: UserID1 Value: 7127861504651557013
.weborama.fr/	1970-01-20 14:25:39	Name: AFFICHE_W Value: R4Jn1XfsmMxH60
.tidaltv.com/	1970-01-20 13:45:20	Name: tidal_ttid Value: a96d94cc-f7f2-40bc-8628-ba6f082967c5
.turn.com/	1970-01-20 09:18:56	Name: uid Value: 3057633094038444722
.theadex.com/	1970-01-20 07:09:20	Name: axd Value: 4301714346564465345
.theadex.com/	1970-01-20 05:09:49	Name: tis_3QL Value: 3QLeAugy
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.amazon-adsystem.com/	1970-01-20 14:35:44	Name: ad-privacy Value: 0
.tidaltv.com/	1970-01-20 13:45:20	Name: sync-his Value: "H4sIAAAAAAAAADM0NrS0tDK0MAIAzMwmMAkAAAA="
.adtelligent.com/	1970-01-20 06:29:01	Name: a307971 Value: ACpoN00AS/qtgYIa
.owneriq.net/	1970-01-20 14:35:44	Name: si Value: Q7128709821487426411
.owneriq.net/	1970-01-20 05:14:08	Name: p2 Value: cc
.disqus.com/	1970-01-20 13:45:20	Name: zeta-ssp-user-id Value: 81485676-e17b-0c35-e7dd-fd8cf7425237
.casalemedia.com/	1970-01-20 05:01:10	Name: CMST Value: YutARmLrQEcA
.brand-display.com/	1970-01-20 14:35:44	Name: _knxq_ Value: 97f8860e-7741-9450-2e0d1a5f.1659584582.0.1659584582.1659584582
.yahoo.com/	1970-01-20 13:45:42	Name: A3 Value: d=AQABBEdA62ICEApjvLGeKlwm6fCMH8mt8dY&S=AQAAAho7jYV1LqdxKXsWIg2Z6bs
.doubleclick.net/	1970-01-20 14:21:20	Name: IDE Value: AHWqTUm8zH_iOuNL8GWAcp1SOwuZ_bWNPjr8Qvwa5oNykgqpH5eensN0Nh1oJA8cIQE
.krxd.net/	1970-01-20 09:18:56	Name: _kuid_ Value: O_0mekGN
.agkn.com/	1970-01-20 13:45:20	Name: ab Value: 0001%3AOMgCp6JZKbU7fGUx2HoMlSV2uacUi60O
.richaudience.com/	1970-01-20 07:09:20	Name: avcid-zeo-uid Value: a48af7db-08e6-4c39-610b-3b379bf283e3
.casalemedia.com/	1970-01-20 07:09:20	Name: CMTS Value: 1184
.casalemedia.com/	1970-01-20 13:45:20	Name: CMRUM3 Value: 2762eb40460b40&2d62eb40472760CAESEBbIcZTrilqr4eNmAsl158s&0462eb404727603057633094038444722&1f62eb404605a00&e662eb40462760&4162eb404605a0&bf62eb4047000197f8860e-7741-9450-2e0d1a5f&f162eb404605a0
.mathtag.com/	1970-01-20 14:25:39	Name: uuid Value: 898562eb-4046-4400-abfc-098f2e36b7f7
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 13:45:20	Name: bcookie Value: "v=2&cccbfd39-d40a-4c5e-8284-121ec95beb9d"
.linkedin.com/	1970-01-20 09:18:56	Name: li_gc Value: MTswOzE2NTk1ODQ1ODM7MjswMjGg05T7S3PAw+vWmq6i6e1J7vrvPQSYHIUI3Yae7u8UEg==
.linkedin.com/	1970-01-20 05:01:10	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2726:u=1:x=1:i=1659584583:t=1659670983:v=2:sig=AQGar5V1GKl7boZyozMKwX2YvYh6utc-"
.everesttech.net/	1970-01-20 13:45:20	Name: everest_g_v2 Value: g_surferid~YutARwAD2rFq8AAK
.amazon-adsystem.com/	1970-01-20 10:45:20	Name: ad-id Value: Az6GlJ9qFUPNmNp-H0deJDI
.fwmrm.net/	1970-01-20 09:18:56	Name: _uid Value: "e3019_7127861508931093857"

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=a48af7db-08e6-4c39-610b-3b379bf283e3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a48af7db-08e6-4c39-610b-3b379bf283e3&reqId=d941c987-bf62-40da-4798-9f50863da3a6&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

717be019e47e0ba2652158e7addacf1f.safeframe.googlesyndication.com
a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
adx.adform.net
aixcdn.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
c.aixcdn.com
casale-match.dotomi.com
cdn-b.notsy.io
cdn.getpush.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ghb.adtelligent.com
gum.criteo.com
hyser.ua
i.e-planning.net
ib.adnxs.com
id.rlcdn.com
idsync.frontend.weborama.fr
image6.pubmatic.com
js.cookieless-data.com
loadeu.exelator.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
s.adtelligent.com
s.amazon-adsystem.com
s.e-planning.net
s.getstat.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssp.disqus.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.richaudience.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
usermatch.krxd.net
vid.vidoomy.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
ym-tack.b-cdn.net
104.18.18.126
104.18.19.126
104.96.159.57
13.248.245.213
142.250.185.66
151.1.205.165
151.101.130.49
168.119.79.223
172.217.16.194
178.250.0.157
178.250.0.165
18.184.216.10
18.198.69.109
18.210.31.151
18.66.97.8
185.15.245.83
185.180.12.68
198.47.127.19
2.18.168.189
2.18.168.202
2001:678:cb4:bbbb::11
205.234.175.175
212.129.3.112
212.82.100.182
23.205.235.133
23.227.139.243
23.75.240.210
23.75.246.168
2600:1f18:6593:f600:6235:8475:2669:58c5
2602:803:c003:200::51
2606:4700:10::6816:1857
2606:4700:3030::ac43:a0b5
2606:4700:3031::ac43:b689
2606:4700:3033::ac43:8f44
2606:4700::6810:5714
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:6ea0:c700::11
2a02:fa8:8806:12::1400
2a04:4e42:400::300
2a05:d018:24:b002:32a0:48fa:dc36:ac0b
2a05:d018:d29:3601:6b06:26e1:4300:34b
2a06:98c1:3121::c
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5142::2
34.111.131.239
34.111.151.213
34.224.113.183
34.236.219.105
34.250.36.127
35.227.248.159
35.244.174.68
37.157.4.29
37.157.4.41
37.252.173.27
46.249.52.248
5.178.65.245
5.178.65.252
51.75.86.98
51.83.220.94
52.17.214.109
52.214.253.121
52.223.40.198
52.28.173.192
52.46.143.56
52.94.222.140
54.216.133.37
63.35.160.214
69.173.144.165
85.114.159.118
89.187.169.39
92.123.37.164
0268ac5226224ec3880af59c09a34646dd8f847a25eec9878195fb21312eae94
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07580a44df0cd752939e696d928fa1b7a046c0e31b0119f337c629223805f362
0911087d3f49b8541da184e7fe44f89ffb95d7d68cc2a1059756eb42ac9162e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e55e331c84e7dd7daf6b6c11f5521fa0891c5403e9979d9e55fbd5fe4e09df7
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1aded931ea686274d54e94e7a891a56d0d76acb4a9c36d30c232c1be05681071
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c0a5cd0c42cc4b5535217dee7df2149c29f10d22ff3123a595c86d7ffde8d15
1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f
21639ee6fa2b73fb6aebef3aadaa475cbba281cacd824e7ab6b6a87ea148a88d
2301ef50c6b889160c5da5f9cf1d0ecd5036d4aeeec7d50f8ac0d18934c69b2d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2da35fbda1d1846dafe19cd1bc79afce518145cf24e6e7f318c5c4a18b811a0b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3f7f00d02485cd9ec9639387d0dd7538b7c51f28b409e5d8c56c43ce4fdcf1
33ba38138a82a016b541079da9e6e079c0f94fb5e8c28bb5e40a5541f06ff730
34033f4ab3af9e032dea37af9451b50d0b8b9a7a19dbf3d3c18c959d0a23ef67
37f421bd46bc809134c8c45b3d3aaf49d15179540298638f5f662a6a060641de
3a2211d6ab17180976c25848f2b962e4508e0c5b0b94657bc18b66f0deacfe34
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb0b56c69bde126b7b82b88e8e4c89cce60bca5a8541a4a36d7fb1a3a79e76c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3efa610bb2e54ab5d9bfe33e721c0d5d7f08849758e872fccf2f9a46a4548b4e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
426cc1723fd7c2c051e3d5f37523cf76cebca9a2ff6f42d8a4f32df4c40f8d1f
43d51fe33c4f0a044fdb249842d7c6844fbb7de7f47a2e1cc3a36f645b2ee295
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55be39d1e4763ad9149f386c41646aede4a39071a2da800ce251e286f0326a72
587b76ac3ae9cf4c7258c8f53b425939dc9b1d48175c8e554da10596f78f06fb
5ef5eaac8a3ca0a29077489110661eff056fdc6d7ac2e96e76b7c31e17f97d78
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e487193d1b9eb2d9d2123473f3c0c80ca7361bee68c030b6ac2e2aa4b4d7ce
6f49fe92e9877d88197b9bc1b5901f8b32d3e286e534003aa11a1358813353f9
6fd9af0663509bb0a51c0cec5771eddf0487b0713707492f052fd6c46ef86b5a
7ab037c2cbbde510127db317534973d375a4a142c4bae4fbe3a42b3dfe420cc3
8048d717ebf7bb8af027aedc8f72b24e6e2e0aaadeab99e70863e4116e2459a3
8074d53bf18a06aa5618ded643481db00ec1c9b6a2ba394f550a8a8aeb0ecd4c
820ccae7dba3bd1546dbf8cb5b9d269ac785332b61d64dd9d01e9c4d1fd57895
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
92153891c97c265d1d9e31590e7c8d7c482673635a7710abc7009d2033e58e99
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
99192c7cbe7115baa24a58685946cdc0b5fc0f22b0081d8e0867ba016fb77cf1
9d95aa09479451650b46a35566bf3551381931b76007e3322a8eb1c69535e86b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c02889abfef54353507d98c9dafc3748cdd9971a25d03248032a183f9c80476d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c61eebf48665cde246a9c46148d4bde272ba51a6802f70b190e4f46d6f5fdb89
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccfb76940b94d6423d4924aa4cd5915562036c41841790d4b7025cf1318762a7
cdb9423ca768a9ef3108db0f2d88867474f33639427e9343e3c316c7b2444600
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
d5e2e8afa3450f7688ca73bd2cdfe40214eb70a1d0abbcce3e58f7b8a673c054
d702a1cbf965781cfa761a53694962804118468272aa1729bb1d5e2aa69c6efd
daeafe1210534e202fe86725d2854f80f3b4ae97d6aebef5c831488d70ee385d
dd21d1b8bd04879d0237ec0fedfac5871524c0559bbcc57fc2e49bd6e47b953d
ddb8f72756fef5ac68b1007eefd1a19f3e4fdb67f3edf93a1e45fe7a7a940ab2
ddd98d01a833cc73d151cb09112775dec0af6f13b059835b9baea6cd9a31bf17
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1726531a4d76984a307340157893a7cec63c95371308026ff9c079ebeff0de0
e196a8bd26ef69574a221c1378024e9e865ec865eff0aae979a3b49387abd68b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e724b0c72e06188794c17f0b7de009df65d23ebff444dc725670e639494ca409
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec6533597b9cfe5c936ed998760efacecd0967a68b93a38cfde85ef7908370e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f231cb8da1013b3ad46886afb44328c9c5891e0f6a938c44d37712bd379da350
fd09ae49faf599e8900ab47e3a9630b8528245664b0421216404de04479328f4
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

hyser.ua Open in urlscan Pro 2606:4700:3033::ac43:8f44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

77 %HTTPS

36 %IPv6

60 Domains

90 Subdomains

67 IPs

12 Countries

1183 kBTransfer

2816 kBSize

66 Cookies

12 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hyser.ua Open in urlscan Pro
2606:4700:3033::ac43:8f44 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

77 %
HTTPS

36 %
IPv6

60
Domains

90
Subdomains

67
IPs

12
Countries

1183 kB
Transfer

2816 kB
Size

66
Cookies

153 HTTP transactions
0 data transactions