urlscan.io logo urlscan.io
SecurityTrails logo

49000.com.ua Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://49000.com.ua/
Effective URL: https://49000.com.ua/
Submission: On October 31 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 72 IPs in 13 countries across 78 domains to perform 335 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 49000.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 26th 2022. Valid for: a year.
This is the only time 49000.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 72 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
16 2606:4700:1::... 13335 (CLOUDFLAR...)
8 212.42.76.150 8856 (UKRNET Kiev)
43 2001:67c:4e8:... 62041 (TELEGRAM)
29 34.111.35.152 396982 (GOOGLE-CL...)
5 2a03:2880:f02... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 2a03:2880:f12... 32934 (FACEBOOK)
4 23.35.236.201 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a0c:5c81:515... 55081 (24SHELLS)
1 198.47.127.18 62713 (AS-PUBMATIC)
5 5 3.127.121.212 16509 (AMAZON-02)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.139.101 201081 (SMARTADSE...)
6 69.173.144.165 26667 (RUBICONPR...)
5 52.223.40.198 16509 (AMAZON-02)
1 2 47.252.78.131 45102 (ALIBABA-C...)
4 4 34.249.28.28 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
7 8 142.250.181.226 15169 (GOOGLE)
2 162.19.138.83 16276 (OVH)
2 2001:41d0:701... 16276 (OVH)
2 51.89.9.252 16276 (OVH)
1 2a0c:5c81:505... 55081 (24SHELLS)
1 5 185.172.90.252 49981 (WORLDSTREAM)
1 67.202.105.32 32748 (STEADFAST)
1 35.214.236.176 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2 35.186.253.211 15169 (GOOGLE)
2 12 62.149.1.122 15497 (COLOCALL ...)
1 72.251.249.13 32475 (SINGLEHOP...)
1 1 54.38.197.123 16276 (OVH)
6 7 185.89.210.153 29990 (ASN-APPNEX)
2 2 96.16.141.156 16625 (AKAMAI-AS)
4 23.205.235.133 16625 (AKAMAI-AS)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 141.95.98.65 16276 (OVH)
1 37.157.3.29 198622 (ADFORM)
1 52.73.233.198 ()
3 185.172.90.249 49981 (WORLDSTREAM)
1 1 3.225.127.201 ()
1 2 104.18.18.126 13335 (CLOUDFLAR...)
1 205.234.175.175 30081 (CACHENETW...)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
4 5 37.157.6.253 198622 (ADFORM)
2 2 213.155.156.184 1299 (TWELVE99 ...)
4 185.64.189.110 62713 (AS-PUBMATIC)
2 2 103.229.206.241 ()
2 185.64.190.80 ()
1 2a02:2638:1::18 44788 (ASN-CRITE...)
2 4 52.95.118.179 16509 (AMAZON-02)
1 185.64.190.81 ()
4 4 141.94.170.64 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
3 3 63.32.244.82 ()
1 35.204.74.118 396982 (GOOGLE-CL...)
3 4 35.227.248.159 15169 (GOOGLE)
1 37.157.6.248 198622 (ADFORM)
1 2a04:4e42::300 54113 (FASTLY)
1 2607:ae80:5::148 ()
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.211.12.99 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.80 ()
1 1 212.82.100.182 ()
1 1 52.57.24.30 ()
1 34.98.67.61 ()
2 52.208.54.255 ()
1 162.55.233.28 ()
1 1 88.221.168.207 ()
1 1 52.70.254.182 ()
1 69.192.160.219 ()
1 1 52.30.5.146 ()
1 5 185.80.39.216 ()
1 52.46.128.147 ()
1 104.18.19.126 ()
1 63.251.232.165 ()
1 1 2a02:fa8:8806... ()
1 1 193.0.160.129 ()
2 2 151.101.2.49 ()
1 69.173.144.138 ()
1 13.225.78.128 ()
1 76.223.111.18 ()
1 51.15.145.116 ()
1 45.133.44.4 ()
335 72
72    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
49000.com.ua
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
16    2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
8    212.42.76.150 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com
sinoptik.ua
sinst.fwdcdn.com
43    2001:67c:4e8:f004::9 (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)
telegram.org
29    34.111.35.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.35.111.34.bc.googleusercontent.com
cdn4.telegram-cdn.org
5    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
14    2606:4700::6810:dd4a (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.idealmedia.io
c.idealmedia.io
cdn.idealmedia.io
cm.idealmedia.io
servicer.idealmedia.io
s-img.idealmedia.io
autocounter.idealmedia.io
6    2606:4700:20::681a:263 (United States)

ASN13335 (CLOUDFLARENET, US)
informer.minfin.com.ua
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    3.127.121.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-121-212.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
4    34.249.28.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-28-28.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
8    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
2    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
5    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams03.e-planning.net
1    67.202.105.32 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
1    35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com
csync.loopme.me
2    2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
12    62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
sync.console.adtarget.com.tr
1    72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
7    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    52.73.233.198 (None, )

ASN- ()
a.audrte.com
3    185.172.90.249 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: s.e-planning.net
s.e-planning.net
1    3.225.127.201 (None, )

ASN- ()
ssp.disqus.com
2    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
1    205.234.175.175 (Lovettsville, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
15    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
5    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    213.155.156.184 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    103.229.206.241 (None, )

ASN- ()
sync.mathtag.com
2    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
1    2a02:2638:1::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    185.64.190.81 (None, )

ASN- ()
image4.pubmatic.com
4    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loada.exelator.com
3    63.32.244.82 (None, )

ASN- ()
sync.crwdcntrl.net
bcp.crwdcntrl.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2607:ae80:5::148 (None, )

ASN- ()
dmp.v.fwmrm.net
2    2a05:d018:24:b002:eb7b:3a65:f7da:a48f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.211.12.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-12-99.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.80 (None, )

ASN- ()
dmp.theadex.com
1    212.82.100.182 (None, )

ASN- ()
cms.analytics.yahoo.com
1    52.57.24.30 (None, )

ASN- ()
aa.agkn.com
1    34.98.67.61 (None, )

ASN- ()
odr.mookie1.com
2    52.208.54.255 (None, )

ASN- ()
beacon.krxd.net
1    162.55.233.28 (None, )

ASN- ()
sync.richaudience.com
1    88.221.168.207 (None, )

ASN- ()
pixel.mathtag.com
1    52.70.254.182 (None, )

ASN- ()
usermatch.krxd.net
1    69.192.160.219 (None, )

ASN- ()
tags.bluekai.com
1    52.30.5.146 (None, )

ASN- ()
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
5    185.80.39.216 (None, )

ASN- ()
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    52.46.128.147 (None, )

ASN- ()
s.amazon-adsystem.com
1    104.18.19.126 (None, )

ASN- ()
ssum-sec.casalemedia.com
1    63.251.232.165 (None, )

ASN- ()
cm.adgrx.com
1    2a02:fa8:8806:12::1370 (None, )

ASN- ()
casale-match.dotomi.com
1    193.0.160.129 (None, )

ASN- ()
p.rfihub.com
2    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    69.173.144.138 (None, )

ASN- ()
pixel-eu.rubiconproject.com
1    13.225.78.128 (None, )

ASN- ()
tags.crwdcntrl.net
1    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
1    51.15.145.116 (None, )

ASN- ()
js.cookieless-data.com
1    45.133.44.4 (None, )

ASN- ()
cdn.gravitec.net
Apex Domain
Subdomains		 Transfer
72 49000.com.ua
49000.com.ua
461 KB
43 telegram.org
telegram.org — Cisco Umbrella Rank: 10435
329 KB
29 telegram-cdn.org
cdn4.telegram-cdn.org — Cisco Umbrella Rank: 37459
1 MB
16 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8080
c.mgid.com — Cisco Umbrella Rank: 5965
cdn.mgid.com — Cisco Umbrella Rank: 10811
servicer.mgid.com — Cisco Umbrella Rank: 8305
s-img.mgid.com — Cisco Umbrella Rank: 4801
cm.mgid.com — Cisco Umbrella Rank: 1267
91 KB
15 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3061
mwzeom.zeotap.com — Cisco Umbrella Rank: 2495
5 KB
14 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 463
image8.pubmatic.com — Cisco Umbrella Rank: 581
image6.pubmatic.com — Cisco Umbrella Rank: 668
image2.pubmatic.com — Cisco Umbrella Rank: 874
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com Failed
104 KB
14 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 96353
c.idealmedia.io — Cisco Umbrella Rank: 80092
cdn.idealmedia.io — Cisco Umbrella Rank: 130255
cm.idealmedia.io — Cisco Umbrella Rank: 22905
servicer.idealmedia.io — Cisco Umbrella Rank: 93285
s-img.idealmedia.io — Cisco Umbrella Rank: 80332
autocounter.idealmedia.io — Cisco Umbrella Rank: 102670
164 KB
13 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 338
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 915
eus.rubiconproject.com — Cisco Umbrella Rank: 573
token.rubiconproject.com — Cisco Umbrella Rank: 657
pixel-eu.rubiconproject.com
23 KB
12 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 5743
sync.adtelligent.com — Cisco Umbrella Rank: 4125
6 KB
9 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3137
s.e-planning.net — Cisco Umbrella Rank: 5564
u-ams03.e-planning.net — Cisco Umbrella Rank: 57400
i.e-planning.net — Cisco Umbrella Rank: 5621
4 KB
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
cm.g.doubleclick.net — Cisco Umbrella Rank: 213
1 KB
8 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1346
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
7 KB
7 adform.net
cm.adform.net — Cisco Umbrella Rank: 1504
c1.adform.net — Cisco Umbrella Rank: 638
dmp.adform.net — Cisco Umbrella Rank: 3683
3 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
6 KB
7 fwdcdn.com
sinst.fwdcdn.com — Cisco Umbrella Rank: 254359
39 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
3 KB
6 minfin.com.ua
informer.minfin.com.ua
13 KB
5 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1241
s.amazon-adsystem.com
4 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 291
3 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 145
220 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
307 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 424
1 KB
4 crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
17 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3092
2 KB
4 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1319
1 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
1 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 957
id5-sync.com — Cisco Umbrella Rank: 484
33 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
942 B
3 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 28025
loadeu.exelator.com — Cisco Umbrella Rank: 7143
2 KB
3 mathtag.com
sync.mathtag.com
pixel.mathtag.com
2 KB
3 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 16885
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 16703
2 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3719
28 KB
2 everesttech.net
sync-tm.everesttech.net Failed
632 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27555
681 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 202
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1338
751 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5093
562 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1413
534 B
2 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 3800
17 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 750
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 645
687 B
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 1844
416 B
2 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 3023
918 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 575
1 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 274
17 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1017 B
1 gravitec.net
cdn.gravitec.net
18 KB
1 cookieless-data.com
js.cookieless-data.com
535 B
1 3lift.com
eb2.3lift.com
140 B
1 rfihub.com
p.rfihub.com
759 B
1 dotomi.com
casale-match.dotomi.com
181 B
1 adgrx.com
cm.adgrx.com
283 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
214 B
1 bluekai.com
tags.bluekai.com
145 B
1 richaudience.com
sync.richaudience.com
359 B
1 mookie1.com
odr.mookie1.com
356 B
1 agkn.com
aa.agkn.com
529 B
1 yahoo.com
cms.analytics.yahoo.com
680 B
1 theadex.com
dmp.theadex.com
84 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1615
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 146154
659 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 631
162 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 812
610 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 702
363 B
1 disqus.com
ssp.disqus.com
310 B
1 audrte.com
a.audrte.com
2 KB
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8196
259 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
277 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 879
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6219
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 846
297 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6364
501 B
1 sinoptik.ua
sinoptik.ua — Cisco Umbrella Rank: 120156
878 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
0 inmobi.com Failed
sync.inmobi.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
335 78
Domain Requested by
72 49000.com.ua 1 redirects 49000.com.ua
telegram.org
43 telegram.org 49000.com.ua
telegram.org
29 cdn4.telegram-cdn.org 49000.com.ua
12 mwzeom.zeotap.com ads.us.e-planning.net
10 sync.adtelligent.com 1 redirects s.adtelligent.com
s.console.adtarget.com.tr
ads.pubmatic.com
ads.us.e-planning.net
8 cm.g.doubleclick.net 7 redirects spl.zeotap.com
7 ib.adnxs.com 6 redirects spl.zeotap.com
7 sinst.fwdcdn.com sinoptik.ua
sinst.fwdcdn.com
6 s-img.idealmedia.io
6 cm.mgid.com jsc.mgid.com
s.adtelligent.com
6 www.facebook.com 1 redirects connect.facebook.net
6 informer.minfin.com.ua 49000.com.ua
informer.minfin.com.ua
5 c1.adform.net 4 redirects ads.pubmatic.com
5 match.adsrvr.org ads.pubmatic.com
spl.zeotap.com
ssum.casalemedia.com
5 x.bidswitch.net 5 redirects
5 connect.facebook.net 49000.com.ua
connect.facebook.net
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 pixel.onaudience.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
ads.us.e-planning.net
4 image2.pubmatic.com ads.pubmatic.com
4 eus.rubiconproject.com s.adtelligent.com
ads.us.e-planning.net
eus.rubiconproject.com
4 ad.360yield.com 4 redirects
4 pixel.rubiconproject.com spl.zeotap.com
eus.rubiconproject.com
4 ads.pubmatic.com jsc.mgid.com
s.adtelligent.com
ads.pubmatic.com
4 cdn.mgid.com jsc.mgid.com
4 fonts.gstatic.com fonts.googleapis.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
3 s.e-planning.net ads.us.e-planning.net
3 static.addtoany.com 49000.com.ua
static.addtoany.com
2 token.rubiconproject.com eus.rubiconproject.com
2 sync-tm.everesttech.net spl.zeotap.com
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 bcp.crwdcntrl.net 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 loada.exelator.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
2 id5-sync.com cdn.id5-sync.com
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 secure-assets.rubiconproject.com 2 redirects
2 rtb.openx.net 2 redirects
2 vid.vidoomy.com s.adtelligent.com
ads.us.e-planning.net
2 ads.us.e-planning.net 1 redirects s.adtelligent.com
2 onetag-sys.com s.adtelligent.com
2 lbs.eu-1-id5-sync.com cdn.id5-sync.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
2 creativecdn.com 2 redirects
2 event.clientgear.com 1 redirects
2 sync.e-volution.ai 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 s.adtelligent.com cm.mgid.com
s.adtelligent.com
2 cdn.idealmedia.io jsc.idealmedia.io
2 cdn.id5-sync.com jsc.mgid.com
jsc.idealmedia.io
2 c.mgid.com jsc.mgid.com
2 jsc.idealmedia.io 49000.com.ua
jsc.idealmedia.io
2 ssl.google-analytics.com 1 redirects 49000.com.ua
2 jsc.mgid.com 49000.com.ua
jsc.mgid.com
2 www.google.com 1 redirects 49000.com.ua
1 cdn.gravitec.net 49000.com.ua
cdn.gravitec.net
1 js.cookieless-data.com s.e-planning.net
1 eb2.3lift.com ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 p.rfihub.com 1 redirects
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 cm.adgrx.com ssum.casalemedia.com
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 s.amazon-adsystem.com ssum.casalemedia.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 um.simpli.fi ads.pubmatic.com
1 sync.crwdcntrl.net 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 i.e-planning.net ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 a.audrte.com ads.us.e-planning.net
1 autocounter.idealmedia.io
1 cm.adform.net s.console.adtarget.com.tr
1 a4p.adpartner.pro 1 redirects
1 ap.lijit.com s.adtelligent.com
1 csync.loopme.me s.adtelligent.com
1 ic.tynt.com s.adtelligent.com
1 s.console.adtarget.com.tr s.adtelligent.com
1 servicer.idealmedia.io jsc.idealmedia.io
1 cm.idealmedia.io
1 ssbsync.smartadserver.com 1 redirects
1 image8.pubmatic.com
1 c.idealmedia.io jsc.idealmedia.io
1 s-img.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 www.google.de
1 stats.g.doubleclick.net 1 redirects
1 www.gstatic.com www.google.com
1 sinoptik.ua 49000.com.ua
1 fonts.googleapis.com 49000.com.ua
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 sync.inmobi.com Failed
0 cs.admanmedia.com Failed
335 120
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-26 -
2023-05-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
sinoptik.uk
Sectigo RSA Domain Validation Secure Server CA		 2021-11-01 -
2022-12-01		 a year crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2022-08-10 -
2023-09-11		 a year crt.sh
cdn4.telegram-cdn.org
GTS CA 1D4		 2022-10-18 -
2023-01-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-29 -
2022-12-28		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-09-25 -
2022-12-24		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-09-24 -
2022-12-23		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
dmp.theadex.com
R3		 2022-10-26 -
2023-01-24		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2022-03-22 -
2023-04-23		 a year crt.sh

This page contains 35 frames:

Primary Page: https://49000.com.ua/
Frame ID: CC62A185EF3DB91B55F05569EB4C7624
Requests: 148 HTTP requests in this frame

Frame: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Frame ID: DE9A9523A9EBE0E6DD00DD633740DB62
Requests: 77 HTTP requests in this frame

Frame: https://informer.minfin.com.ua/gen/course/?color=yellow
Frame ID: C9EACFE7D7701137EFD157885FBD5EB5
Requests: 6 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 053DC1E9F15FAC140D91F6AF1606F459
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D297186066963865%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df30d4e4d987309%2526domain%253D49000.com.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F49000.com.ua%25252Ff588d39c50c6b4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D500%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F49000dp%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D340
Frame ID: 49B2E252A6F8626FF14F2CC3B634A0CB
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=166720685794639624567
Frame ID: DA1F4FEE8E60C608FFCEF63BFCE6DB9D
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=754484
Frame ID: 219C49AC4191ECF12E5F3DA3ABD6E800
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 14564DA281F7D8BB16FA20FAFACFC02B
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: A56FA4A1D44259BC24C543E3E253B65E
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 33A6174BFC390FC05DF734CF6B73A371
Requests: 7 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: FD4DA2EBAB072E0102D89F61613F40CD
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Frame ID: 51434EED535B87159E8A12A80090B806
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: CCFEB73CAFE4C4A2A2BFC8C0290C25BD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 1EAC22C9D8725C6BC2B1D2C7F3FF6D77
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 0EA8E81CE1754CDBAB63D160147F52DF
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 31D6138C243E1013E73F230DF335E6BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: E0798DCBFAC6545E622EE076A060D02D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D4A4E666DE884F14A341662AF2A6062D
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Frame ID: A3F6E4204106CD2DD08B1847B436D131
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: D4E93421AB331D0173054DB17C6FE604
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 4A37492071259A4AC485130FCB551F4F
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Frame ID: 3881CA331967CA93E134D5ACD6DE2153
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: B6B8084F459621EFBA4343A80E123AA3
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361&cmp=0
Frame ID: C2898A8F1269CF0D77E9F603A6971F2F
Requests: 33 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent=
Frame ID: 1B8687A54C67EEFD62C1E1BC8D3228BD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9114109510495736383
Frame ID: 369DF8B9BB72298A8410C7BF97D04B4D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0d66635f-8ecb-4f00-a631-c19ce1c21264&gdpr=0&gdpr_consent=
Frame ID: 1C76C02903ABD981B0984031EB972620
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D313927AD639FB107D1EBE7E1A45F6B9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=600028355026675025&gdpr=0&gdpr_consent=
Frame ID: EDC58D0B765C45FB4991042F45706E5A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: D521065CDACF1904CFF14A3B7CE3FCA0
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D
Frame ID: 316B345328C1943999DA8C743B927493
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: B4065C21864F3425368AD7F1DF2EB6CA
Requests: 2 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D73a649dc6aeebfda%26uid%3D%7B%7BVID%7D%7D
Frame ID: 589B183D9C13A3E175532799DF902ABA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 0879277D5C1C8ABAB70605345B1301B7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ACj%2feIsQk5ecpDtZ
Frame ID: 3EF8387A1A940AEFD9CB5D9A3F4ADBE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новости Днепра 49000

Page URL History Show full URLs

  1. http://49000.com.ua/ HTTP 301
    https://49000.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

335
Requests

84 %
HTTPS

26 %
IPv6

78
Domains

120
Subdomains

72
IPs

13
Countries

3433 kB
Transfer

6736 kB
Size

78
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://49000.com.ua/ HTTP 301
    https://49000.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 172
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=379320064&utmhn=49000.com.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BD%D0%B5%D0%BF%D1%80%D0%B0%2049000&utmhid=1722239402&utmr=-&utmp=%2F&utmht=1667206857525&utmac=UA-104689178-1&utmcc=__utma%3D5260918.512367901.1667206858.1667206858.1667206858.1%3B%2B__utmz%3D5260918.1667206858.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1881990922&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104689178-1&cid=512367901.1667206858&jid=1881990922&_v=5.7.2&z=379320064 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104689178-1&cid=512367901.1667206858&jid=1881990922&_v=5.7.2&z=379320064 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104689178-1&cid=512367901.1667206858&jid=1881990922&_v=5.7.2&z=379320064&slf_rd=1&random=2487188991
Request Chain 181
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=297186066963865&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d4e4d987309%26domain%3D49000.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252F49000.com.ua%252Ff588d39c50c6b4%26relation%3Dparent.parent&container_width=320&height=500&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2F49000dp&locale=ru_RU&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=340 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D297186066963865%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df30d4e4d987309%2526domain%253D49000.com.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F49000.com.ua%25252Ff588d39c50c6b4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D500%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F49000dp%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D340
Request Chain 204
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=m9vVVX6HEB02 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m9vVVX6HEB02 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7310&uid=39ad5927-3117-4d4f-902d-38f55a351c8b HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7310&uid=39ad5927-3117-4d4f-902d-38f55a351c8b&__user_check__=1&sync_id=894cb8ef-58fa-11ed-8343-1bce7de30306
Request Chain 205
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m9vVVX6HEB02 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=5296029035258338361&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 208
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=39ad5927-3117-4d4f-902d-38f55a351c8b HTTP 302
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=39ad5927-3117-4d4f-902d-38f55a351c8b
Request Chain 210
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=acaa04ac-09f2-425d-98ec-5f97ad170dd4
Request Chain 213
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=06BHNU8PMlbIAeroC8Ew&pi=mgid&tc=1
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTl2VlZYNkhFQjAy&muidn=m9vVVX6HEB02 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTl2VlZYNkhFQjAy&muidn=m9vVVX6HEB02&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=m9vVVX6HEB02&google_ula={guid},5&google_gid=CAESENUduten5cs1VrwyUaDMu0E&google_cver=1
Request Chain 220
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 226
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=32d6d42c-098a-457f-9e51-5e6369ed95f2
Request Chain 228
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b324cef6-fbb0-435f-b3f4-b787d2409fc2
Request Chain 229
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ba5c9e3d-3c2c-4617-8e5b-60b051c3d38a
Request Chain 230
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=600028355026675025
Request Chain 231
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=600028355026675025
Request Chain 232
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=617666&c=0cd1c9aad927b279
Request Chain 233
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 249
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=a3760737500346e0
Request Chain 254
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D73a649dc6aeebfda%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=73a649dc6aeebfda&uid=600028355026675025
Request Chain 255
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D73a649dc6aeebfda%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=73a649dc6aeebfda&uid=ua-9358decc-89ae-324a-9627-22e9ebc11c23
Request Chain 257
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 258
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Request Chain 261
  • https://c1.adform.net/serving/cookie/match?party=14&cid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent=
Request Chain 262
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9114109510495736383
Request Chain 263
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0d66635f-8ecb-4f00-a631-c19ce1c21264&gdpr=0&gdpr_consent=
Request Chain 265
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=600028355026675025&gdpr=0&gdpr_consent=
Request Chain 266
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QAJKdrLDRTaLwEnc0F--XQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1936635f-8ecb-4400-9745-995d3210da34
Request Chain 270
  • https://pixel.onaudience.com/?partner=214&mapped=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bf1bcb1e1196a35fd9e74e9853a665f7&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=8886354185621736172&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=06ef24cc8d67292d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=39be02bf8746d225204b7e0a2b373c1b&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDAwMjRBNzYtQjJDMy00NTM2LThCQzAtNDlEQ0QwNUZCRTVE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECAlgSeigo0rTGx8clVZFs8&google_cver=1
Request Chain 274
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8886354185621736172
Request Chain 281
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=3e402299-2276-490f-9dd9-3426b1280f46&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 287
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a59d281a-f110-42f4-9898-45b6d257ec5b&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 288
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2400adc2-6b11-44ba-7566-e664210e1168&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2400adc2-6b11-44ba-7566-e664210e1168&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=14044779521176545432291062841819582898&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 290
  • https://bn01.er.bemail.it/zeotap.php?_bid=2400adc2-6b11-44ba-7566-e664210e1168&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022103111-12508-0.041100001667213167-f367b4bf6dda7d883ca7c8dd06bf6d1e&zdid=533&env=mWeb
Request Chain 291
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7160598930794608795&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 292
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2400adc2-6b11-44ba-7566-e664210e1168 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2400adc2-6b11-44ba-7566-e664210e1168
Request Chain 293
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2400adc2-6b11-44ba-7566-e664210e1168&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2400adc2-6b11-44ba-7566-e664210e1168&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361&bounce=1&random=1296836248 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=kYKKcgEz3.VLmEYErGt1Z.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 295
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2400adc2-6b11-44ba-7566-e664210e1168?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2400adc2-6b11-44ba-7566-e664210e1168?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=39be02bf8746d225204b7e0a2b373c1b&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 296
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-bvoCknhE2ooBfib.2tK5MHJALr8gizqPWg--~A&zpartnerid=570&env=mWeb
Request Chain 297
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1je3L%2B8WuX%2B0utMIVPt3ZhR%2BS41iYitP1U%3D
Request Chain 302
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4dbd635f-8ecb-4200-86f3-04d80b5d7b77&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 303
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 304
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2400adc2-6b11-44ba-7566-e664210e1168&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2400adc2-6b11-44ba-7566-e664210e1168&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361&dcc=t
Request Chain 306
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 308
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=2400adc2-6b11-44ba-7566-e664210e1168&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Request Chain 316
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1.OysCKKmJHdrANDEISAAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBsdK6GU745QYGW3KnUlTdI&google_cver=1&google_hm=2
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1-OysCKKmJHdrANDEISAAAAEbAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBC7tMk_F7ythIaoemUTogY&google_cver=1
Request Chain 320
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1667293259
Request Chain 321
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322323596863256
Request Chain 322
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y1_OywAEe3B8ogA7 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1_OywAEe3B8ogA7&_test=Y1_OywAEe3B8ogA7

335 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
49000.com.ua/
Redirect Chain
  • http://49000.com.ua/
  • https://49000.com.ua/
62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29
Resource Hash
8d58784649fcff377385433d77b1712aa4a5ea38b2c93428585e179e43a67fb8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
762b33f3ee6edc9f-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 09:00:54 GMT
link
<https://49000.com.ua/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1Sy7q%2BNn0upVIKtp5o5W3MUogWSmWzpFujKWFr7Lay1DpxwtH42%2BOQV3dPUZ2Nee4Om0ITCheOtFtjLE6HYiIQ0%2Fg%2FizRgRoNJwkMAAzU1cJ0rKC22iVQrWJ52b1bfQ9mthZZbpc%2Ba0HSg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-litespeed-tag
627_HTTP.200
x-powered-by
PHP/7.4.29
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
762b33f2c82ee630-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 31 Oct 2022 09:00:53 GMT
Expires
Mon, 31 Oct 2022 10:00:53 GMT
Location
https://49000.com.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFIhVIEsPDbX3TTh8mza0eGavv83Ys91ANfkTUAW4IAyGXDoDDddcDp2q23MeHugGknVmVUQJAEnLAuKGnGsDMFRbVS2vqf5V1q2MP%2Fn6s8%2FqhRsGH%2B%2F%2BomMVAkmMfBFT%2FQZ937GWbbJQew%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
reset000.css
49000.com.ua/wp-content/themes/city-news/slider/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/slider/reset000.css
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24893f3840af6a32f00abd232ba5e5619595345e55ff3db71a0f66db9afc905b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160356
cf-polished
origSize=10565
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"2945-60df4243-7306471730cf9a36;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1Uvx0FD5PvCnmb%2BXmMQ5W4l3%2BrQ50g8ljoHNQak%2Bm6TK%2Fjvo5LwfCeXkGkCbUQQgnHUI1Wh1MUEhzhFSFk%2BQ9LtTcYrcPaV1YAetMIW8wKN9PGirC90extLb2Ok781X7Prm0d9msamo3sc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7ba3dc9f-LHR
expires
Sun, 29 Oct 2023 18:28:18 GMT
royalsli.css
49000.com.ua/wp-content/themes/city-news/slider/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/slider/royalsli.css
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0033d7b7d4b46740119f53db5e68f9490b158f0fe4cc535ab6892beba08b0229

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
422453
cf-polished
origSize=4004
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"fa4-60df4243-bfa25f6db389f855;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClNFwE2hjit1ashbYctOhozPbeS7e6fvOWkiuPFSKbJFFJrVgQaCm7IVxOBBB3ChA2SSOMrOx%2BorDe5gMn%2F8szwfYQWOlRXqNM0DfGet%2BhahHmdjiul%2Bj3Fq5%2FOcjD6QHhf%2FOhp1zJ9MVmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7ba7dc9f-LHR
expires
Thu, 26 Oct 2023 17:40:01 GMT
rs-defau.css
49000.com.ua/wp-content/themes/city-news/slider/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/slider/rs-defau.css
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9291094d8820df2704e3919eb47d6ea69b1ab21ef6813be2d5c634d391ba258

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
341574
cf-polished
origSize=9256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"2428-60df4243-343e7e57b54f0f50;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2t5l5%2F%2BD3fzE%2FolO5cO%2BfjCDPUM1knkxmpDw2OPA0y%2BQuQl6gDqE%2F8BtMxOn5sh7rEAh5U6Fp5grqc9jzmVjt0HMKViuro4V3Pqt894%2FvEkKiybc%2FFsbOYntT%2BUQfIp7J7AIWJimin7QaFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7ba9dc9f-LHR
expires
Fri, 27 Oct 2023 16:08:00 GMT
style.min.css
49000.com.ua/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
422453
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Oct 2021 15:31:57 GMT
server
cloudflare
etag
W/"13abe-61781f6d-39c07e98030a1c6d;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6pCNo%2BUMZyIbAKiTvf2xfWW6vwJoY%2FP3SJQqCXtssF4HHvs1j%2BCagQC%2FcA%2FV%2BLditKWgtEMCCLqneZ41yszjCLDF2zZnTMcDzH3GLnJJh7%2B2LnAyLPX8oFmVTn7qL5B5GjEDTKoykvAZSM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7babdc9f-LHR
expires
Thu, 26 Oct 2023 17:40:01 GMT
style.min.css
49000.com.ua/wp-includes/css/dist/components/ 		119 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-includes/css/dist/components/style.min.css?ver=5.8.6
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267e5fb978fa691c1b12174c588280dd4e69df0123957736d771b9f1dcd13f76

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
663408
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Oct 2021 15:31:57 GMT
server
cloudflare
etag
W/"1dbd6-61781f6d-cbe6fc59c9656433;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekeqImRHPEORbVvAxQy%2FF0iff8gMYcuNCV9PjAaDEFzP6uGm4pLoNWdrC%2B3SrJ3WR3tNuTotPk3K0Vvg83G8SN8DVAlGrW%2FWMKQt25Bq0dcBE1CyqFCMsENf6kotLPYsUNxKpE47VHkhWWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7bafdc9f-LHR
expires
Mon, 23 Oct 2023 22:44:06 GMT
wptelegram-widget--blocks.c6bba460.css
49000.com.ua/wp-content/plugins/wptelegram-widget/assets/static/css/ 		2 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/wptelegram-widget/assets/static/css/wptelegram-widget--blocks.c6bba460.css?ver=1635262219
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c42c3b668bd024887c5a2e45d52726eca515086b9cf79d7cb009e5a80db0ba5a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160356
cf-polished
origSize=2395
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 26 Oct 2021 15:30:19 GMT
server
cloudflare
etag
W/"95b-61781f0b-87bb08fec7e528dc;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NCkOpoLZSz43S8TY77D7gV6m%2FR41h921zQZJLm2Q%2BHhVu1DG1%2FYZBB%2FaEKjyTgvCg5hNXMMbjHwWKllJC6jZom4BOKMiLWTal8mqerEoUVSHAcQCcb8nnLh%2BRoE1egc2cye7GSJQ90u1t4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7bb0dc9f-LHR
expires
Sun, 29 Oct 2023 18:28:18 GMT
styles.min.css
49000.com.ua/wp-content/plugins/adev-ad-banners//assets/css/ 		815 B
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/adev-ad-banners//assets/css/styles.min.css?ver=1.0.2
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea545e78efff567451de5543e54ec5de308ad87793ffcf919484d733973e5ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160356
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Sep 2021 18:18:05 GMT
server
cloudflare
etag
W/"32f-61365b5d-ef988618e5d5127d;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1%2BoA%2F1L3e5ORjvGZ93QJf4KUeLeDozSyvC7BGpuY4KgO4NjNhch66fZ5SZYnWJ%2BQmLkJo4YXo0%2BO1E5L5zwdygwgocfWlpK0mvztDQ98%2FDAMD2VbHXP9dng4D6%2BrcTRkYz30dIEY2YAjMk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7bb1dc9f-LHR
expires
Sun, 29 Oct 2023 18:28:18 GMT
blocks.style.build.css
49000.com.ua/wp-content/plugins/adev-adsense/assets/dist/ 		35 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/adev-adsense/assets/dist/blocks.style.build.css?ver=1.0.1
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be1124845db7d09b145b359c2c21fed158b23d8090ef8e6e95d82d826db2ee2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
335848
cf-polished
origSize=36
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"24-60df4243-9dd250bcb124bc7e;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grB4MyH2GWQsr4p%2FiLAntUugJoAr5SwSBdM%2B5xwhqdIMLmFppq3bn9v7lzNprtUVZmWmBsETZPK7O9sVzzC1PTAk%2BRqMz%2BOCjLRL7ukKPutogEvjA3yoerq6moZ7IsTlDMO2%2ByP%2BzKrMnxA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fb7bb2dc9f-LHR
expires
Fri, 27 Oct 2023 17:43:26 GMT
styles.min.css
49000.com.ua/wp-content/plugins/adev-api/assets/css/ 		2 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/adev-api/assets/css/styles.min.css?ver=0.9.1
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53093900ab95717d9deed83852cf33251cf7642fad9b5dec88c012d7b3538fd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86247
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"65a-60df4243-ba03955d1c78b613;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S32AsQM0gz6wQYV8LkWB13SeuST3xQ5Jj6XJsPL%2Byt0hJ5OlUA%2FGC0C6gBoMlTWscWceYtG4wzb4ufxy0B1%2BlDQqFdaPOmVwI1qW9UYmJRGJTItU0Zt2E1892yDiAk2sOxgKvq4lTdGRgLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7bb3dc9f-LHR
expires
Mon, 30 Oct 2023 15:03:27 GMT
styles.css
49000.com.ua/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.2
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160356
cf-polished
origSize=2731
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 26 Oct 2021 15:28:47 GMT
server
cloudflare
etag
W/"aab-61781eaf-bab84fc4c0eba7d9;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYA7zkIvKrHNCTfGEnjws2URsNj1ghv2Yk66tgzjm4KP%2F%2BTAeIG9meJ2bRbkXo5%2FWd1rotki%2Bmg7oEO2AMOTmBoE69PDkI%2BMmCa6Wdz%2BiMFZ%2B73avpGzUyp4HM2RqPcFlqBuzSHlMAciTHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fb7bb5dc9f-LHR
expires
Sun, 29 Oct 2023 18:28:18 GMT
cookie-law-info-public.css
49000.com.ua/wp-content/plugins/cookie-law-info/public/css/ 		3 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160357
cf-polished
origSize=3109
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"c25-60df4243-f11a445939757a52;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NUkBhH2HTJKovzT23tWXjXLN0rIYJwahpUQVYvJzTkQniWMEhs7ZGe%2BhZ%2F1sMieQJPZaq%2FYychoQosiQV%2FE9o7XaPeHHQsnMisH18Xw2fivNYq6s24yy849CSpNhCV3ho3miXsEc8Y9liI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fbbc1bdc9f-LHR
expires
Sun, 29 Oct 2023 18:28:18 GMT
cookie-law-info-gdpr.css
49000.com.ua/wp-content/plugins/cookie-law-info/public/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf291201b76e17fdbfb732933a2738cba6b4fa9308a29c86994047aa354883a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
422454
cf-polished
origSize=28367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"6ecf-60df4243-21d82905a0a20160;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28JOIXQU5g4fGFSELKvVWmyO%2FK%2FyFIKJTHQ2cCgM1xvC52cabmIJYiSDcRlhhkdLzzCeniW3nKzbBS2NbPDjyhAui0CEOLlap%2FP7fRG%2FrAzDUa%2BXkMoZj10jRKtuDgqxXFtdRY%2FprCwr%2BxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fbbc1cdc9f-LHR
expires
Thu, 26 Oct 2023 17:40:01 GMT
slicknav.min.css
49000.com.ua/wp-content/plugins/slicknav-mobile-menu/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/slicknav-mobile-menu/css/slicknav.min.css?ver=1.0.11
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065d38079361e0747bf9a6137799512e819eba94a9af7f21bd1a95bce782a01e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
335849
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Jul 2021 17:01:55 GMT
server
cloudflare
etag
W/"c57-60df4683-4ad1cdcd8fb65883;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvWa7UyjjB%2FoJeWADz5rNJM%2BjpSA7uz%2Bb%2BYel65b%2F5ozTcNtAG%2B7Jhd%2Fn73QK8KZr%2B4L96huBak2oLWGCnkA2c5KL8NiEH64ebvmps3dX5Z99AgtaHMjJWtzhMb6iltsjma9krZAVSY%2FngY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fbbc1edc9f-LHR
expires
Fri, 27 Oct 2023 17:43:26 GMT
pagenavi-css.css
49000.com.ua/wp-content/plugins/wp-pagenavi/ 		237 B
470 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
335849
cf-polished
origSize=374
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 17:02:11 GMT
server
cloudflare
etag
W/"176-60df4693-3293deb3fbb2eb20;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TtzGC4c2CCC0a2pNBFpQfx0K3S79Y4G060KIDtPXsgZwRogiMo51XuIbb0WBI%2BDct5XTUNdmoeUuhWmwK6OLr2vSGv8xgFTW7vle%2BQDY8hNodE04sbaOkEHBQjAnTl3cuJvlEH98kBmrbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fbbc21dc9f-LHR
expires
Fri, 27 Oct 2023 17:43:26 GMT
wptelegram-widget--public.3d0c567f.css
49000.com.ua/wp-content/plugins/wptelegram-widget/assets/static/css/ 		122 B
476 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/wptelegram-widget/assets/static/css/wptelegram-widget--public.3d0c567f.css?ver=1635262219
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8dba5405d21c747124407bd1d364bb0c5f4c38640bd5924fcde57ff41041e03

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160357
cf-polished
origSize=189
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 26 Oct 2021 15:30:19 GMT
server
cloudflare
etag
W/"bd-61781f0b-2a4707431bdd294;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHk9iNUohyZFAvyhJcfRwhrj5KpcUNh8%2BihLVydnXLjbP2Z%2FNi2jAKRjqAK4llF2UJLAhJ8LKXnsvPoedtCWjPndbf%2Fkd%2FyKHuS7oJudfpU1n629CcetS5Elzm8FbInaYc%2BFUT0%2BYVluewQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fbbc23dc9f-LHR
expires
Sun, 29 Oct 2023 18:28:18 GMT
addtoany.min.css
49000.com.ua/wp-content/plugins/add-to-any/ 		1 KB
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Oct 2021 15:26:29 GMT
server
cloudflare
etag
W/"5ef-61781e25-955f5f3a923da102;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sI%2BpmIVgeWuyZMG4rxU19OnkJr%2Fp%2FkxaGpAJQapvLMlysGVsPzYMhZbhRbq4cuEedQ59oKbt%2Fa%2FWhfmASORvBB5uTOgKscrp0zJPnq4U%2BD2Op5T%2FD6fb%2FkPcYyHfQCm1mcVnmpzQmCOyh%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fbbc24dc9f-LHR
expires
Sun, 29 Oct 2023 18:28:18 GMT
style.css
49000.com.ua/wp-content/themes/city-news/ 		49 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/style.css
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9b26cf51251eae11aefdb3007f0ab9691ecac454bb1994b08b890acd661ff9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160356
cf-polished
origSize=66217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Sep 2021 18:29:57 GMT
server
cloudflare
etag
W/"102a9-61365e25-f718f8db3435889a;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o22gwbcLJ9UveQaCgpbcb4lvY6lPMWl0jCbcvEyJitopTvdTGpIsg0qfiQaIX3YY%2B6CMOu%2FsFRGcPuujjjnl4%2FYnfnwRIHXTKrn01pxxD4tNKmF314kJSSOvPoIiRMw9RY2J78Vwwt4b2A0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fbbc27dc9f-LHR
expires
Sun, 29 Oct 2023 18:28:18 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic&subset=latin,cyrillic
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aecc606114320ce6760f4b108ba6fade0db9c6ff68ca8e58c130f415e4e5b824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 09:00:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Oct 2022 09:00:55 GMT
logo.png
49000.com.ua/wp-content/themes/city-news/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/themes/city-news/images/logo.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013dc884954b6a4d7ba92351b2a399c96d808b1ec68cb0c8cd21145ec21a75a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8002
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"1f42-60df4243-9fb1c3b8acfdd987;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyKqNqBPXfd4T724dgVjJVxu07e8Ji8AQegwgJyZiABhm7VlNVRJUqEiGa%2F1D%2BKgTekedxaclHRAem6KMByuNPxxAOzhUSvElFZAQjJFxUmMk7c5yGI6B3hzO2R4cdX8vUvkjtiR9FJNKXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e677711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
430715-640x640-3fh81y8n63ugy.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/430715-640x640-3fh81y8n63ugy.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a740c857a77259681a00a87341785628c6069093255b945650d5400b4599cd0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16787
last-modified
Fri, 16 Sep 2022 19:41:07 GMT
server
cloudflare
etag
"4193-6324d153-14a7ddea0cc97c44;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJqSf1HxSzu0YNMbdLeZN4XGnIMydUFPlBDoItD7snIovDmzfRg%2BV4r6qq6ggJyiFx4KppVVMGax%2FlN5zxT3k3aj1GNjSKgtP5DoIGH9cnxBfRncE3a6UlsKNADX0tPD0A4I3yTfm6u23Ig%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e6f7711-LHR
expires
Sat, 28 Oct 2023 19:20:17 GMT
views.jpg
49000.com.ua/wp-content/themes/city-news/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/themes/city-news/images/views.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07dff8a09455f8aa214f1853f2d6243753e30a8d7404ce9733ed0acd5f38121

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35311
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"89ef-60df4243-57637251bc86a7cc;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W824b6EbZqH9MrVuTah%2F2TpQgsGKbJRPnzniMoSFSsY%2FHnW29jduEzMTOzYNg4hbLU3wlyQlaKzo0prNsqrDkd3JRlZ9f%2BZqf6EMiDSzwKRtWhW3adHF0FDvXxlrNb2onv2Atgplva1Bhw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e717711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
7-2-640x640-3in57s00cdw56.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/7-2-640x640-3in57s00cdw56.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa818ccfedc1726c23667b5e9535cd7966b432a228ef6a96b52961ffbcca0c99

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6319
last-modified
Fri, 28 Oct 2022 12:27:14 GMT
server
cloudflare
etag
"18af-635bcaa2-503759f44ea55cb0;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9Uk%2FFJX9%2FGzH9maGV6P5dZifkTqkPxAxcu1M5qLkWxafr7eWJlaZ40hFubwXO1%2Be4dYvu%2BpNOcYCwxMdHWZamYUK9RRCm%2BCmbKrgtfC95nEGHVAz1VlnTZhERPYqXfBMjuut%2BHIFVNOQyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e737711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
311307086_420733070230159_8487295388352025759_n-640x640-3ikp9b2u6ktfe.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/311307086_420733070230159_8487295388352025759_n-640x640-3ikp9b2u6ktfe.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7057ac9b9e4e63889df8e5f499e8791ec316e8a5e50c17d067ea48f32d490cf7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6697
last-modified
Mon, 17 Oct 2022 10:38:07 GMT
server
cloudflare
etag
"1a29-634d308f-813b9a3639928939;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um3ilzVcHP3ED9MjLlHbmyY3eMqBzGGReMcdVGTdr3JbcHRAKvGWrT1FfyMqIjG8NwDt7Hdan5smkCe1QdYjfNyxliAuheeo%2Blo3T2%2FcdenYAl9EFaaoPloVkDlQWHNBytNobC7pTJn0TVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e747711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
Screenshot_1-28-640x640-3inzih9p32zvl.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/Screenshot_1-28-640x640-3inzih9p32zvl.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a1fc9a0fc0e7324bfe549a0ff2c0f1e00ffea9fe1557020d448a9dc30f34ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2410
last-modified
Mon, 31 Oct 2022 08:02:58 GMT
server
cloudflare
etag
"96a-635f8132-e7a6081aa20e38fa;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTkxJID1gwOTnuTcVtGLAma5DW3uCl%2FDPkHShHmjXmwxdZLK7TKkFNitteDUldBzp6bm2%2B%2FJ5%2FtxVXpNYxOVPfhaLYdvLcGa0BC9arZ4GJHjSwAWs%2F0w4rQCg3dmy8KIa%2B%2F48lzVLq4dlcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e777711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
o_1ggmf9r2e1rul7291dhs1cjph1d1q-640x640-3inzf4t0qteld.jpeg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/o_1ggmf9r2e1rul7291dhs1cjph1d1q-640x640-3inzf4t0qteld.jpeg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1095332e0abad0cf4dfed16d44acf13f310796bc1fedc5e7c481fdbd7c9b1123

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2299
last-modified
Mon, 31 Oct 2022 07:49:15 GMT
server
cloudflare
etag
"8fb-635f7dfb-e7716732307a371f;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8V%2FutYD%2FixzGpzNO5vKX6gF12alyOeaDTqYJzZ8eIN%2BBF9qUWQiVkytaqIyqoWBoEurGDabPowp%2FgeoP7%2FTcUuXW%2BXe0qRZrYhAWNuz1NVbC1h%2BV0mZvwiarHD3Yp6q36vfw5P5AQRajaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e787711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
o_1ggf58hoe1k3p1sb81le01i7t1fkv2h-640x640-3inb9lulg6a75.jpeg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/o_1ggf58hoe1k3p1sb81le01i7t1fkv2h-640x640-3inb9lulg6a75.jpeg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccb3a0b998d1b29bff776b4ecc67632907f4b97dde28c48a6b0fa12ff4976ae8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2239
last-modified
Sun, 30 Oct 2022 15:02:12 GMT
server
cloudflare
etag
"8bf-635e91f4-464dcec0aa72ab4;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fch9HqekZ4dL2MMPH2aYd7HCmhGo0vmn1Gs7c1XKQDfMJjgqbQQSWixF9J%2FjKou77SrBgdcluxMsAkqBm7aKyQ5OOKTx20u0KFMh%2FQzYiTrI%2BbPtbN8uO1CGa44WTO3L%2BDU2rYrr1UCc5DE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e7b7711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
o_1ggcm7vn7must8g1tqrvt011jq29-1-640x640-3ina5f0jjk4yp.jpeg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/o_1ggcm7vn7must8g1tqrvt011jq29-1-640x640-3ina5f0jjk4yp.jpeg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d519bef382e417bd33c64672e069a2ef3bde52e4b6b6632618641611a19adc0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2449
last-modified
Sun, 30 Oct 2022 12:00:21 GMT
server
cloudflare
etag
"991-635e6755-5c5d7921e0940d22;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rha7YKQHGuaM2X%2BzVyxvCXh%2BAaV8BsG4nXMIv5T8eFhXpU34UB5AB5ybgiS7eQDyWDsgqmXPFV29XiHro0dcq4P9pxSuBGSrEDXIm%2BBMpudymiXAEyYjYBMwEMtkRoD9gjI7%2FYZhHc3wp6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e7f7711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
255e415a-4694-4313-91c9-0166905d9571-640x640-3imsu7mrr4pi9.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/255e415a-4694-4313-91c9-0166905d9571-640x640-3imsu7mrr4pi9.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
622943a57bd4bd775e7cf2c27a08ec8281aa54e8775faacfc963a9826c361382

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2136
last-modified
Sun, 30 Oct 2022 09:01:07 GMT
server
cloudflare
etag
"858-635e3d53-1c81f0577b81b98f;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHUihZ3usAH8E0EhcXiWWsF48T7AO352VVNKosn3LTFS9SNIKcB6m5%2F5HQho8evBBGYJdY1OrdvCW20ZBdDLq5%2BciGMtLGkN0bs3xoXhCjHBbb%2FgX5Lnk0TTHOMULgVPxA7sZsIsnruOiqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e817711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
63565651e4af9614853165-640x640-3imss5hoz525d.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/63565651e4af9614853165-640x640-3imss5hoz525d.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7380065158426eccfc3286e8be72c08ff4234a023e4eeddf5a77567404559d45

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1314
last-modified
Sun, 30 Oct 2022 06:01:34 GMT
server
cloudflare
etag
"522-635e133e-85e49af42771fe72;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=no%2FxCB%2FX2BsR9F5DXG828CWqHI8tRfuI3yeeM%2BUl4k7EijhnxeC%2BiSluDBNOrsCPTl8n8IR%2BOVTMVqPJIqk3nmapkggF%2BzdQr2ckMugEEYQEVP0LTDKehXv0DIZthx0sPzNkWl3IWerbw2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e857711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
Screenshot_1-28-640x640-3inzih9pljfq8.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/Screenshot_1-28-640x640-3inzih9pljfq8.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e7b15b60d1c28b3399de5a5910cda3e452ce4ba21a632f35e5657d240ed2b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12463
last-modified
Mon, 31 Oct 2022 08:02:44 GMT
server
cloudflare
etag
"30af-635f8124-5619ce91afe9c9d9;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB1%2FpziZ6JacjL6E%2FCR0YjQ%2BzWZBJrYzKHRoNgRWCqHbi%2BPSagA2FfoibZwc8xuRwsQQCpq%2Bc3wKfQFo8vkQhWzQs3b8M%2BlZwMT8C91P2YTJKrtDWHGORFMXL1caeKumKO%2FZlcChX0Uz05M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e867711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
a05fb3b57ddbed7c6ba9e44565d4b059_XL-640x640-3hm6p8revlc2o.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/a05fb3b57ddbed7c6ba9e44565d4b059_XL-640x640-3hm6p8revlc2o.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e4353e2d06deba5dbe2cfd0411c57b7c26e581c5b49aaa1f5f221adfb3fe51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13923
last-modified
Tue, 24 May 2022 09:03:31 GMT
server
cloudflare
etag
"3663-628c9f63-5aeb51d5572bc081;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfBR9eWOophjcgHCElNd7Vq%2BCx%2BDeXvsEPXZQCv8UFXoogZemdtvkPX%2FaWyL8CJEmMwNIeoNT41DnUhL0IERalF2XIrEvLKOM0QpMwRHG4qqvGPC6KEgbRr1SH8Nif7HQ9DqapP3lPvgSpI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e8d7711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
001-640x640-3hl0twjlqj61s.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/001-640x640-3hl0twjlqj61s.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7017a544ffcf08b96b70de02e3f451f554dfcb92be5ed0a4fde929f33375f51b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13448
last-modified
Thu, 19 May 2022 10:54:46 GMT
server
cloudflare
etag
"3488-628621f6-fe0a1744ac9fdd8a;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giOFdxLnZSmUoRUDwY5GqjnsNfqXad5LeP2r12biOmAy3hpzBMIwOotkZpZ45v3E74jf48xQlGuBdYWNkpyOtUkwPQLFeRQnL8DxK2rnF6tasxmA64vCBb8d7Rq%2B27zqEyFFWW1u4yM%2FIC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e907711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
dudka-640x640-3ho4p36o8ujq8.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/dudka-640x640-3ho4p36o8ujq8.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
897a5e559d4036e6e56812311b87cddb8b0142968fd7f017890825ae514e021f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15545
last-modified
Wed, 01 Jun 2022 14:30:00 GMT
server
cloudflare
etag
"3cb9-629777e8-8259c033943b8fb3;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tU0lFBTIxcgcVFG2dUnz%2BZynwjTlWjwhuDXxnJdpHFXthi%2BCeGYQZj3fnLUJifX0mNcBO%2BT%2BQE8anlBA%2BEfFkYvM0i0y5Ivc9nhnO%2BZpy6Q53Aujy87IR7saesT7hk2Zi16rxpoCAuuxiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e917711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
360kh250__-768x533.jpg
49000.com.ua/wp-content/uploads/2022/10/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/2022/10/360kh250__-768x533.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93aaac92a1535c7bf910fc628e21399b6dc88c7e7925840339c12db9254a2a69

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
72463
last-modified
Wed, 05 Oct 2022 10:21:23 GMT
server
cloudflare
etag
"11b0f-633d5aa3-842745c2b69176b8;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fp3qs8M2V1JyXT9mxVspvMv6CP8%2B3WpN0SMkRkH%2F7DWfQSD3wrYoXaN5SEwZsqvur3UenShX51qjJGhyqPq3x1n9yexncI%2BH1Hjwi8U2kwrLjDDByOmzXW1Nzi0wP%2Biey1%2FitvlHDl9FvHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e927711-LHR
expires
Sat, 28 Oct 2023 19:20:17 GMT
4-4-640x640-3imcbgtpvud54.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/4-4-640x640-3imcbgtpvud54.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a783fbd613bad4f504c89e94a9687451e1f40840d9797590e0a9ab024ca7c70c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6066
last-modified
Mon, 31 Oct 2022 06:02:31 GMT
server
cloudflare
etag
"17b2-635f64f7-f23c1c1d3745993b;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl8Fktm3ROtxex4rcYErQNTya2D4q5vGnSRbC7rNGU6ssiUQHSB%2FeM1sOvvu3iEQwTzkhbp99AtPmpb8Y0qZFa2snEdZrObXXx9Q%2Fi6BvZYhVnoXJciqAxaAcw5Rm%2BqCAXiZ36neXEaSRp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e937711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
korban-640x640-3hvz3btiwu5u0.jpg
49000.com.ua/wp-content/uploads/bfi_thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/uploads/bfi_thumb/korban-640x640-3hvz3btiwu5u0.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1139f1d19c0f340f767dbff5feb266cea1ba7761e78b7db7d765eef605285d79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3346
last-modified
Mon, 11 Jul 2022 16:10:18 GMT
server
cloudflare
etag
"d12-62cc4b6a-597a4bedfa064b05;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BQCklbETPqPe8%2F9SDuzgjOUKqydN14cgzTH%2B8gG7kzs7NFivd2KlcIZziYUjsxFHGqDPXRB%2BPE6cDg4mZjNwzdchZxcuQcZ3B%2FLAup2jGkdIE%2FQdLLEcU0%2BFU%2BJEdxWPCpIt9WiIDAk0kA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e957711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
logo-bottom.png
49000.com.ua/wp-content/themes/city-news/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/themes/city-news/images/logo-bottom.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1c02bc817578f589ab1824f978d5b688aa8abf58fabc80c94abf93447d0ae3c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2424
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"978-60df4243-44dd7583211c441a;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOpNy%2B8PYGYMBxfb8%2FtP5mGTO9OrXw64ZoR8%2B5ID8grIQ75NcEecDrmKHeyvr0scTv6mLyi3KZZCQaM0l0juqnb3AG%2FiaG8tKcPI74tIw0WnQ1bnw28h%2F52Ib2Ig7rftPfDozGio2fa5a30%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc2e987711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
email-decode.min.js
49000.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Oct 2022 23:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6359c537-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cEE2MIr1GiYzO263UElxchJkTyJGEtMzuWG5PWyWL2jfIC%2BCsN5FDZVzuGsW3rysvucIrNEovY%2FTmt%2FiFsem%2FENJQ4jaKh2SSs3jjW5EshRbh4KaldplQhMvTjzxe6dWy0WPDIf%2FZQxNRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
762b33fc2e5f7711-LHR
expires
Wed, 02 Nov 2022 09:00:55 GMT
rocket-loader.min.js
49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Oct 2022 23:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6359c537-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjnUSWPUpjnbYthyRWjRK9JT2X8QcuDR%2BDdeuDogJVb8UxvyolQnIITP6iGpugSkpJpEVZ04j19RwxmoaJ0m1N3azsm9FK13eggPadv1qhtdS9DuoYsnnzRNoVpWduHkoxobnRzNEvcvJnM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
762b33fc2e9b7711-LHR
expires
Wed, 02 Nov 2022 09:00:55 GMT
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1a662152c1b181faee3414c71763cfa9108a0bc2c3e0a88e3814c4f9d71e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
92251
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 19 Oct 2022 06:16:16 GMT
server
cloudflare
etag
W/"bb9-5eb5d2575a6c8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=172800
cf-ray
762b33fcdf3a7756-LHR
instagram.png
49000.com.ua/wp-content/themes/city-news/images/social/ 		727 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/themes/city-news/images/social/instagram.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wp-content/themes/city-news/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6064c20c57faae34acd6c36af37a61beeaf9ea6a370b390afed4b88b78a8d17c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/wp-content/themes/city-news/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2068606
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
727
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"2d7-60df4243-fb8d44b99e85e5a1;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aA%2FlL4P7HJMkvR3zToLPXtJ8KZXF2FHG3AgVj363o%2B6gRbnUkTgMYS5OWOW%2FLvsvKIGa0ilbuQcn3f4DO%2Bg%2FjUi6dqeiVeFhZWpb2dda93oP%2ByzoW3mfqAWLADDuXNA5aY6CNmALiGMrRc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc9f6a7711-LHR
expires
Sat, 07 Oct 2023 16:24:09 GMT
facebook2.png
49000.com.ua/wp-content/themes/city-news/images/social/ 		589 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/themes/city-news/images/social/facebook2.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wp-content/themes/city-news/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea1364ffbf15ec9d2c19a0507b0fa4e3693325e6ece26cc683978f2644e9f55

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/wp-content/themes/city-news/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
589
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"24d-60df4243-f84700eff5fbfe86;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vginiCEN1cii7BFyPmuHHYHYkxiT1gumTt9cX%2FAbHgfvTvX6GSFbnG%2Bizb6nPuxWT%2ByFAOt48tjJCvmoLvTdCQAqwtddxs%2F7EQFh1WQbHtb0IzXJF9IHFbgD7BrTNQG9B4MvECffldG9ZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc9f6c7711-LHR
expires
Sat, 28 Oct 2023 19:20:17 GMT
telegram-logo-black.png
49000.com.ua/wp-content/themes/city-news/images/social/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/themes/city-news/images/social/telegram-logo-black.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wp-content/themes/city-news/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bad129de3ef766fa40f28d69c625443c63ac4c3830b2418016f67da33833e6c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/wp-content/themes/city-news/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2668
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"a6c-60df4243-5f457bef1c6016cb;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taIxyKXt5mYM8pYN2o9dMKW7AEJQUgWVGFd8HeMswOt%2BfdRZ4ds2z5dLtmZHuFSMptXyLd2xW3fs7gHzG0B9fFwDILjR%2FAG3hGGS1j3YeULR4pwCdZneACQozTBdHCSVuJPlpSVZ2EbEAVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc9f707711-LHR
expires
Tue, 31 Oct 2023 15:00:55 GMT
google-news.png
49000.com.ua/wp-content/themes/city-news/images/social/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/themes/city-news/images/social/google-news.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wp-content/themes/city-news/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70180227eda4824373efe6b0cffb4734c962d037749d2c34f3330afb542d486f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/wp-content/themes/city-news/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4329
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"10e9-60df4243-a302d2c40facee44;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhz9eDx4ws98mclWV2PPLMp2i6dGZ6Nor%2FHG566phZX6LBJkioTuOtn88mpb3mbEYOBQtlJLlZxJBVnwBA4IFbx%2BaJZv%2BedAWe7Mdh1aEh31%2FmgH%2BeQmvmulKH5xRlin4tn9CdGXTmh27Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fc9f717711-LHR
expires
Tue, 31 Oct 2023 13:55:13 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 19:26:54 GMT
x-content-type-options
nosniff
age
394441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 19:26:54 GMT
img-decor.jpg
49000.com.ua/wp-content/themes/city-news/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://49000.com.ua/wp-content/themes/city-news/images/img-decor.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wp-content/themes/city-news/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0762626c9fc5748687e16d766c669cff5dbe574435ecd2c9586758e2eee59d81

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/wp-content/themes/city-news/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1709
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
"6ad-60df4243-335bca5d73450397;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFnwwtFxeBMErh8wETItD822yML4IDX%2BdNmhAv%2F604gfSGe%2FnYoWlF4vnVLYkBJ8VbbYZ4qVguaOMhGyFiXwPYLe2vA7MedbQB6%2B%2BtzIi9zc2bqbt24ThpjZ6bguhiBR78ba6%2FGr5YwDqzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
762b33fcaf787711-LHR
expires
Sat, 28 Oct 2023 19:20:17 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 19:26:32 GMT
x-content-type-options
nosniff
age
394463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 19:26:32 GMT
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 23:16:27 GMT
x-content-type-options
nosniff
age
294268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28444
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Oct 2023 23:16:27 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 19:27:25 GMT
x-content-type-options
nosniff
age
394410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29928
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 19:27:25 GMT
/
49000.com.ua/wptelegram/widget/view/@dnepr_49000/ Frame DE9A 		156 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29
Resource Hash
772726b7f5423bc5bc8e9222b9690c30056a23732a904763d4d167c31d995e5a

Request headers

Referer
https://49000.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
762b33fcbfae7711-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 09:00:56 GMT
link
<https://49000.com.ua/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRyHW2VmS7UYMNkHfXd1G%2BS3taL6tZra0sRNbr1%2BycPnijPuOQNPQJwPcA05KX89YVVlRXmHDb7ItVT%2Bhw6nhvsLcjdSgZMwnoTcSSXyMoE4OPF0gAsPupsmWYHJIEcf2gHQb7pKBKxF2ag%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-litespeed-tag
627_HTTP.200
x-powered-by
PHP/7.4.29
x-turbo-charged-by
LiteSpeed
wp-embed.min.js
49000.com.ua/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-includes/js/wp-embed.min.js?ver=5.8.6
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243637
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"592-60df4243-8ff6c295c05103f9;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2taIyrlcDkwaFkJIF9Yf69BuaNL8a7cXO%2FWFUqTvskP%2FyDJ%2F7tLT7GLDE4UnnUu6CHCDMNnNWbsXd8YpxBOSYMXTv90j5s2vGaDnsiwZPzclrYbyM30e6Rp1608O7yAdVO0KqdH9WCE4%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fccfbf7711-LHR
expires
Sat, 28 Oct 2023 19:20:18 GMT
script.min.js
49000.com.ua/wp-content/plugins/adev-ad-banners/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/adev-ad-banners/assets/js/script.min.js?ver=1.0.2
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26d67fcc2d8ab3560a14548a4dd3f37e1868c2e2377b17b605d559de8108a66

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1524982
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Sep 2021 18:18:05 GMT
server
cloudflare
etag
W/"755-61365b5d-5b910539a294430f;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzHyMAkHjbWiCV4Qn2xin%2FGX1PTF7yCbxHXHDo%2BDEPdHntolFWTNPbq9l0f5YFOAT4cGKgW3gozTIX4C%2Fjv20%2FVfvIzL1rBiGbsLDDJ6DxhVGwN3VcmzsPfk2hrFnD3XyC8mSdchExiomDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfd37711-LHR
expires
Fri, 13 Oct 2023 23:24:33 GMT
jquery.scrollTo.js
49000.com.ua/wp-content/themes/city-news/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/js/jquery.scrollTo.js?ver=1.4.2
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df19bde9da6f2a90ba4f0b1bfa24a44e7f160bcab3ccb1c042b6650bf58f51ec

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
904043
cf-polished
origSize=7715
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"1e23-60df4243-a8224a522306e91;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtapJsujh8pk81gv3aSXskUi8iFmrEYA8v84X3jy%2FMFH7LqbjkU6V0lmLNaAdgDc1WpbxsZ3Bd95Ql2tbfdMVDIjm%2FKmjtY2sSvgGQmqji0ah6nljLUZ3NZAXdH5ukMZPMpBkCVgCJust58%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfd77711-LHR
expires
Sat, 21 Oct 2023 03:53:32 GMT
tips.js
49000.com.ua/wp-content/themes/city-news/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/js/tips.js?ver=1.0.0.
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70796d32d9399c19ca1f64ce5c1f1a67c42643159ea5ba5ad9f3703e35622333

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243637
cf-polished
origSize=4477
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"117d-60df4243-57cd4c875aff1078;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kgg3GnqglACLtr%2BqjcdC0KKhpdhiAuwzI9prypcw7L7knVo5LPQ1Z2PvuZSOaQh36hz4R817mc4dpR49SxEXRSP5Ziu9op4Spo6cwzxCXZFfI%2BbI8vcbl%2FC8OS3ynU%2BPA2MbL71PrIWavj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfdb7711-LHR
expires
Sat, 28 Oct 2023 19:20:18 GMT
jquery.mobilemenu.js
49000.com.ua/wp-content/themes/city-news/js/ 		991 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/js/jquery.mobilemenu.js?ver=1.0.0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f527fc04546ae8fe9bf1208b881c327df8c06546be530e4269a0397e6b9467

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
904043
cf-polished
origSize=1746
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"6d2-60df4243-f1904a35abf8869b;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEiZCMYj%2FNI1phEGwVQD5mxRUcB6%2B9BLnSr74qyNiyLiDIpsH6yPXNKpJAW1YalxT%2BbI%2FibqueeSiQTxcS%2FNCTTzCOL6hnQZEh33HjhdqycqVGRABe%2Fc1LDUWKigei45U1TVn4eKIh57uXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfdd7711-LHR
expires
Sat, 21 Oct 2023 03:53:32 GMT
superfish.js
49000.com.ua/wp-content/themes/city-news/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/js/superfish.js?ver=1.4.8.
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1705187171c2f288d019737c841d2fd149499205f663ee046f2a9fe73ad3260b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11d4-60df4243-d9db2c99f746fe6b;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3C4Zx8XngjTVskA1m1AoB9We%2FjjaiLeKNxLU2edkUvxLvB3rD6qIk7SFXqCVnJTKY1syGwQW3kW4xtrZpUENQdJghyZuB%2Bx96tvlPYIWdYcZCyJBtRaj3fAILQ6oiUz7GVGJE%2F9ZYU4%2FlU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfe07711-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Oct 2023 15:00:55 GMT
inview.js
49000.com.ua/wp-content/themes/city-news/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/js/inview.js?ver=1.1.2.
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3535bf9c68a69732cec8f625abb8a79db09a0466d0793f491a9193710aff92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243637
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"59d-60df4243-41b0c854fe7990d4;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t36ZrZBXe4UHvRPGtU3BKosaglwoHgHZ10vk6ciFlK%2FTIukOZVEQnGjkX%2FKvkk6tFikvxOUY96iOzq%2F6GLacDjs3Hbu9jE2j6uICfIZWTUOztdTROAJFqpR%2F49jDIzBQULyN5QI0DT1PRzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfe77711-LHR
expires
Sat, 28 Oct 2023 19:20:18 GMT
jquery.webticker.min.js
49000.com.ua/wp-content/themes/city-news/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/js/jquery.webticker.min.js?ver=1.1.1
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
427f6e61b801e93e2cc2d8cba9dc8f7e6a30e3ef00cf189e6f3d7a6b983f5c10

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"13cb-60df4243-5877963e4644440;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiX5YdoMDMABz%2BN8prFii7GyhVDuS0UxFcaMxRVUSGay1NEeRkBFHL8bNxenvEDL%2Bgcpr9u22Y%2BFahgRnaWK1biTkleghvKbXIHfESDISCvl4TkGb%2BbHr821QQ06P1v5N%2BVzI5s2lEdskh4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfe87711-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Oct 2023 15:00:55 GMT
custom.js
49000.com.ua/wp-content/themes/city-news/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/js/custom.js?ver=1.0.0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d74e29c60f4cbf0e3d9d73a400162db15a9801e369faf116aecfe8dd2d5fea6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2068606
cf-polished
origSize=1911
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"777-60df4243-fc5bb20d3a6f21d8;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fxs1xZQgZruRs3jK5ixfAWKsnv9Ym8x%2FKlUaQOY9rK5x6Fp6%2F8E8e5LZyzENv80IrFJbVY7CBriNKjd1JEtzwbXct8flHaenDBRf9PK8ytrS5YUPH5ONGORBhk564U7xRmnSNdgn%2FrXasWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfe97711-LHR
expires
Sat, 07 Oct 2023 16:24:09 GMT
wptelegram-widget--public.f398a08e.js
49000.com.ua/wp-content/plugins/wptelegram-widget/assets/static/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/wptelegram-widget/assets/static/js/wptelegram-widget--public.f398a08e.js?ver=6f2d48cea875402034a64db7d2baf0b0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f216650eb16519fa87f0687dadd30f301019437289d15c91a8c1f5f6024019a9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
904043
cf-polished
origSize=1486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 26 Oct 2021 15:30:19 GMT
server
cloudflare
etag
W/"5ce-61781f0b-4faf19ca1586ae86;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nS6KNQTr8%2FCV41cEGeBBcW9Mg8rxY%2B7slG3AZ9JifzHnJZ6pa7o1X3ypnKa261I%2BO%2BCJ6RIqT2xesaaW%2B8WxmNMwauRrgNi6CSnT81kIN%2FFKsXCjzUMmwQ%2BnE4iBm6OeOd6tiE7FfhaPVaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfed7711-LHR
expires
Sat, 21 Oct 2023 03:53:32 GMT
api.js
www.google.com/recaptcha/ 		919 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8af08d3b9b7947ef0d3bc1c4e7422200d9b08d2bd782d854a8bedca69b8f55c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Mon, 31 Oct 2022 09:00:55 GMT
index.js
49000.com.ua/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243637
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 26 Oct 2021 15:28:47 GMT
server
cloudflare
etag
W/"2e56-61781eaf-9c24875f73d9b94b;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nn51Z2o6ebVe6dWs4cDxmU4bSJLy%2BgoLE7VbmHP25rbXVsMdZXGV7zjHRQUjJRs7lNwTUoM0EdNWi%2B78iDl8CDtYya3lunu1LXKqM0gDqA0MstQ%2FZQ34xEaQ07qui8gD0Snt1tS48RaeGgY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdff17711-LHR
expires
Sat, 28 Oct 2023 19:20:18 GMT
wp-polyfill.min.js
49000.com.ua/wp-includes/js/dist/vendor/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Oct 2021 15:31:58 GMT
server
cloudflare
etag
W/"4056-61781f6e-d9890f483ebe003d;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt0mtAimmCVE1rj2GwV%2F47cig4zEM6u8ebaBBRzGeQTnJjBejwCIE5cq4jT0QsZxRrYJ4zyFepWoFpRHyXoCbwUIQv0B%2BAxX2s1FejO2CGmLejgixq5ylOKRkSSw5SPMxCFIHyN35q%2Bt3qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdff57711-LHR
expires
Tue, 31 Oct 2023 13:55:13 GMT
regenerator-runtime.min.js
49000.com.ua/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2072914
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Oct 2021 15:31:58 GMT
server
cloudflare
etag
W/"1906-61781f6e-e309490f94c009ed;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDgQjSRix3YSUkXVBwKOCewK%2FBbWiMuxC2H%2FvoS%2FcYfTyr8H4aYtvaxkJFR%2F%2BWVPxtKzJbN1Bi%2FPOFklPor7kvSAwdOaBAkiSSsfj7mArAg%2BvMHzkfY8Z0Pw27M6AaaXwA%2F05wusQKqWp%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdff77711-LHR
expires
Sat, 07 Oct 2023 15:12:21 GMT
share42.js
49000.com.ua/share42/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/share42/share42.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cff247538bb788277645dd9481dff71940e8aea9fa4cd9da57317092f29ed96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b73-60df4243-1ee20c327d97d5a9;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w08w%2F6uLcnMPmLZScJxSmOeOl3txHCkX0TlkkK6%2BUTabTAYOTd%2FB5hAnIeEena%2FiG7xSpMs%2B%2B3RnbfmBM%2BDB3otBufgh0y7IiHwfI0WpD1x5y0pO2Da5L0EFFNqSuRLROPepkyxHjgKQw5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdff97711-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Oct 2023 15:00:55 GMT
49000.com.ua.1338774.js
jsc.mgid.com/4/9/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/4/9/49000.com.ua.1338774.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb69175f81f4fec2e64d01c7ccfaafb803fc95541eb58303130766e5c9f1b2ec

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
x-amz-version-id
CRqPuy7iK4hegUs6eZNMz2E01wF6rnZx
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
X3N5HNENKCJN5X4T
age
3941
cf-polished
origSize=2318
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YQwX+EM4TsSAGRFU6lJXEK5c0a+MBOZZouxbi7GAhPKfcDGAdqJxVCvIP0nW714ASGVCSI9F6GU=
cf-bgj
minify
last-modified
Tue, 19 Jul 2022 13:59:40 GMT
server
cloudflare
etag
W/"c3d791291e12fe7649858e83180fac69"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
762b33fd89c98e12-LHR
expires
Mon, 31 Oct 2022 12:00:55 GMT
informers_js.php
sinoptik.ua/ 		1 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sinoptik.ua/informers_js.php?title=4&wind=2&cities=303007131&lang=ru
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
a1e73d18cae7fa3cafdcdfc62dad87c5054b4f4d218b83a637658b0c8cd70d2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-store, no-cache, must-revalidate
date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
gzip
x-server-by
sinfe1
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/json
cache-control
must-revalidate, post-check=0, pre-check=0
expires
0
jquery00.js
49000.com.ua/wp-content/themes/city-news/slider/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/themes/city-news/slider/jquery00.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f1337d98ae9bdc5324add86b6d9fada463831f9f4f3d808b0cea1c9479fbd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243637
cf-polished
origSize=51567
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"c96f-60df4243-d145b6ba1945369b;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qZRhLfBvPuhN6hr7u3qnYX8kl6WW4ApBdSEqiQ8%2FfXaHhwILvdqo%2BKQkTk1foLyZC034Arj2qst%2B5FxYGVm48TD0OFuMHzg7SLZZHmv6VCdLy%2Fcl%2BjRnOkXc87iYd3gA1vXNSIcJD7FHk0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdffa7711-LHR
expires
Sat, 28 Oct 2023 19:20:18 GMT
slick-init.js
49000.com.ua/wp-content/plugins/slicknav-mobile-menu/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/slicknav-mobile-menu/js/slick-init.js?ver=1.9.1
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ba9b7342eb964db038d633422c497bdc8ced1fa2300e73c9fee3b8fd801613

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243637
cf-polished
origSize=6050
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 17:01:55 GMT
server
cloudflare
etag
W/"17a2-60df4683-f70204103818b134;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehYH0jCbn%2FgaLZ%2BU9ubUPyaSNQm952puU6%2BuuIAAJX7u9Zg7zN4mtUpZ%2BCaWyVPai8dnit%2FmsqYIxEu2gEnWg2cBnfcuU4ItiNs3rkZ2Hoz%2BqwRjfNIrPCyVdTLy6OQpY%2F4otwUO%2B%2B0pMZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdffd7711-LHR
expires
Sat, 28 Oct 2023 19:20:18 GMT
jquery.slicknav.min.js
49000.com.ua/wp-content/plugins/slicknav-mobile-menu/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/slicknav-mobile-menu/js/jquery.slicknav.min.js?ver=1.0.11
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a94ff9fb18039e72ab79b9b06dc3597307d70cb99a01e4ae5fe610fb6a555a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
904043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Jul 2021 17:01:55 GMT
server
cloudflare
etag
W/"2081-60df4683-746c12a325ee9ed4;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8AHxxlDm5dgfRIj9U8OqnvYqlFfc0PKRM8IlGznQ8jRbbfyFkx1l9tKPIx0G7s%2Bzz9RsFMWyEx7rGxC2dhRW4pL2mvQyDvnLGEIYkuuAkUaHfX4R8f49DaEyBdNxQF0tyk1rDeDyD2tSoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcdfff7711-LHR
expires
Sat, 21 Oct 2023 03:53:32 GMT
cookie-law-info-public.js
49000.com.ua/wp-content/plugins/cookie-law-info/public/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dabd00e869613ae43cd7cc2354ee31b85105b3aac1d4118885ed8fcacb573cd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243637
cf-polished
origSize=34975
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"889f-60df4243-15ad17adfd96838b;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHuy4CNEZ6bcklfYUhG3lodKg0du1Dq%2BjGLhLN4mHMXaK%2FS5mITawSSIu2DW3YrtBMZWK99KyE5o4kKIqNYHFpN4dnsZSR5WSPk%2Bl7rRAFBMUnx9eedR01Zro3o6bx9i%2FjRZIija8TEY5ys%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcd80f7711-LHR
expires
Sat, 28 Oct 2023 19:20:18 GMT
script.min.js
49000.com.ua/wp-content/plugins/adev-api/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/adev-api/assets/js/script.min.js?ver=0.9.1
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861a3b9d835ef87a8946575fe26adbc8c204cc9d9a8d44e7053cede7f278d5e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
904043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
server
cloudflare
etag
W/"da3-60df4243-bafee94a4d18962d;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nd%2BK05u%2FS5PVpIYdIHXcQXyGTgHCzecMT3iYvZ7XdS%2Fh2OwxPzr9ZjHd8w8TihxZsjGTooIBlBHJ3oyVdKmLDn1muCv5kR6XtQCyC0A03%2BppiFludu%2BlhYMmMVPlmIHXvkF0EeOelqhUk%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcd8127711-LHR
expires
Sat, 21 Oct 2023 03:53:32 GMT
addtoany.min.js
49000.com.ua/wp-content/plugins/add-to-any/ 		129 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3941
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Oct 2021 15:26:29 GMT
server
cloudflare
etag
W/"81-61781e25-f904524b5d70cba7;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FaiRNWsZ5J84GXsJpjk2gtpIkj7Gmr60MuaGyTWhdnAykjrAVy%2BY0sLtxyDr6i02skfwRa1PZe9hTZyZF%2BLfs3t0GOas0y4LN%2FhpEr0SEPnAJjXg%2Fii4tIW96uSYRZwQuATceZqINqHOIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcd8137711-LHR
expires
Tue, 31 Oct 2023 13:55:14 GMT
jquery-migrate.min.js
49000.com.ua/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 02 Jul 2021 16:43:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2bd8-60df4243-43b206824d79b03d;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA%2B4iTURdpocYdMwlE%2FN8eLC2h4X6AMg7Q6Ilp%2F2GBK5af0eL1KpcNJab5A1Ozv1j7G2TaQ0DyclHkaQ%2FggDSjzl88wRUW6uEQX9Trgwp%2BnULVVIiYSdqlGP5C8b5naRiPGQVyw17ctRYyY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcd8157711-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Oct 2023 15:00:55 GMT
jquery.min.js
49000.com.ua/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Oct 2021 15:31:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15db1-61781f6e-6491a2dc98f80d9c;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuKDyLpk539X%2B57swEFIbQVq0XKf9YLbkOeWBstTxITtarGEiyvqA%2B%2FfSNithWoMTYCv5ZHWkQhDm%2BZB70opv27HcrPTgovaVTudCMDax4jUETcA%2BI6AbxhxpICNfpFLQgxEfbEF80pkFEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcd8177711-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Oct 2023 15:00:55 GMT
simple-facebook-page-root.js
49000.com.ua/wp-content/plugins/simple-facebook-twitter-widget/js/ 		367 B
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-content/plugins/simple-facebook-twitter-widget/js/simple-facebook-page-root.js?ver=1.7.0
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e10c5894feb68b18a011cbaeacaac67ca84b72b0e2b88c17995456f104a060f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Nov 2021 16:52:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"16f-618bf8b8-9a9fca3564b775c5;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOLP1QYWJN0neJ9%2BFXvlr481q0yuGxyC3aYl1sP%2Bdn%2BR60hkr%2FDzDQA1HcbRnPHn5JYH6PXYH0TOpNiMfA92gTCxCu8uYjt1TDFdVp4gsJbAHnQ7C4e0ZrphKuVXNdCzI9YMksfRhRJ4FZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b33fcd8197711-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Oct 2023 15:00:55 GMT
core.ad902dd1.js
static.addtoany.com/menu/modules/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.ad902dd1.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36881e576619c157397e1004d906a7f4254bdcc145c068fa6f795c84af665d3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:55 GMT
via
e4s
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
183314
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 19 Oct 2022 06:16:14 GMT
server
cloudflare
etag
W/"11786-5eb5d25506b88"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
762b33fd79c171a5-LHR
font-roboto.css
telegram.org/css/ Frame DE9A 		6 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/font-roboto.css?1
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
W/"63512b7d-1816"
content-type
text/css
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
widget-frame.css
telegram.org/css/ Frame DE9A 		86 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/widget-frame.css?63
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
803df509fe55bade6e1d161b961ff9c59c6645daa104e41b453ca014628d7994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
W/"63512b7d-15800"
content-type
text/css
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
telegram-web.css
telegram.org/css/ Frame DE9A 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/telegram-web.css?35
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9b1e68362961b7641e00727d943f8b3104889789fca2f38ddd5a9367619f75f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sun, 09 Oct 2022 13:18:38 GMT
server
nginx/1.18.0
etag
W/"6342ca2e-79e7"
content-type
text/css
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
XGj5uXsZSrZcg92rDy0Z-oMhULcYmxee0jeAUJ6m7VgLk1n1Y6FAk5LcpQ_Ph3wRBVRyo8RxccjMkbZPgiz0tTmwbIyX99VFUImlHuBAi76RQ2dENcwvJ7bimVVcSAH9YQ38jx6ykmmnULouiyeZnp2XYundBBH-TrQYfYJIbf6OSlq-loV6l2h9PlV9d5QUMOfxp...
cdn4.telegram-cdn.org/file/ Frame DE9A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/XGj5uXsZSrZcg92rDy0Z-oMhULcYmxee0jeAUJ6m7VgLk1n1Y6FAk5LcpQ_Ph3wRBVRyo8RxccjMkbZPgiz0tTmwbIyX99VFUImlHuBAi76RQ2dENcwvJ7bimVVcSAH9YQ38jx6ykmmnULouiyeZnp2XYundBBH-TrQYfYJIbf6OSlq-loV6l2h9PlV9d5QUMOfxpO0VAMxYQ0j-Rjpwl-6j0QSniiu96xwPZNeWcdrvSKaerzLuufW8XEOIs1aPg_SrsKj2waj6xIupCP8MFWbvdAE0im26TeHPQidpy4heOkB4yVMrUm6qUkSdNgGTWW3835vRIUVeYn5Qk81uWQ.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
53fb291f0fc7e3ca84d4d021ecb798774c1dd0c96b1de8dcc647617c5b1a70bc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4937
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"81c042b5b6f62e67a91dcec056652722b3c6af67"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
rocket-loader.min.js
49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame DE9A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Oct 2022 23:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6359c537-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKX%2FwZHS%2Beznjp6yD8Lp6GMKO2M08opeLXst%2FU0UTfw8z92ozNAJpCEyIz9Os67v8VGUaErKLlh2b%2Be5C%2Ftsy31SHOlgn%2FHuzwRV4By9mNAF9i9SH89XM5VKQHsWLKfM8yQk%2Fpo%2FezUkKy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
762b3402dbd87711-LHR
expires
Wed, 02 Nov 2022 09:00:56 GMT
dd52fcd0fe.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		47 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/dd52fcd0fe.mp4?token=W8hNHCSJ6Stq_EMtP1T1oiMrnCThb8Sds9F_z_BMMh8FidE3_gP0uEJjgrtOKRAu_1JsFi56u_2e9jvolRnTMt5Y84Q0iBvOUOMqZHlE1FrH31wumf8WIIKKVIDwGX-uPhmxxWTreenZhi_vFVf_6HlRLUAYjgsqswyE9b1wScj_Ahsy3pB9-Y9_xZMdCFVY16A-QEvx4rqWwC7tmbzih5nR8trSfOSN3_rJrNZeG-gjQWO1_xAnKx4CSjkziqdRolQqApr9WEG8HFWRUg__JVzU9pkuC0yTyBw4hXicSw7n_gP9uMm4_HDSxTLO7B72qJbpFY_BDxM9E40m3m9PNg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
Content-Range
bytes 0-6226874/6226875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
6226875
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"27f6681da71ad0f7a0e4105f98788030f7e24dbe"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
640a99eec6.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		63 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/640a99eec6.mp4?token=j6lI9PliAU5lZmpJRi_tQ4xaCwJ9ER4qscKbhzrNwYYjuOrBAGb9XfI_6VD8XH6Truru2CW0VEcCQNDb6wO8wMeMtTbV6ZMh-tfW2Aw0wjH8FAVLhUCQMnn_-PEX_W5AtvjD8PqDkN7LaNeTJMnJ_8Q53JwlUd7jeAvBE24r7UQjIIMl401UvcgIV9f1lfAceURoAJp-BN6DmAXnSze1vwdh3M-9o8Y1QTCvJRBeqi1zdTBMkvH-EW5UZhXWwvy_Jc_K_EvDy9Pzzrf9tQ5KCj8jM4HnvYoUomh6k6vRUJz89rokgWSctL_IKCCOf2XyQXniKZCocMsusz-vHFmPrA
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
Content-Range
bytes 0-7092010/7092011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
7092011
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"7166de1c7986d19a2d592dfe1af563d27fd06963"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
030b841d25.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		47 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/030b841d25.mp4?token=GpH_Yx1WJFu6oS7ORnOcm7vE4PzAEQRW3bF5plI5-7gE_8NYKAsXwXkGP_dmSGR1WETXB4qH0pEZRqI6HFmbsq4w0ozv5hvmg8JEOZRxXSpZuiMD8nYjY-YFGKXSt1-YSLZuHp9MuRyuuASAI4MxatgQJHmJzeNBsYWT2GK6EfvOFIEyVUqVXVCyU9uinDEOFsHpF_3STxnE3f6Q9B2VqYl5bxkz0txrIndNGDpTETC7EE9VZGaRTG4Rhr_c-rCpL6p1qXlrqx_rk1eEBS16vTHqT4iJN0Mh388nohv_832XM9FWvoseGMDhtoO1sKdD5BxAi8M1yPPj_-bFaE2PGi4-Hw3DwfOWlHp4zDuk1_LZpVbYl1O6Rr92-5Z24NnQFcvzyJMMfLQC52R7Gfr6NJ2oJ_2E5RLL0jRLSLgNFBAU4oqD4QVwS48hWXLBonm_EttrE6nAt5WQxoa7OyrfbFMfC-xjR-bqXda1EUyuRqbtU-q32i40DWYtibjDBdkdeZkTjzXkSfkK9U2VrAuDMdeXIPsbPL8qLvwvwFETvqytlOBxHeQ_7xXSOpS697JsCKg-G-IYsEUZMOCBDiKjmxrh3_lYBteGEu1_BG25tc8Vt15tAYnxaLVWGvMCYkt4HnT2LgOazfRW8KgQ36KpP8DPlwltjFqpDM3urY9l-M8
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
Content-Range
bytes 0-11052806/11052807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
11052807
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"05e778e572f0951362148c7444fec7d7b9fcff9e"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
F09F93A3.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F93A3.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ae194ce29e7bb4c4a3dc4eac226f2a781d0d179aa9b3c065efa9083e3697bf9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-b50"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2896
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F8FB0.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F8FB0.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3a73af51b01550926c685b940beb98275a4fde236d4d8b0db117f08cd1eea53c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-dc2"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3522
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F948D.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F948D.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7c63622048acfd312b34229e902058d2e6f6bf43b449bac8cd5d9e510905e1f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-9a7"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2471
expires
Fri, 04 Nov 2022 09:00:56 GMT
E29A93.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E29A93.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dcce227a85ed5049132aa40b03b56d9b6bf07b4312baeb3eaff984b6b646dc76

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-880"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2176
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F94A5.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F94A5.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
90b4abfa7281f9465c5d65947c7a035d414ec1add2729ad1a2a5dc2bb7bf9878

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-a15"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2581
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F9193.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9193.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9dda86ee0005000514874f80765a81c56674e21b6bde82a554225730f067985f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-6f8"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1784
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F988E.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F988E.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
54a642e40b1981ded4cfffa9521fe0cdc5237d4cfdafaface8736db4c912cee5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-c93"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3219
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F93B2.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F93B2.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ef975ed953b8db0a0bf2ccdc207ed9ee5cfd05a531b88c2c2fde7f06c5210ca0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Wed, 31 Oct 2018 14:03:57 GMT
server
nginx/1.18.0
etag
"5bd9b64d-a1e"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2590
expires
Fri, 04 Nov 2022 09:00:56 GMT
hHRro4y89BCNkdgyf5MjqnbY_5FXMImmDL9L2h_ZJqeRPmFOWTVWMjYe1bCX2GweevShN3Ag9SRUeeteMMJfgXzpiiTV7cjR6hV3jv3O6X3Zcud0q49WVT7IQMybbtQjinwaB-0Cc2gomSXKSvvSCAVNVNFOqMecEiTSVD-YxwO8kb8bAMqNs884Rz7CKM_uK1qUJ...
cdn4.telegram-cdn.org/file/ Frame DE9A 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/hHRro4y89BCNkdgyf5MjqnbY_5FXMImmDL9L2h_ZJqeRPmFOWTVWMjYe1bCX2GweevShN3Ag9SRUeeteMMJfgXzpiiTV7cjR6hV3jv3O6X3Zcud0q49WVT7IQMybbtQjinwaB-0Cc2gomSXKSvvSCAVNVNFOqMecEiTSVD-YxwO8kb8bAMqNs884Rz7CKM_uK1qUJF6YU1lvZXxC5sSgvBYnoE34KWJCgg0KWcoyzf6PO-2OwXdk-m501U5GhbbWymoeE9iIMUVkMgsa9SmrVprdgnMByYzKeIR8AJUYWw3EmBNSf8Y_1wRomsoZFm9IQgyyYr360L5HuM2Nf10Pmg.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
41c85d7c7908724782f210aa1e851336d3d15f5915653cb470f4af5be2d3cd7d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67113
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"e9712853a0a039a042964d99738192a5d8526c2a"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
Rkm2KzDN_pEQF01J0uGcxER6AxBY3HBa4tCKqyQn2lw4anK0acdmhfqx8PvuvrWK6AE9Lmi9OhjLIILuyza-J9o8mQVlyLuvO6DjhwB0-MY41KcCgP9ADYQII2YSQhxxNUISIyUz891mUBbVvu6glcFf3nB-hiNSi_c2t7apMQGQ36_6a45RU-tSK5ALzomx5_NaV...
cdn4.telegram-cdn.org/file/ Frame DE9A 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/Rkm2KzDN_pEQF01J0uGcxER6AxBY3HBa4tCKqyQn2lw4anK0acdmhfqx8PvuvrWK6AE9Lmi9OhjLIILuyza-J9o8mQVlyLuvO6DjhwB0-MY41KcCgP9ADYQII2YSQhxxNUISIyUz891mUBbVvu6glcFf3nB-hiNSi_c2t7apMQGQ36_6a45RU-tSK5ALzomx5_NaVo4a3W3ca6A84zduQfTIh1ISyhdtIt2XST88PtS5Dxe8jEoRMejvXUDgyMDOJYHGibqiVxzyG1RUCc8cIQ3JSdHhUqZHrhhLbg2v6tHu7CGsEP2cVhdF0_XCSre6G1X1JgxRw7ZKaI5HQe0TOQ.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1acb7dcb32a7fd25daec76d1b1fdaa787359b884f4c4c2a1bb1c018ca93b51fa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41174
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"f0787a7c68bc2c23bae3007e4e048fa715f4ef65"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
E29D97.png
telegram.org/img/emoji/40/ Frame DE9A 		684 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E29D97.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
81003b15fc9afb795bfb737fb5e8f6bbb65ba6c530ed9bc16475690fe11dda1c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-2ac"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
684
expires
Fri, 04 Nov 2022 09:00:56 GMT
qr9opdTNdVQdep4ZsnfCST__6qzHXkFVfusZ21SE22suT7toKiQzOP6C-hauuZ2x8B6FVockFX_yA-UsMkEWZbrXV2OXJYUVYf5KF2hlXBlbyxONG3j-IFHcaAlw1Nv8-YQwNdhXx1CI_2qUDFZSogp2vJ53BSa3fg-JB54zgN82zp2x_1PRj7PKe2oBOpQeMRfne...
cdn4.telegram-cdn.org/file/ Frame DE9A 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/qr9opdTNdVQdep4ZsnfCST__6qzHXkFVfusZ21SE22suT7toKiQzOP6C-hauuZ2x8B6FVockFX_yA-UsMkEWZbrXV2OXJYUVYf5KF2hlXBlbyxONG3j-IFHcaAlw1Nv8-YQwNdhXx1CI_2qUDFZSogp2vJ53BSa3fg-JB54zgN82zp2x_1PRj7PKe2oBOpQeMRfnem4Ql_p8JWb82Mke27EFlfh1etPy1yXl4pPggue1_0CF0iVkmcqwAxJuYRvBwbjdX-lkpIJUfa_pyQ-Tsc2B-wjNdcFOb4P70iD7dNtsbQANWaoudoFWtx2UjOADGAXqx98-6NYNdLyKronSWA.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d78e766d5c55208116e30eaae9956639cc2c16b17a91547d1ac626d0bba0af14
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139292
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"d5c0cbf5cdb38ab0fadfcaa2134aecb5f6106eee"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
K1sBykhpD7jNTwCZwf3cDiAcsLic6PMyOLzaX2bdXzbagZI_xny8sQL64Agny_3cN_MNG5CdsHy2Ivff0YsTKqUtiFJe3YAQDi6qASQn1FJ7jo7Q52qVHhYcwY2RTkdauacC5-qebjvMDhTZVgW-neWbYHrN19wqbQuaZi3EDUwC1bz9YTtOC8tMDX9eFbdOt_8Me...
cdn4.telegram-cdn.org/file/ Frame DE9A 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/K1sBykhpD7jNTwCZwf3cDiAcsLic6PMyOLzaX2bdXzbagZI_xny8sQL64Agny_3cN_MNG5CdsHy2Ivff0YsTKqUtiFJe3YAQDi6qASQn1FJ7jo7Q52qVHhYcwY2RTkdauacC5-qebjvMDhTZVgW-neWbYHrN19wqbQuaZi3EDUwC1bz9YTtOC8tMDX9eFbdOt_8MeNuQnl2Wdlf2U_97s7FtmHqGr_r3Qh9xZY897_jQT_RthFDgvK0MdO91AjijfNgQtsefUgqkFwBVnLuVVLVGma2zwUKcTADQPjJoN7oyj5d7cv3LRr4jWEkcvT81tnGFtT6HO_6jU8TlpM543w
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2d34b1a5747f60c08852ce6709a8c2dfe94cc5ccf0c693224d757c006e1ad5b3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17894
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"25a0551ab91652d72c26ac0ec55d5fea1e954d35"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
Lm3na5WujlhKOvuhQ1-t9SrSGAgayRQRYVMX1DXFdLunNYFg1BeI7BaAgjrkElPa4Uvt8fXmF08tPPPpNNLOV_rUhQf0K1VTnEdvO0OV_Juea-_j87GA_K8NWCzRJa7xVgOCVxU3r4rF6se9iDT5UUvS8rtx3pnJ-O0mmGFvbju_TX8_nEK9NHh_yhKwycSAsOk35...
cdn4.telegram-cdn.org/file/ Frame DE9A 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/Lm3na5WujlhKOvuhQ1-t9SrSGAgayRQRYVMX1DXFdLunNYFg1BeI7BaAgjrkElPa4Uvt8fXmF08tPPPpNNLOV_rUhQf0K1VTnEdvO0OV_Juea-_j87GA_K8NWCzRJa7xVgOCVxU3r4rF6se9iDT5UUvS8rtx3pnJ-O0mmGFvbju_TX8_nEK9NHh_yhKwycSAsOk35P8c_Ol9w8ENkX0xnP4JeKuNuPZzylrdpneYVL9rmCYd3M28o31ubS5s0242Poudbt6ErwE4Jsj5-dr6EBhLuTQCgGFW4KEV9pKdsA37qluT6GvYtaCf_-2WblXJfJ4-Wjh5c-yt83GSH91JpQ.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6e9297588e400bc759a297054036cf991bf9f2f8194b2e23629cda397d24be48
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148693
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"e2ebc3a9ac489249987e39605d1ef3670acbbaff"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
kV11TIhR8MgkPCh4Z19rcFWOspzBFgI1oMV1q_ASPINc_EswcxCLvGllMJ7AGEzJqKs6KcB-wu0lvdwVYvtiHjmfL0SlFYVcpLy6NoVAn12rzo7BYbBe_ug0VwW723UkOJXHcb7Thc3z3K8P-SIpznHATrUF7VIkRDrWiwwQ3b02d3U0jFgOrimaN_WCY4GNbjVIR...
cdn4.telegram-cdn.org/file/ Frame DE9A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/kV11TIhR8MgkPCh4Z19rcFWOspzBFgI1oMV1q_ASPINc_EswcxCLvGllMJ7AGEzJqKs6KcB-wu0lvdwVYvtiHjmfL0SlFYVcpLy6NoVAn12rzo7BYbBe_ug0VwW723UkOJXHcb7Thc3z3K8P-SIpznHATrUF7VIkRDrWiwwQ3b02d3U0jFgOrimaN_WCY4GNbjVIRcB9ZBubxU8N2iieSsO3ARXft8B-QtlFOyp3bOrqPOqI_VoQjxsvSoZtb6cD5ZGO6mwDrpWWUjLQoCvRK1eI_3KiOLoznuejCXA0ljg7Tzs-SVazHFawaFaxN27Gbbi9CiGs5aJQXyZZhyft5g
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
77680c1d7564d58990306283483627d1f611c2d9feb4c995aedf4afd547cd9b0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16369
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"2aad7bb2c81a0c8f09ec656df2295617dc8d2ce5"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
HqyqBmoEqPnytCEYZA9TBzDQboLNfNPcbdnBFy-dLAFj61-wg27yMqAXR9DpGlIJ0h0_q84A1mDkooQFuFKfUUC-nm5Pp0HUNn0tdI9dT6e28XRYzknXr53bQte2LOO8zVpMaPQX2BEZCBkRo-egpkSVCyb3-JkJ88MXkB3d_bgbh48EdzMqYsSv4HVu1CpwKokJZ...
cdn4.telegram-cdn.org/file/ Frame DE9A 		614 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/HqyqBmoEqPnytCEYZA9TBzDQboLNfNPcbdnBFy-dLAFj61-wg27yMqAXR9DpGlIJ0h0_q84A1mDkooQFuFKfUUC-nm5Pp0HUNn0tdI9dT6e28XRYzknXr53bQte2LOO8zVpMaPQX2BEZCBkRo-egpkSVCyb3-JkJ88MXkB3d_bgbh48EdzMqYsSv4HVu1CpwKokJZvYo4WqHnYedne-zTZGHEsQz8qoUCX36oDnfxWlEDlNWqZaCK_jkjTtvZE573-Wd5u1KpHZnyNEvmrCamdSLsfxf-SjJ0usuqUpJfKgmgYmxIgMO-kCrT7xdE4fwCmmoK-0_0PtP19jOFS3acg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cfcde322182a6103211b1115a3d493bc1edff9d7a738df5e396d453603033e3d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
614
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"6b67212ac8725dbaaeb49143f228c23a6b434957"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
Qv36GlqWsKuOXKScfhHN5BjKU4MVl6q1Rx9SF9CV7BD8SMN2UrTOaGs3fwhYDmWuKX7-WADku_tFCoTZf9eZKA7nwcfE8ioCOsIVvU3hJUvg8AHQZQsPGQC_51g5ems9293Q6uIN_yh4EIeF48ELf8op1OUIYurR_zUuWhKUDSSGMI8zWgKLNt-zXJpYnXDBG3gTO...
cdn4.telegram-cdn.org/file/ Frame DE9A 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/Qv36GlqWsKuOXKScfhHN5BjKU4MVl6q1Rx9SF9CV7BD8SMN2UrTOaGs3fwhYDmWuKX7-WADku_tFCoTZf9eZKA7nwcfE8ioCOsIVvU3hJUvg8AHQZQsPGQC_51g5ems9293Q6uIN_yh4EIeF48ELf8op1OUIYurR_zUuWhKUDSSGMI8zWgKLNt-zXJpYnXDBG3gTO_N6L_k6Vtzp21xrMdg7NAwmUJySsMy2nO9JF5LXWICj9HytOu67j4s5qKBRSeybFKwMGu7fxF88aVAchWJTOK9bN7RqcPHg8Pl4OlfpoVLqOgA7-NpVgfJ6Ga1QF_-9JIIYpqeqkSe0oQSFNg.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6b502352cce2915be6263f971ccdcc9988c4805269d9b200820c3e2a46864261
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41949
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"35a95000ca7022e0607360defe0303d8ae66e9b8"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
EI0XgGjyWhl6iFlTr7KapfA5qwWnBTt02oe7IOYCsUEiMbgoM84tRu6hETCuuN8QfTbr-7NAEjh-Zh9jyvYIN8LT1tR_h0JWUTVgJpKJuiAi88iW0Yjr8fXqQtoBl6ZiLWLPWE17gbsYqY1BNMHyn5E9fnAddry8LA1RlcjgpSQZub4zxjrNar_ONt4MWtnj5AOpe...
cdn4.telegram-cdn.org/file/ Frame DE9A 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/EI0XgGjyWhl6iFlTr7KapfA5qwWnBTt02oe7IOYCsUEiMbgoM84tRu6hETCuuN8QfTbr-7NAEjh-Zh9jyvYIN8LT1tR_h0JWUTVgJpKJuiAi88iW0Yjr8fXqQtoBl6ZiLWLPWE17gbsYqY1BNMHyn5E9fnAddry8LA1RlcjgpSQZub4zxjrNar_ONt4MWtnj5AOpebEl26QweYIu3bz2ahatBBUcBfMqRHMbVF4u5sQNSPRh3fVQIPSheXinMGw-20i6o2OG1YudPBQxh8cb8kFDz5eAOlXsy9JCTUE_7yV3xuA74PBvqwwhkhizBQXGcVitasoi274PU8n0wjqTUg.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2f7b27c8f47efcab39c9bf3cf1463a227eff640d917ecb00399019ff11690f7f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55103
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"c000d739a13dd192acaff75cf4d295d1bfdb0f8d"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
E280BC.png
telegram.org/img/emoji/40/ Frame DE9A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E280BC.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4a003dc58f3e95a18e44712b9161181319e6a40613242cbcac158f6dc8d7339d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-4a6"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1190
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F9187.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9187.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6c077a89e644603448ef5dc3a85f2bfbaebab7c0fa53ed827e4e39f72f98a310

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-653"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1619
expires
Fri, 04 Nov 2022 09:00:56 GMT
OQMMq3wViSDy6Hct5VMJ8Cbm88qg85m_tTU1-PTjOSO0z0DQ-SgIwFr7EcAQsAI6dZzEuzh75SXf_TbGC0A8mp74RhhF2FBTfS9EdaMHFKuct1bU18az2rElJ2PjWA1n5sDo-FoTNKLWwpmWFFk8TxeXyshO7ehR1CcPoPTVbBtlZ2CVuHj8cIdaCW-4GwW1g8az5...
cdn4.telegram-cdn.org/file/ Frame DE9A 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/OQMMq3wViSDy6Hct5VMJ8Cbm88qg85m_tTU1-PTjOSO0z0DQ-SgIwFr7EcAQsAI6dZzEuzh75SXf_TbGC0A8mp74RhhF2FBTfS9EdaMHFKuct1bU18az2rElJ2PjWA1n5sDo-FoTNKLWwpmWFFk8TxeXyshO7ehR1CcPoPTVbBtlZ2CVuHj8cIdaCW-4GwW1g8az5taNRe56H87K_jdXEJZGdwxc7COhIwHr-fF1CdRVawflGFfEvJ55IbMHNvE8RELIJKDozfdl0N1rI7Z08xOIVmNNWvcg-KgHJ5LAl3Imi9N7PIwWsRDZuSdXCBQLpBkXpgUuIlyWTPaXNZSYOg.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3381385fc7c38e645dd94c6e86cc48144153d356385fff1fe423fa5a5b472bb1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41708
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"9a752c542ee00e32de4ea21208ce8cdb721666a3"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
MSTk6hK165R4r69JYsdVsLWgBMi2Ebp0pTVsEcAc-8rXfy6oirxn5uWVgPzeaHvnXEOP-BB3Gfr_9F66DMOpXC1iw-fVcVsNZGcO_oLsfaHgqUX9nYNeRp8nIAs6YptFFuQS4ak4oVNN5WRBSJsRzgC8NFeyN41IvxbV-6iX06ZAUrjAQJaLvglf57s9i2ZBFSRJr...
cdn4.telegram-cdn.org/file/ Frame DE9A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/MSTk6hK165R4r69JYsdVsLWgBMi2Ebp0pTVsEcAc-8rXfy6oirxn5uWVgPzeaHvnXEOP-BB3Gfr_9F66DMOpXC1iw-fVcVsNZGcO_oLsfaHgqUX9nYNeRp8nIAs6YptFFuQS4ak4oVNN5WRBSJsRzgC8NFeyN41IvxbV-6iX06ZAUrjAQJaLvglf57s9i2ZBFSRJrEwBOHkLi52Zhn1Lpu16If7jsw_IZL0L39sbJZzc1BvNzau0yON3_2Kf_SnBOURRxicDzN04GiPmnIDEBRP0dcImapcMgapSBTClpeP18uBWEhkSQFnNjkFOrMA6jPzVzom_dm_QtE7k52Oj5Q
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
66606f638cac4ec81584871c3a319b4eddf4d2839f72107d7faabf79bf0d6b7f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12402
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"a9d8b40b47b709335009c43cacae7fe099a040e8"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
H8hJqiVDGTDGCV-Tb8wnqsUEehDRV5Q3PbZEH65uUIyUMqCBVZiTthJgUO4kUHJ3SGNzUoEjbnIL6Dj7CPUSnQ7SmiwU5eiXQnXU4ku-OlJiaBQ4Mc5BpXOpyKuNGOWSN5BHe3G17j988Fl0l4aTZXoDYcfuR6QzA4i0gcOozcNi7QjAzERiIUgkGGij9Am7iiLnY...
cdn4.telegram-cdn.org/file/ Frame DE9A 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/H8hJqiVDGTDGCV-Tb8wnqsUEehDRV5Q3PbZEH65uUIyUMqCBVZiTthJgUO4kUHJ3SGNzUoEjbnIL6Dj7CPUSnQ7SmiwU5eiXQnXU4ku-OlJiaBQ4Mc5BpXOpyKuNGOWSN5BHe3G17j988Fl0l4aTZXoDYcfuR6QzA4i0gcOozcNi7QjAzERiIUgkGGij9Am7iiLnYt7Ap3e-uvgcpGqbStpXV_YEbILqzwBz9QGj7-JJLgo1Iu1pmVsbDGeglv-alIZFGse0VuU1mgEuI81T42ETF8G0ft8vWpVyBNX5BYkoX8pqcnghkX06d_bj6OwgSnQsIEBaYq_H2jee4bZBPw.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f346c5c77002dc488f7ce012eec232cff8f8202e214a5435ce426b112161cf02
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78654
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"330cc3f2868537acc96de7046eece03c85f29f78"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
F09F87BAF09F87A6.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F87BAF09F87A6.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0ad9a17c64cb30ec9df3c4b49b4b25ce305e45440c6a24519e4347f505f4490a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-696"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1686
expires
Fri, 04 Nov 2022 09:00:56 GMT
E29A94.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E29A94.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4fd2c3e7e8fa4d98d719e1cbc3e98b0fea8f90eca687cdb51f79220b48cf40ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-a92"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2706
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09FAA96.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09FAA96.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
47aa9d07562b746b9c3de99512e3fc7daac399b6391a47d1f5ec5fcda471905d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Wed, 13 Jan 2021 21:25:08 GMT
server
nginx/1.18.0
etag
"5fff6534-a29"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2601
expires
Fri, 04 Nov 2022 09:00:56 GMT
MeHlQ3RvhxHUCz65tUdTv8X4iSN_Wf693Ofv_Y64BRbJu986u0i_rhDkMrU-WNuLLtrF_tb0lnJsiVxTiMw4oKUy4YZ0-Ysw0BbRuTesEj6wB1L1LGNumNo180Ae0NQbR0v_hFioI4AEFf83Vxg7LL7s8LHv4BxxWL3XWDhtQ8tp8fAoKeEnPbm9V-5ShpP3NUwTq...
cdn4.telegram-cdn.org/file/ Frame DE9A 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/MeHlQ3RvhxHUCz65tUdTv8X4iSN_Wf693Ofv_Y64BRbJu986u0i_rhDkMrU-WNuLLtrF_tb0lnJsiVxTiMw4oKUy4YZ0-Ysw0BbRuTesEj6wB1L1LGNumNo180Ae0NQbR0v_hFioI4AEFf83Vxg7LL7s8LHv4BxxWL3XWDhtQ8tp8fAoKeEnPbm9V-5ShpP3NUwTqRB8ZU8-1Cf8Ej_s6hbXtXF7GwLZoKlRDqi1cU8C0MSBrX3ZHo17dZm_b3mZVakwKh15w0aew0tuUVmuyRna_8jmUlNvSO-ZYtkh40ZUbZz-So6tkKOGRAiHew2r4ZRQYgNFRnhS37fqSVWOug.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7e9ed810f4b4f2adbbc013a94aceeb1a23966f0aaf1f30012c51f09cb6facb5e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92309
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"5387e63aead320f602ad68e2cc869c1e47e48483"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
dchltFnKx11U2V90M4qp0cn0ZdUZJUN6WoXphjWo_w0ZDRhkjIEkDuIcgdcHNWKDE-MIy1E3BNY_pay-KoYgsQEPP-w85M3Xf_la4FTDNVNsserkzx3CDZWfVEOt4HuO7tetUBlBj7FNcbaUq6Bd2OuM0mtQwbGNeGVANIFk1Cy8AK6U6EfQ8eT8e_dOT2xAdcI0b...
cdn4.telegram-cdn.org/file/ Frame DE9A 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/dchltFnKx11U2V90M4qp0cn0ZdUZJUN6WoXphjWo_w0ZDRhkjIEkDuIcgdcHNWKDE-MIy1E3BNY_pay-KoYgsQEPP-w85M3Xf_la4FTDNVNsserkzx3CDZWfVEOt4HuO7tetUBlBj7FNcbaUq6Bd2OuM0mtQwbGNeGVANIFk1Cy8AK6U6EfQ8eT8e_dOT2xAdcI0bmMfR88NRok6WdlHgk7uOogUbJ0CSNKoo9jtQx4J3GRFN0Yz9ZA62VJlbi0WYKfXQEavgRbYviu_um3j8lUJUe3ehQt8Vrj6Xhq3dfGXhLL4T8EbchS_-Nzx84weSKjeizqi34Ryl15OFyenWw.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
eb0097db47de9e370b9a16dbdbb0034e688caa3032a78612974d7769026d3dec
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216935
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"20f94b498f34c0c76fd238fd3de33c82b9a397a4"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
eRnbhv9LGwrJxKvrCt5u2gQGLAom4BV49TecZ8Xg3S3ADnzFT_3Skv5tvsL7Mam2uI1ttfxud57D4J3Z-PIgcugsaKcnXGL72urex0905dWR5wS4JKhh7td9fQt6mVB8isQTHf5QYvbufvAnSeqftLcVPtRtHlWOUX-SZ9C4pDYB3alrbKoHET8P9y2AJpN8aCEL2...
cdn4.telegram-cdn.org/file/ Frame DE9A 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/eRnbhv9LGwrJxKvrCt5u2gQGLAom4BV49TecZ8Xg3S3ADnzFT_3Skv5tvsL7Mam2uI1ttfxud57D4J3Z-PIgcugsaKcnXGL72urex0905dWR5wS4JKhh7td9fQt6mVB8isQTHf5QYvbufvAnSeqftLcVPtRtHlWOUX-SZ9C4pDYB3alrbKoHET8P9y2AJpN8aCEL26zt6k_FA2yAueKs4xvjcqCyEm5tRKbAbjmIZjl7nW_3Khg7vk3NAACa9Oz7Z6x6c3eoNuW85gQvwkvxCQRyu8Sm6H9k63CgVDZiYRru25OQY8lnXXWsXPg51rK78D-iNVrlyuKsaQtoZ5YCQw.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a8ded3ad6c2f222cd6fee8328a475ff7f4a0725d5a4f448e3175afd9f7889c85
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88553
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"80c27dfcea7a36440974b33121e5891b324b4050"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
EEruAd4WTxAwbMXCN04M9OZvWGWPJR78CRO3ZJ03F_vtpNtYQwdZp4xTKrxiYIt2od9NakytCY2jtdgN2_mpLVHRjiHOCQxCn4RkwavkiLFku2X59o6bS6ytP929l6V74nIfH4hdNVISI4-IjEaok1RVjRZbJ2tr054GDwSQKeQfwOeoT9xtwkRI5zx8ZxlK-Q5yu...
cdn4.telegram-cdn.org/file/ Frame DE9A 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/EEruAd4WTxAwbMXCN04M9OZvWGWPJR78CRO3ZJ03F_vtpNtYQwdZp4xTKrxiYIt2od9NakytCY2jtdgN2_mpLVHRjiHOCQxCn4RkwavkiLFku2X59o6bS6ytP929l6V74nIfH4hdNVISI4-IjEaok1RVjRZbJ2tr054GDwSQKeQfwOeoT9xtwkRI5zx8ZxlK-Q5yuTxcZDAKAn06Y2Yqpy3dCHUwvzNFDQQeCrWi1-3x_F489STJP-hqWE1pOO2UvTZEfQfF95c6tLt4Acn4rhhy7CwqPWi5RR4I5kkg0j62HfW4khyK_64UcSomLJywYN-RuCMh3KOCwZfdxKoN0Q.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6254db7fe727a37de66515993d741b094c45df9715c33a32dbf993ee8b3c20e5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155684
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"80917381cf62f6792cc8185167892a673bf5171f"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
E298A2.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E298A2.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
89b5323bc8ec96c1ba2e05645ca91ea408458334f69330e80b5fbfb73f33a790

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-77b"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1915
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F98B3.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F98B3.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
eb7451c66790840a3181f487dbcfedc373d9d10efa87b23baa1087930397998f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-d44"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3396
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F9886.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9886.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
829f31120b62520ca2f867d310d77f6e9eabbc95bb669a9300aa82bccf6b53c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-c6e"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3182
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F9882.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9882.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
75eeb7b11d00a114eb8e4184d3ea4ed9ae1aa4531ddd27f3a6a32cb368f74fed

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-d31"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3377
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F9884.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9884.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
97af8c28ae779c92b3dcaaf61845f821cdb307c3426c6cdf5606d351af10f792

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-c16"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3094
expires
Fri, 04 Nov 2022 09:00:56 GMT
E29AB0.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E29AB0.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f87eececfce9a0eb07739ae5030e022e1f415b462ecd8c32b2e84ce3b52c15d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-b40"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2880
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09FAAA6.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09FAAA6.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
97c6c183e2df976693a9439f544eecfe4337229ee41ffb89b5d78f8da707b168

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Wed, 13 Jan 2021 21:25:08 GMT
server
nginx/1.18.0
etag
"5fff6534-8fe"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2302
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F918DF09F8FBB.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F918DF09F8FBB.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3d176763a552c8a6f25c3db3e4f21f56bb1b02fbdf4e819937b9ea116e204470

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-740"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1856
expires
Fri, 04 Nov 2022 09:00:56 GMT
OhBLEzIVjZfTRJ-uIL5GjJ8TWCmYBF5NHPNaoqTpg6FqjEV3KgPGH3UdTvm5VKVGDMi9lgsyUN9otB5gS8YdOcOPNWotag_H9_zuPXtxyLJq6D72chQRGqNSa0R6fUQiP5igwuAiSQ11Ocbr1IcFp-K1nr63UEX8RmWP228xD9UXFSU-B_6vEVNz7_Y2baDmUse55...
cdn4.telegram-cdn.org/file/ Frame DE9A 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/OhBLEzIVjZfTRJ-uIL5GjJ8TWCmYBF5NHPNaoqTpg6FqjEV3KgPGH3UdTvm5VKVGDMi9lgsyUN9otB5gS8YdOcOPNWotag_H9_zuPXtxyLJq6D72chQRGqNSa0R6fUQiP5igwuAiSQ11Ocbr1IcFp-K1nr63UEX8RmWP228xD9UXFSU-B_6vEVNz7_Y2baDmUse556BU4SiXVSAkaB2oNvGEMp17enuhhakJ8R3yk8CArahXo_FEE0pV9bVqYjIfpT2_6hmNrQQNkr493xrubAe9X44Kyf-HFF0bYnbOj2LMxOLydv4D--dAwojwsY9HmWPB42ttcSW2pXx7NXD_ig.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7f9d82ef51d906a46f993247b4c73c79073fff8c3484941274e0b6aea1efaca8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50525
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"d80dd263516572abbf7ab1c2baad1667a258c6ad"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
E29C85.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E29C85.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d097bda59092b06b5bb3051bbef1791e8a7fc533a5aa62e40e898b3ec9308249

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-666"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1638
expires
Fri, 04 Nov 2022 09:00:56 GMT
E29EA1.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E29EA1.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3cd57cf64aa125c4c295b7e3d529c0c19fdf572ea1438dd252f7ef2bf05c8a1c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-64e"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1614
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F9494.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9494.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5b705277a119afee1fb398b5fa8c2b880b620e258c85c8ae79dfc409d8cafea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-af9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2809
expires
Fri, 04 Nov 2022 09:00:56 GMT
mdbLDSXc3pRX11hOwNa7k_hZDwExMbnyi_bLmljyajUlllcbG3EQ78B_gvQ747ZG11Cd3ENbSor2dOojnttofej-NCiKZGEvAhG-EOaDFiL3nhmJthbSPK1-8DhHTIUcbpmFE2FTI42C3WI0WqPerwv-sZDAPgQyrw-SdXl5rkTAZV3kuTcy_7aVBQjy3O3r-DnBX...
cdn4.telegram-cdn.org/file/ Frame DE9A 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/mdbLDSXc3pRX11hOwNa7k_hZDwExMbnyi_bLmljyajUlllcbG3EQ78B_gvQ747ZG11Cd3ENbSor2dOojnttofej-NCiKZGEvAhG-EOaDFiL3nhmJthbSPK1-8DhHTIUcbpmFE2FTI42C3WI0WqPerwv-sZDAPgQyrw-SdXl5rkTAZV3kuTcy_7aVBQjy3O3r-DnBXg2-A-zxvQ4FRgC_9BchONTWaFpQuTaUI47ewapHmuWJmCQhedqaFc7iC-i_rD32Mu0cojX6rDl6x_GMU99cCCPsNJG4-0YEBOPgvx2TJ7DzTTSsVfd44__NgeJXg6zze1GfapFR0IoSdsDwRg.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d5ab93c1b1567d531a27d123c41f8bd4a724d87fafea5074f56597f5b4d50642
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59676
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"1582fcd533778e50bf7ef159149f96a19bf24cd4"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
F09F8EAF.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F8EAF.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4240b412e288fb05bb4191bab38475d283c86dc8db56c87c9d0614b01b737d7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-ac5"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2757
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F8F81.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F8F81.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5fad8d7ef9400cec405cca8b4c5355d82f877900e35df0d861e1bf4ababa31c9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-7c1"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1985
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F9BA1.png
telegram.org/img/emoji/40/ Frame DE9A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9BA1.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b7c76724466a1425b0ad3d041f1d9b70af514baa66830674e842372dbedd6d79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-9e3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2531
expires
Fri, 04 Nov 2022 09:00:56 GMT
F09F9A80.png
telegram.org/img/emoji/40/ Frame DE9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9A80.png
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b09cb1f183ad143a1e9645642498f058b7cc36c7a74c331edf80230cf6b314fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-bb5"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2997
expires
Fri, 04 Nov 2022 09:00:56 GMT
FQ82Zyw5fUMw3dZwnjHfsEpkDp7o25K8gHUh-c6t4RS_3gM2tdMsZuDn3UT_7DFHPpEI46Dsa6Sqzmix3mJzAvSKOkduOf575IDRRQAYMMcJKDmy1qo7uDJ49rENjArbaF3Ke8_DJMXY9fVh2foUU0yyytBs7TVVzvjfbhxDdlIroZDVSdyNLuSeUdRypE28QHlI-...
cdn4.telegram-cdn.org/file/ Frame DE9A 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/FQ82Zyw5fUMw3dZwnjHfsEpkDp7o25K8gHUh-c6t4RS_3gM2tdMsZuDn3UT_7DFHPpEI46Dsa6Sqzmix3mJzAvSKOkduOf575IDRRQAYMMcJKDmy1qo7uDJ49rENjArbaF3Ke8_DJMXY9fVh2foUU0yyytBs7TVVzvjfbhxDdlIroZDVSdyNLuSeUdRypE28QHlI-RoOg8Mw_6lEEoJeOoSRDnbu7anbjdxGpfiquL77BFZMxj1IZypeiiDAcJtfb5ABRyc8ndJ1QVrp1OZ4B1xPtaMjTAH8O7DlkHzp5K-vOZjNwJWgEv-Z3LrLXCXmEdjSgTC0yfLxmO1nr1hTBg.jpg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
9d04afca237ea834243b63da47c2d0e8229dc5c7effd0ca9f7acfc82a8d38fc1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
content-security-policy
default-src 'none'; sandbox
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29261
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"74485d82e5ff6278ebde64d2b4d164f7aedc9ec4"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
telegram-web.js
telegram.org/js/ Frame DE9A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-web.js?14
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 10:32:52 GMT
server
nginx/1.18.0
etag
W/"62345fd4-2e63"
content-type
application/javascript
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
widget-frame.js
telegram.org/js/ Frame DE9A 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/widget-frame.js?60
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b4dc7118464c434f7caac42fd0535dac1102dfcace0feb4c35e3bb29594b14c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 08 Oct 2022 23:46:30 GMT
server
nginx/1.18.0
etag
W/"63420bd6-16c85"
content-type
application/javascript
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
tgsticker.js
telegram.org/js/ Frame DE9A 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/tgsticker.js?29
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dd6e691a27d07125e04993917cfb3f75ac9d8926f6b66d7c2e45368aa130e660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 21:52:44 GMT
server
nginx/1.18.0
etag
W/"62bcc9ac-5faf"
content-type
application/javascript
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
tgwallpaper.min.js
telegram.org/js/ Frame DE9A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/tgwallpaper.min.js?3
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 19:57:25 GMT
server
nginx/1.18.0
etag
W/"62211da5-ba3"
content-type
application/javascript
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
jquery-ui.min.js
telegram.org/js/ Frame DE9A 		96 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/jquery-ui.min.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-181a9"
content-type
application/javascript
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
jquery.min.js
telegram.org/js/ Frame DE9A 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/jquery.min.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-1762a"
content-type
application/javascript
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:56 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame DE9A 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11028
expires
Fri, 04 Nov 2022 09:00:56 GMT
truncated
/ Frame DE9A 		683 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DE9A 		496 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ Frame DE9A 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b40"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11072
expires
Fri, 04 Nov 2022 09:00:56 GMT
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
telegram.org/fonts/Roboto/ Frame DE9A 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-19e8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
6632
expires
Fri, 04 Nov 2022 09:00:56 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
telegram.org/fonts/Roboto/ Frame DE9A 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:56 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-193c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
6460
expires
Fri, 04 Nov 2022 09:00:56 GMT
dd52fcd0fe.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		65 KB
65 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/dd52fcd0fe.mp4?token=W8hNHCSJ6Stq_EMtP1T1oiMrnCThb8Sds9F_z_BMMh8FidE3_gP0uEJjgrtOKRAu_1JsFi56u_2e9jvolRnTMt5Y84Q0iBvOUOMqZHlE1FrH31wumf8WIIKKVIDwGX-uPhmxxWTreenZhi_vFVf_6HlRLUAYjgsqswyE9b1wScj_Ahsy3pB9-Y9_xZMdCFVY16A-QEvx4rqWwC7tmbzih5nR8trSfOSN3_rJrNZeG-gjQWO1_xAnKx4CSjkziqdRolQqApr9WEG8HFWRUg__JVzU9pkuC0yTyBw4hXicSw7n_gP9uMm4_HDSxTLO7B72qJbpFY_BDxM9E40m3m9PNg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0df600db928a5580475febac2e04b49a9a2bcb3e98543275dc823f65032829c1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=6160384-

Response headers

content-security-policy
default-src 'none'; sandbox
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 09:00:56 GMT
via
1.1 google
age
0
Content-Range
bytes 6160384-6226874/6226875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
66491
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"27f6681da71ad0f7a0e4105f98788030f7e24dbe"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
640a99eec6.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		46 KB
46 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/640a99eec6.mp4?token=j6lI9PliAU5lZmpJRi_tQ4xaCwJ9ER4qscKbhzrNwYYjuOrBAGb9XfI_6VD8XH6Truru2CW0VEcCQNDb6wO8wMeMtTbV6ZMh-tfW2Aw0wjH8FAVLhUCQMnn_-PEX_W5AtvjD8PqDkN7LaNeTJMnJ_8Q53JwlUd7jeAvBE24r7UQjIIMl401UvcgIV9f1lfAceURoAJp-BN6DmAXnSze1vwdh3M-9o8Y1QTCvJRBeqi1zdTBMkvH-EW5UZhXWwvy_Jc_K_EvDy9Pzzrf9tQ5KCj8jM4HnvYoUomh6k6vRUJz89rokgWSctL_IKCCOf2XyQXniKZCocMsusz-vHFmPrA
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a1b3299e5e7466757da9fb719a05c807cd2979ed1dcb8371436e14156fb2c558
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=7045120-

Response headers

content-security-policy
default-src 'none'; sandbox
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 09:00:56 GMT
via
1.1 google
age
0
Content-Range
bytes 7045120-7092010/7092011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
46891
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"7166de1c7986d19a2d592dfe1af563d27fd06963"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
030b841d25.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		74 KB
74 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/030b841d25.mp4?token=GpH_Yx1WJFu6oS7ORnOcm7vE4PzAEQRW3bF5plI5-7gE_8NYKAsXwXkGP_dmSGR1WETXB4qH0pEZRqI6HFmbsq4w0ozv5hvmg8JEOZRxXSpZuiMD8nYjY-YFGKXSt1-YSLZuHp9MuRyuuASAI4MxatgQJHmJzeNBsYWT2GK6EfvOFIEyVUqVXVCyU9uinDEOFsHpF_3STxnE3f6Q9B2VqYl5bxkz0txrIndNGDpTETC7EE9VZGaRTG4Rhr_c-rCpL6p1qXlrqx_rk1eEBS16vTHqT4iJN0Mh388nohv_832XM9FWvoseGMDhtoO1sKdD5BxAi8M1yPPj_-bFaE2PGi4-Hw3DwfOWlHp4zDuk1_LZpVbYl1O6Rr92-5Z24NnQFcvzyJMMfLQC52R7Gfr6NJ2oJ_2E5RLL0jRLSLgNFBAU4oqD4QVwS48hWXLBonm_EttrE6nAt5WQxoa7OyrfbFMfC-xjR-bqXda1EUyuRqbtU-q32i40DWYtibjDBdkdeZkTjzXkSfkK9U2VrAuDMdeXIPsbPL8qLvwvwFETvqytlOBxHeQ_7xXSOpS697JsCKg-G-IYsEUZMOCBDiKjmxrh3_lYBteGEu1_BG25tc8Vt15tAYnxaLVWGvMCYkt4HnT2LgOazfRW8KgQ36KpP8DPlwltjFqpDM3urY9l-M8
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c5d5d4a63737d2730eae49d88c3ac64f0ba572bffd5068a99e7206064745243d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=10977280-

Response headers

content-security-policy
default-src 'none'; sandbox
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 09:00:56 GMT
via
1.1 google
age
0
Content-Range
bytes 10977280-11052806/11052807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
75527
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"05e778e572f0951362148c7444fec7d7b9fcff9e"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
640a99eec6.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		75 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/640a99eec6.mp4?token=j6lI9PliAU5lZmpJRi_tQ4xaCwJ9ER4qscKbhzrNwYYjuOrBAGb9XfI_6VD8XH6Truru2CW0VEcCQNDb6wO8wMeMtTbV6ZMh-tfW2Aw0wjH8FAVLhUCQMnn_-PEX_W5AtvjD8PqDkN7LaNeTJMnJ_8Q53JwlUd7jeAvBE24r7UQjIIMl401UvcgIV9f1lfAceURoAJp-BN6DmAXnSze1vwdh3M-9o8Y1QTCvJRBeqi1zdTBMkvH-EW5UZhXWwvy_Jc_K_EvDy9Pzzrf9tQ5KCj8jM4HnvYoUomh6k6vRUJz89rokgWSctL_IKCCOf2XyQXniKZCocMsusz-vHFmPrA
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=32768-

Response headers

content-security-policy
default-src 'none'; sandbox
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 09:00:56 GMT
via
1.1 google
age
0
Content-Range
bytes 32768-7092010/7092011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
7059243
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"7166de1c7986d19a2d592dfe1af563d27fd06963"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
dd52fcd0fe.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		100 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/dd52fcd0fe.mp4?token=W8hNHCSJ6Stq_EMtP1T1oiMrnCThb8Sds9F_z_BMMh8FidE3_gP0uEJjgrtOKRAu_1JsFi56u_2e9jvolRnTMt5Y84Q0iBvOUOMqZHlE1FrH31wumf8WIIKKVIDwGX-uPhmxxWTreenZhi_vFVf_6HlRLUAYjgsqswyE9b1wScj_Ahsy3pB9-Y9_xZMdCFVY16A-QEvx4rqWwC7tmbzih5nR8trSfOSN3_rJrNZeG-gjQWO1_xAnKx4CSjkziqdRolQqApr9WEG8HFWRUg__JVzU9pkuC0yTyBw4hXicSw7n_gP9uMm4_HDSxTLO7B72qJbpFY_BDxM9E40m3m9PNg
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=32768-

Response headers

content-security-policy
default-src 'none'; sandbox
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 09:00:56 GMT
via
1.1 google
age
0
Content-Range
bytes 32768-6226874/6226875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
6194107
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"27f6681da71ad0f7a0e4105f98788030f7e24dbe"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
wp-emoji-release.min.js
49000.com.ua/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188831
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Oct 2021 15:31:58 GMT
server
cloudflare
etag
W/"4705-61781f6e-8d45fe5289bf503;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JONgGCRKHwHYnk%2Fj9V3TczziCgbjZrUVtJLQArmtE1yzF7sOeUF6ixhD8tlpIBCSYi6oOejzDN18yfyAo7f%2FWiqLIvc6ISuuwfEUTG05388yE0nGYb0PFA%2BToHPrt4kFKaYtCrX1c49FVgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
762b3409eb067711-LHR
expires
Sun, 29 Oct 2023 10:33:46 GMT
030b841d25.mp4
cdn4.telegram-cdn.org/file/ Frame DE9A 		287 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telegram-cdn.org/file/030b841d25.mp4?token=GpH_Yx1WJFu6oS7ORnOcm7vE4PzAEQRW3bF5plI5-7gE_8NYKAsXwXkGP_dmSGR1WETXB4qH0pEZRqI6HFmbsq4w0ozv5hvmg8JEOZRxXSpZuiMD8nYjY-YFGKXSt1-YSLZuHp9MuRyuuASAI4MxatgQJHmJzeNBsYWT2GK6EfvOFIEyVUqVXVCyU9uinDEOFsHpF_3STxnE3f6Q9B2VqYl5bxkz0txrIndNGDpTETC7EE9VZGaRTG4Rhr_c-rCpL6p1qXlrqx_rk1eEBS16vTHqT4iJN0Mh388nohv_832XM9FWvoseGMDhtoO1sKdD5BxAi8M1yPPj_-bFaE2PGi4-Hw3DwfOWlHp4zDuk1_LZpVbYl1O6Rr92-5Z24NnQFcvzyJMMfLQC52R7Gfr6NJ2oJ_2E5RLL0jRLSLgNFBAU4oqD4QVwS48hWXLBonm_EttrE6nAt5WQxoa7OyrfbFMfC-xjR-bqXda1EUyuRqbtU-q32i40DWYtibjDBdkdeZkTjzXkSfkK9U2VrAuDMdeXIPsbPL8qLvwvwFETvqytlOBxHeQ_7xXSOpS697JsCKg-G-IYsEUZMOCBDiKjmxrh3_lYBteGEu1_BG25tc8Vt15tAYnxaLVWGvMCYkt4HnT2LgOazfRW8KgQ36KpP8DPlwltjFqpDM3urY9l-M8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://49000.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=32768-

Response headers

content-security-policy
default-src 'none'; sandbox
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 09:00:56 GMT
via
1.1 google
age
1
Content-Range
bytes 32768-11052806/11052807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
11020039
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"05e778e572f0951362148c7444fec7d7b9fcff9e"
x-frame-options
DENY
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/wp-content/plugins/simple-facebook-twitter-widget/js/simple-facebook-page-root.js?ver=1.7.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf3d2214b30a8f3752a9e3d0c1c1a3b2c0f9a707c41381aae3dd444aed74b149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 09:00:57 GMT
content-md5
3H1XjagIV9Gt7t989F7wdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
oM6RBo4kBULEumFmwCTNUwskqvxTv5wNoUYLGPHPdqSUkLRNSB2AszeDitUaBYrfbNItyb27fiX4rJXsSZNsqg==
x-fb-trip-id
917726464
x-fb-content-md5
018ae5da31b987faa9dc2927914b82c6
cross-origin-opener-policy
same-origin-allow-popups
etag
"abd8fc836fef9ec929a8a5727e2276c3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 09:19:34 GMT
pattern.svg
telegram.org/img/tgme/ Frame DE9A 		225 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/tgme/pattern.svg
Requested by
Host: telegram.org
URL: https://telegram.org/css/telegram-web.css?35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://telegram.org/css/telegram-web.css?35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 09:45:08 GMT
server
nginx/1.18.0
etag
W/"62208e24-385d7"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=345600
expires
Fri, 04 Nov 2022 09:00:57 GMT
/
49000.com.ua/v/ Frame DE9A 		4 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://49000.com.ua/v/
Requested by
Host: telegram.org
URL: https://telegram.org/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
*/*
Referer
https://49000.com.ua/wptelegram/widget/view/@dnepr_49000/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.29
x-litespeed-tag
627_HTTP.404,627_HTTP.200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Origin,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XOdoUSy%2F1UiRKATRiBr6aBrnt1cb2lc7c5QexkbvToRJuVVBK1ab57y912o2iwBOAVNW%2BhaexfJO%2BEhAHD5H35MOBA9SRhSzQwyAuhNeqfOXcBUD2T3vcY5FNEz27QxzRhY3WUxsrWqb%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://49000.com.ua
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
cf-ray
762b340a4c0f7711-LHR
link
<https://49000.com.ua/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 08:50:53 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
604
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 31 Oct 2022 10:50:53 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Oct 2022 09:00:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
79S9yhSw7RQvtokJGkIoHGTF/MxyZ/p5fARvW4f4oLCPEuQBboIvnzkz4cTUxBoGUadRPijhPrdC2v2JgJROrw==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
49000.com.ua.747853.js
jsc.idealmedia.io/4/9/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/4/9/49000.com.ua.747853.js?t=20229319
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f572771d285678869ac7ff18c671c1b17ce6b624e8d063ef14d1fba9ae08acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
gzip
x-amz-version-id
MwsUDrz3PEivlcdEV33gaFT_YaYLZ7xm
cf-cache-status
REVALIDATED
x-amz-request-id
J6NAAHB3D3MD77Q7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
908
x-amz-id-2
JV6FG60Xi2rJ64BnWdksAV4mi54lfd+L3HOPAVbmwmTLXAKhgRC0DgOIRwin4xL1Q92ZqVG6dNU=
last-modified
Wed, 24 Aug 2022 10:05:28 GMT
server
cloudflare
etag
"a1a3ec7d8b75ab5ddb6951d7de09730c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
762b340afa287750-LHR
expires
Mon, 31 Oct 2022 12:00:57 GMT
/
informer.minfin.com.ua/gen/course/ Frame C9EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://informer.minfin.com.ua/gen/course/?color=yellow
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9ded812c2793bb47af5e0ac5bb6d77d3e681d8dd518edbc0dd45415440ac98

Request headers

Referer
https://49000.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
762b340b18bc742b-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 09:00:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8O8GABxfGN4dulOHPmr4G4esQMYlsWIrzZfzwABNuTihXZLC6%2FVgk5FU504Hywt7YoHEHRFUSVqaCyeE4lbSNpDDlZqKhuKO9MKmLLAvuhrA2KhtzJ5He8bexCn3YpibcY5fxytjQLdJVXHKC53jRTAIu0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
informers2.css
sinst.fwdcdn.com/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sinst.fwdcdn.com/css/informers2.css?v=1
Requested by
Host: sinoptik.ua
URL: https://sinoptik.ua/informers_js.php?title=4&wind=2&cities=303007131&lang=ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
gzip
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 07:03:52 GMT
server
nginx
etag
W/"57469fd8-3d41"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Tue, 31 Oct 2023 09:00:57 GMT
49000.com.ua.1338774.es6.js
jsc.mgid.com/4/9/ 		255 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a660200bd7da495c00c41354af551bc1c3b2550983aa53187f8181a6e655986a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-amz-version-id
bV0w6pd5WIXRevijeaKsskaAkC5MjCVH
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
K847KGP052H2GD2G
cf-polished
origSize=260745
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
XXB7UlsDSB2aGZpCVbHqdS+xQZ7NzBzTy2yLfJO0IgDUWV50dhHTqsx2pRVP/i0fZy+7NsWSHMM=
cf-bgj
minify
last-modified
Wed, 24 Aug 2022 10:28:50 GMT
server
cloudflare
etag
W/"6a3aeecb2f05ec8756eac1c2c62c9f70"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
762b340abbc071da-LHR
expires
Mon, 31 Oct 2022 12:00:57 GMT
sm.23.html
static.addtoany.com/menu/ Frame 053D 		741 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://49000.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1590813
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
762b340ab8827697-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 31 Oct 2022 09:00:57 GMT
etag
W/"2e5-5cc9e128a4c38"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e2s
x-content-type-options
nosniff
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ 		397 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7062e72edad5a2fb54912ad146b3c9009adc2af7f3d7c5b0dcf73ca8db87fc10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 06:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161443
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 04:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 06:26:31 GMT
logo-t2.png
sinst.fwdcdn.com/img/informers/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/logo-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
247487e5c8e756cc99c1d14f2494b027819eecac4aedf9ff01b6446459b015ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-512"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1298
expires
Tue, 31 Oct 2023 09:00:57 GMT
hlc-t2.png
sinst.fwdcdn.com/img/informers/ 		181 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/hlc-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-server-by
sinfe3
last-modified
Wed, 05 Nov 2014 09:28:02 GMT
server
nginx
etag
"5459eda2-b5"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
181
expires
Tue, 31 Oct 2023 09:00:57 GMT
term-t2.png
sinst.fwdcdn.com/img/informers/ 		406 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/term-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-196"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
406
expires
Tue, 31 Oct 2023 09:00:57 GMT
s-informers-t2.png
sinst.fwdcdn.com/img/informers/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/s-informers-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-8433"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
33843
expires
Tue, 31 Oct 2023 09:00:57 GMT
frc-t1.png
sinst.fwdcdn.com/img/informers/ 		155 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/frc-t1.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-9b"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
155
expires
Tue, 31 Oct 2023 09:00:57 GMT
flc-t1.png
sinst.fwdcdn.com/img/informers/ 		148 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sinst.fwdcdn.com/img/informers/flc-t1.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-94"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
148
expires
Tue, 31 Oct 2023 09:00:57 GMT
sdk.js
connect.facebook.net/ru_RU/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=a5226493a05be65371edd68b96c2aa53
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0c4bf060f35d3014d2a78498b6523bb7789101da2960a8841eae0d36b0c6348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 09:00:57 GMT
content-md5
0il15rrfO3Hi9htrlAsHZQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88641
x-fb-rlafr
0
x-fb-debug
q87gbsBEGekRIuug4HfXljs61rH0UcTvllDeiLo1w+uhuX2fHd8RAHlRNJkKdIQ55950Cv1/vKbBYXxZxvy72g==
x-fb-content-md5
e854a8420a9edbcccd33329ba975b3af
cross-origin-opener-policy
same-origin-allow-popups
etag
"3a67bccf07963292ea142ea581cc0440"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 31 Oct 2023 08:12:04 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Oct 2022 09:00:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20715
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0iOxDEe/KY/aQ/8fVckWLTev+UprzWatXzVzG5l4t/OLsk0EILMkUf6yTNc4/i3qNWUXhTe1dxYFsZPFyHJ35g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
382656942094537
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/382656942094537?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b619e0d075aeb70019a5f94e1d12041599fe41ac0d912106d4972ed22c35e2b0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Oct 2022 09:00:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wNwu8cfEn0oSL1v7AF9y4lHeapH/ZcQF5KL7XCC5l9qK59C7C4rkIQs9RlHda5fPZsV6uEeiWzGKh9b8B58pog==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=379320064&utmhn=49000.com.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104689178-1&cid=512367901.1667206858&jid=1881990922&_v=5.7.2&z=379320064
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104689178-1&cid=512367901.1667206858&jid=1881990922&_v=5.7.2&z=379320064
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104689178-1&cid=512367901.1667206858&jid=1881990922&_v=5.7.2&z=379320064&slf_rd=1&random=2487188991
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104689178-1&cid=512367901.1667206858&jid=1881990922&_v=5.7.2&z=379320064&slf_rd=1&random=2487188991
Protocol
H2
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104689178-1&cid=512367901.1667206858&jid=1881990922&_v=5.7.2&z=379320064&slf_rd=1&random=2487188991
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reset.css
informer.minfin.com.ua/gen/s/ Frame C9EA 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://informer.minfin.com.ua/gen/s/reset.css?1.4
Requested by
Host: informer.minfin.com.ua
URL: https://informer.minfin.com.ua/gen/course/?color=yellow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f934b9dcb83e66d7d9d97961ff48c91e981f7d2277b35db090be6de194354fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://informer.minfin.com.ua/gen/course/?color=yellow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1658
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 26 Oct 2022 11:49:46 GMT
server
cloudflare
etag
W/"63591eda-67a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7SpSpGW6qtaJ1dvkImt3azeCHNloxlNGOR3eViWCCVBOJ6O5gY03fXsVQ5YfP%2BfBpCkQ5MDJa%2FASc7NFIrXMikBnVHC5V7lHu6HuFq2jgP6PsEdl6z7hrfwEkt9x8ZXhy7Z2LFtOY8zJkVtjFs58Wdtq4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3600
cf-ray
762b340c3b3ddcbb-LHR
expires
Mon, 31 Oct 2022 10:00:57 GMT
course.css
informer.minfin.com.ua/gen/s/ Frame C9EA 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://informer.minfin.com.ua/gen/s/course.css?1.4
Requested by
Host: informer.minfin.com.ua
URL: https://informer.minfin.com.ua/gen/course/?color=yellow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7f356101f19500f3aec6125f09474270ec51d0056af02afe1d80e1b2683a34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://informer.minfin.com.ua/gen/course/?color=yellow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2904
cf-polished
origSize=8901
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 26 Oct 2022 11:49:46 GMT
server
cloudflare
etag
W/"63591eda-22c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD2iyNnhKL6OjyfQsnxGlmAyJJrlMmfVcK7Czs%2BrlvVHvCiQlhs2zTfCk2XJact8%2BB7TzXIiQNPZuqVfR6bG9Fd0PO%2B%2F1AXNL5Naie4PtMb3oZDMDkSxaqzik5QUK%2BJp16ev6E2qnNJniDd%2Bp32avBjbeDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3600
cf-ray
762b340c3b41dcbb-LHR
expires
Mon, 31 Oct 2022 09:12:33 GMT
49000.com.ua.747853.es6.js
jsc.idealmedia.io/4/9/ 		265 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/4/9/49000.com.ua.747853.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/4/9/49000.com.ua.747853.js?t=20229319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db23da23416121d1b20fff6524e1402d7c60a3301cadd122ecf3e113136fd9b7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
gzip
x-amz-version-id
XsC_zmt8OyNikKkcQq6WnpBtHhIbBUqO
cf-cache-status
MISS
x-amz-request-id
0PFJVCBV95TT13E4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80917
x-amz-id-2
rVC2eEdqarth2A9LzQ97TnQWlHKBgn9m41RqWu66J2A+5jVKSER1AlsjfpvJj9CbFYeCNhpr5X0=
last-modified
Wed, 24 Aug 2022 10:05:28 GMT
server
cloudflare
etag
"207e8d1b39d6405651fb78b23501c425"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
762b340c6ddcdcd3-LHR
expires
Mon, 31 Oct 2022 12:00:57 GMT
caa84976-b488-4314-81f8-3dd473d26292
https://49000.com.ua/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://49000.com.ua/caa84976-b488-4314-81f8-3dd473d26292
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
a3bb5b37-b52d-4575-9cf5-4cb159a91d1e
https://49000.com.ua/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://49000.com.ua/a3bb5b37-b52d-4575-9cf5-4cb159a91d1e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
flag_sprite.png
informer.minfin.com.ua/gen/i/ Frame C9EA 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.minfin.com.ua/gen/i/flag_sprite.png
Requested by
Host: informer.minfin.com.ua
URL: https://informer.minfin.com.ua/gen/s/course.css?1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c72f275241ecbb90e943e7259abf03851ee32ca7e82c9c6fbbf65046a6f13f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://informer.minfin.com.ua/gen/s/course.css?1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1765
cf-polished
origFmt=png, origSize=5448
content-disposition
inline; filename="flag_sprite.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4698
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Oct 2022 11:49:46 GMT
server
cloudflare
etag
"63591eda-1548"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7PAncwfe28NniwddVIqD1vYyMC7eIpeYRT%2F6is%2FfuHl06w2KdYy7TrJNX%2F3i%2Fc9yinVzZ6V9%2F6LIFph%2FioM94UFG9gf0qU%2BuLvr15vDWwfbGwYZuKTMP0Al%2BA85lRS%2Boq3T0ENcW1ZqhoeaRx4TwI2N6Cs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
762b340d0c85dcbb-LHR
expires
Mon, 31 Oct 2022 09:31:32 GMT
up.png
informer.minfin.com.ua/gen/i/ Frame C9EA 		132 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.minfin.com.ua/gen/i/up.png
Requested by
Host: informer.minfin.com.ua
URL: https://informer.minfin.com.ua/gen/s/course.css?1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5e235eb0a1d01b2654a6831602d568d72abc1abff0228615d77f1263915c11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://informer.minfin.com.ua/gen/s/course.css?1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1311
cf-polished
origFmt=png, origSize=306
content-disposition
inline; filename="up.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
132
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Oct 2022 11:49:46 GMT
server
cloudflare
etag
"63591eda-132"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjyONyOIqQC7%2Bx5o9UKFmQVgwTuZzAcB6ymxuQdnZ0LY%2Bma4iYOV0LGNobM%2F7x8HPu5lVCSxd%2FxyLCIO06qx2Lt1PQr4ntsVCSV1on4wsuA%2F0M5KZWLotaC7zqIF%2FeI84U4paiZJeiGdTv2%2F4UhPKCWWSpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
762b340d0c89dcbb-LHR
expires
Mon, 31 Oct 2022 09:39:06 GMT
down.png
informer.minfin.com.ua/gen/i/ Frame C9EA 		128 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.minfin.com.ua/gen/i/down.png
Requested by
Host: informer.minfin.com.ua
URL: https://informer.minfin.com.ua/gen/s/course.css?1.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83bed8453c53c70cc10c83e230bced5dab177ad54dcccb6ec5fea4987be485f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://informer.minfin.com.ua/gen/s/course.css?1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2186
cf-polished
origFmt=png, origSize=298
content-disposition
inline; filename="down.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
128
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Oct 2022 11:49:46 GMT
server
cloudflare
etag
"63591eda-12a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNlWwDya879e23REInXEJ1lM2RZU%2FWA9NTIHnKTdzg6du9PanlbCUUWpd78%2FKV4Ow7Ryk2UuUFEeAUZ61Y%2F79XYJ8fPnopxPVhKq54Fn0HJocDIJZ9yGowMHukU7V7CVuAMvhoQrJuIgrleODwf8X3Yc3uo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
762b340d0c8bdcbb-LHR
expires
Mon, 31 Oct 2022 09:24:31 GMT
/
www.facebook.com/login/ Frame 49B2
Redirect Chain
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=297186066963865&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D297186066963865%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D297186066963865%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df30d4e4d987309%2526domain%253D49000.com.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F49000.com.ua%25252Ff588d39c50c6b4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D500%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F49000dp%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D340
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=a5226493a05be65371edd68b96c2aa53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://49000.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Oct 2022 09:00:58 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
5WMV15h2N8VgbnPyjiaHWBfRfA3DDHun8elb9SAQpi1r70hjMBUINu27nmYhs3/ZwvEn8xzjSmrBdF2qYgn26w==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 31 Oct 2022 09:00:57 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v15.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D297186066963865%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df30d4e4d987309%2526domain%253D49000.com.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252F49000.com.ua%25252Ff588d39c50c6b4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D500%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F49000dp%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D340
pragma
no-cache
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
20S2BjM+2y4P2Zm0LvpiAGa12yT+3bHJAK0FUHxlmBnamEiBW5iUrFghMGYnXbD7CJeluHxch1jNapgbv8UPpw==
x-fb-rlafr
0
x-xss-protection
0
/
c.mgid.com/pv/ 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1667206857783634972907&uniqId=079ee&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2F49000.com.ua%2F&lu=https%3A%2F%2F49000.com.ua%2F&sessionId=635f8eca-15bbf&pageView=1&pvid=1842d45c437af4126de&site=746052&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
762b340d4e4c8e12-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
520804f3-6335-4a0e-8aff-4cd2e668cd9b
https://49000.com.ua/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://49000.com.ua/520804f3-6335-4a0e-8aff-4cd2e668cd9b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
5607
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
762b340d5e648e12-LHR
expires
Tue, 01 Nov 2022 09:00:57 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
5308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
762b340d5e628e12-LHR
expires
Tue, 01 Nov 2022 09:00:57 GMT
/
www.facebook.com/tr/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/?id=382656942094537&ev=ViewContent&dl=https%3A%2F%2F49000.com.ua%2F&rl=&if=false&ts=1667206857813&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=62&fbp=fb.2.1667206857809.1177925038&it=1667206857500&coo=false&exp=b3&rqm=GET&cd[rex]=%7B%22uid%22%3A%220d463b1sf-1a1e-464e-9d4d-bcdffb0950b5%22%2C%22retry%22%3A0%7D
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Oct 2022 09:00:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
https://49000.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=382656942094537&ev=PageView&dl=https%3A%2F%2F49000.com.ua%2F&rl=&if=false&ts=1667206857810&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=62&fbp=fb.2.1667206857809.1177925038&it=1667206857500&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Oct 2022 09:00:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?ev=49000&dl=https%3A%2F%2F49000.com.ua%2F&rl=&if=false&ts=1667206857811&sw=1600&sh=1200&v=2.9.89&r=stable&o=28&it=1667206857500&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Oct 2022 09:00:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1
servicer.mgid.com/1338774/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1338774/1?pv=5&cbuster=166720685784926479843&uniqId=079ee&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=110&h=0&wrongImageSize=1&cols=1&ref=&cxurl=https%3A%2F%2F49000.com.ua%2F&lu=https%3A%2F%2F49000.com.ua%2F&sessionId=635f8eca-15bbf&pageView=1&pvid=1842d45c437af4126de&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f7ee2ca274de8e211b0c8fa9e06883448d6ee8e3f89feced0a332e2d74a4c9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
762b340dbee78e12-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
5607
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
762b340e390971da-LHR
expires
Tue, 01 Nov 2022 09:00:57 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
5308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
762b340e390a71da-LHR
expires
Tue, 01 Nov 2022 09:00:57 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDQ2OTI3LzQxNmVkNDJhMjQ4YWI3N2YzY...
s-img.mgid.com/g/11613777/200x200/-/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11613777/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDQ2OTI3LzQxNmVkNDJhMjQ4YWI3N2YzYTRiMTM4YTg2MjEzN2UzLmpwZWc.webp?v=1667206857-J1512SeLnVKWDbJN0tRPn7XiMGCaY7qwMp3GrtxcBcE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7dedac21f19ed1998aa999efa46418c45c8ad475ce29e0287eeb408cba4e09

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 23:10:27 GMT
x-mg-request-uuid
a908110d-def3-42d9-a92e-13314f4984ab
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
762b340ecdc47761-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6364
i.js
cm.mgid.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1667206857935975168872
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcec7f9abc1634dfa428b33eb178780d736c21fba6bd5c0e4b290533056b3222

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
762b340e3f6e8e12-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame DA1F 		0
35 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=166720685794639624567
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
762b340e4f788e12-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		227 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
content-encoding
gzip
last-modified
Fri, 23 Sep 2022 12:15:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=23855
accept-ranges
bytes
content-length
73257
expires
Mon, 31 Oct 2022 15:38:33 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/4/9/49000.com.ua.1338774.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
YRNVB0MHG5H0YHVT
age
1828
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
762b340eedd6732c-LHR
x-amz-id-2
1dQqfCWw1bHCHflxC2H8GyqBB7dBnyhuQvkLTtOGGlCGDzOjtSxA48CVVz3WvC7Rk938x/F9Plo=
8eae7f9f-544b-460c-bdac-b7be66276249
https://49000.com.ua/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://49000.com.ua/8eae7f9f-544b-460c-bdac-b7be66276249
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
e3f0e466-d82b-4ae5-86de-43bc86a47779
https://49000.com.ua/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://49000.com.ua/e3f0e466-d82b-4ae5-86de-43bc86a47779
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
/
c.idealmedia.io/pv/ 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.idealmedia.io/pv/?pv=5&cbuster=1667206858032876088651&uniqId=0e11f&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2F49000.com.ua%2F&lu=https%3A%2F%2F49000.com.ua%2F&sessionId=635f8eca-15bbf&pageView=1&pvid=1842d45c437af4126de&site=497443&implVersion=11&dpr=1&muid=m9vVVX6HEB02
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/4/9/49000.com.ua.747853.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
762b340ee9a77750-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
a28f86af-a298-492b-af73-e5f88566ad51
https://49000.com.ua/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://49000.com.ua/a28f86af-a298-492b-af73-e5f88566ad51
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 		1 KB
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
Y3TSAYJBB479S7V3
age
7087
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
To+DyB0pe6lJAgjiDQEkZwzbmmnUSR6Fo0oheHRp9blcSKdu2o/W6PQJmsd3APA7gLHGU3T9e10=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"ff394e3a03921d25c2f03e03046bf506"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
762b340ef9c67750-LHR
expires
Mon, 31 Oct 2022 13:00:58 GMT
sync.html
s.adtelligent.com/ Frame 219C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=754484
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1667206857935975168872
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
528fb99c61ea01178b5c14d67ee5eab393375619c0ecd90c8b678bcf3e2e402e

Request headers

Referer
https://49000.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://49000.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1212
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
X-Robots-Tag
noindex
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:57 GMT
content-length
0
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=m9vVVX6HEB02
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m9vVVX6HEB02
  • https://sync.search.spotxchange.com/partner?adv_id=7310&uid=39ad5927-3117-4d4f-902d-38f55a351c8b
  • https://sync.search.spotxchange.com/partner?adv_id=7310&uid=39ad5927-3117-4d4f-902d-38f55a351c8b&__user_check__=1&sync_id=894cb8ef-58fa-11ed-8343-1bce7de30306
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=39ad5927-3117-4d4f-902d-38f55a351c8b&__user_check__=1&sync_id=894cb8ef-58fa-11ed-8343-1bce7de30306
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:58 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
106
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 31 Oct 2022 09:00:58 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7310&uid=39ad5927-3117-4d4f-902d-38f55a351c8b&__user_check__=1&sync_id=894cb8ef-58fa-11ed-8343-1bce7de30306
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
95
Connection
keep-alive
Content-Length
0
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m9vVVX6HEB02
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=5296029035258338361&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:58 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=mgid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bidswitch
event.clientgear.com/gogocookie/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=39ad5927-3117-4d4f-902d-38f55a351c8b
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=39ad5927-3117-4d4f-902d-38f55a351c8b
0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=39ad5927-3117-4d4f-902d-38f55a351c8b
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=39ad5927-3117-4d4f-902d-38f55a351c8b
date
Mon, 31 Oct 2022 09:00:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
e4e1f5fe20753b6b614cda48b7e3c9f7.gif
cs.admanmedia.com/ 		0
0
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=acaa04ac-09f2-425d-98ec-5f97ad170dd4
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=acaa04ac-09f2-425d-98ec-5f97ad170dd4
Protocol
H3
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
762b3410ec9871da-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=acaa04ac-09f2-425d-98ec-5f97ad170dd4
access-control-allow-origin
*
date
Mon, 31 Oct 2022 09:00:58 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
oRTB
sync.inmobi.com/ 		0
0
/
cm.idealmedia.io/setmuidn/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=m9vVVX6HEB02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
762b34101c357750-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=06BHNU8PMlbIAeroC8Ew&pi=mgid&tc=1
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=06BHNU8PMlbIAeroC8Ew&pi=mgid&tc=1
Protocol
H3
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
762b34118d9e71da-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=06BHNU8PMlbIAeroC8Ew&pi=mgid&tc=1
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT, Mon, 31 Oct 2022 09:00:58 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTl2VlZYNkhFQjAy&muidn=m9vVVX6HEB02
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTl2VlZYNkhFQjAy&muidn=m9vVVX6HEB02&google_tc=
  • https://cm.mgid.com/google?muidn=m9vVVX6HEB02&google_ula={guid},5&google_gid=CAESENUduten5cs1VrwyUaDMu0E&google_cver=1
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=m9vVVX6HEB02&google_ula={guid},5&google_gid=CAESENUduten5cs1VrwyUaDMu0E&google_cver=1
Protocol
H3
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
762b34128ecd71da-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.mgid.com/google?muidn=m9vVVX6HEB02&google_ula={guid},5&google_gid=CAESENUduten5cs1VrwyUaDMu0E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
servicer.idealmedia.io/747853/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/747853/1?pv=5&cbuster=1667206858098957818847&uniqId=0e11f&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=861&h=916&cols=2&ref=&cxurl=https%3A%2F%2F49000.com.ua%2F&lu=https%3A%2F%2F49000.com.ua%2F&sessionId=635f8eca-15bbf&pageView=1&pvid=1842d45c437af4126de&implVersion=11&dpr=1&muid=m9vVVX6HEB02
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/4/9/49000.com.ua.747853.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1e72d393c035b11bfe0d2f399035f7e72e3dc1869f8c2503477eccd4ecee8c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
762b34108d047750-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
f4ca318ceb5674e1e7f7fd8f09aa571606ebc20b374193b703bfab4ada363dd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://49000.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://49000.com.ua
date
Mon, 31 Oct 2022 09:00:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
223f4a9158981830e4db24f729cec00d9450fc5f6cefd38bc216ff05ce6542af

Request headers

Referer
https://49000.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://49000.com.ua
date
Mon, 31 Oct 2022 09:00:58 GMT
content-length
34
vary
Origin
content-type
application/json
/
onetag-sys.com/usync/ Frame 1456 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame A56F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
0efec9d757b4ebc640573b237a2d580ef9e54d4f8b63c68da2216deb8c3dab3b

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
743
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame 33A6
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
f54eff5f25b12a98e2fb7b6df0cc27e1aea7aed654c1cf6115f61f849ac64039

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 31 Oct 2022 09:00:58 GMT
expires
Mon, 31 Oct 2022 09:00:58 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-936

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 31 Oct 2022 09:00:58 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-936
d
ic.tynt.com/r/ Frame FD4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Mon, 31 Oct 2022 09:00:58 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
/
csync.loopme.me/ Frame 5143 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
176.236.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
server
_
sync.html
s.adtelligent.com/ Frame CCFE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
db1869a9deee18c0eda28e30d074f2e447bff358936064d0b7739cd2c95140a8

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=754484
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
801
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 09:00:58 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1EAC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120337
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 09:00:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 01 Nov 2022 18:26:35 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame 219C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 219C
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=32d6d42c-098a-457f-9e51-5e6369ed95f2
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=32d6d42c-098a-457f-9e51-5e6369ed95f2
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
0cd1c9aad927b279
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:57 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=32d6d42c-098a-457f-9e51-5e6369ed95f2
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
7na79gmmml5svigp13567qnen06eeg5a
pixel
ap.lijit.com/ Frame 219C 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 31 Oct 2022 09:00:58 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 219C
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b324cef6-fbb0-435f-b3f4-b787d2409fc2
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b324cef6-fbb0-435f-b3f4-b787d2409fc2
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
0cd1c9aad927b279
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b324cef6-fbb0-435f-b3f4-b787d2409fc2
date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame 219C
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ba5c9e3d-3c2c-4617-8e5b-60b051c3d38a
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ba5c9e3d-3c2c-4617-8e5b-60b051c3d38a
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
0cd1c9aad927b279
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ba5c9e3d-3c2c-4617-8e5b-60b051c3d38a
access-control-allow-origin
*
date
Mon, 31 Oct 2022 09:00:58 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 219C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=600028355026675025
0
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=600028355026675025
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
0cd1c9aad927b279
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:58 GMT
AN-X-Request-Uuid
9bc2daf8-c300-4954-9ad2-0a938d18e7af
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=600028355026675025
Connection
keep-alive
X-Proxy-Origin
82.199.130.43; 82.199.130.43; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 219C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=600028355026675025
0
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=600028355026675025
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
0cd1c9aad927b279
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:58 GMT
AN-X-Request-Uuid
4ea7b87c-da15-4b44-a1bc-53386a6dde4e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=600028355026675025
Connection
keep-alive
X-Proxy-Origin
82.199.130.43; 82.199.130.43; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
m
cm.mgid.com/ Frame 219C
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
  • https://cm.mgid.com/m?cdsp=617666&c=0cd1c9aad927b279
43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=617666&c=0cd1c9aad927b279
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H3
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
762b3411cde771da-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

Location
https://cm.mgid.com/m?cdsp=617666&c=0cd1c9aad927b279
Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
0cd1c9aad927b279
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame 0EA8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 09:00:58 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 31 Oct 2022 09:00:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 31D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E079 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120337
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 09:00:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 01 Nov 2022 18:26:35 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame CCFE 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
0cd1c9aad927b279
Content-Length
43
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 1EAC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58047144&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b305cdf5bb59ba2f40dc225013415ba357d2a9f7e654f4e4e1cc422a743a041e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 09:00:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
www.facebook.com/tr/ Frame D4A4 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://49000.com.ua
Referer
https://49000.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://49000.com.ua
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 31 Oct 2022 09:00:58 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
231.json
id5-sync.com/g/v2/ 		216 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b4058c5ddc9ab248f7fe3afa877df1e5c4d7e5c04f426247cdc7043b653368ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://49000.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://49000.com.ua
date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/4/9/49000.com.ua.747853.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
EHSNHKAJQRPRVWSA
age
1515
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9pWFmk20JLO2Kdjx4tBfqV9awDjZYRnMhQZ1sDjfsZliXlT8mPMw+8tSiB8RNRheZa5IPP8ZEHw=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"ff394e3a03921d25c2f03e03046bf506"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
762b34110f7ddcd3-LHR
expires
Mon, 31 Oct 2022 13:00:58 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNDI2MjEwLzQ3NDI2OTZmNTNkNmNiZDFhMDAzMzM0YjJkNDYxYmRhLmpwZWc.webp
s-img.idealmedia.io/n/10253341/492x277/52x0x616x346/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10253341/492x277/52x0x616x346/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNDI2MjEwLzQ3NDI2OTZmNTNkNmNiZDFhMDAzMzM0YjJkNDYxYmRhLmpwZWc.webp?v=1667206858-ara1EQsfPzf_CExvjOdzQZ83_fhutFjl1UnnJV7WsBY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6082d060bd7aafdab0b0bebbb8b4c530872faa4520fb52bc6cdb6027a71acb1d

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Oct 2022 11:14:08 GMT
x-mg-request-uuid
c03566c4-6f04-46f6-9ba1-ddbaa2f3f96f
server
cloudflare
age
3895
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
762b3411bc437545-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21888
expires
Tue, 01 Nov 2022 07:56:03 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNjM3NDE0LzI3MzBlYjcwYjhiMTc0YTgzZmZmZGYwYjQ3N2NkODRkLnBuZw.webp
s-img.idealmedia.io/n/10249627/492x277/144x0x919x517/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10249627/492x277/144x0x919x517/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNjM3NDE0LzI3MzBlYjcwYjhiMTc0YTgzZmZmZGYwYjQ3N2NkODRkLnBuZw.webp?v=1667206858-xMTSdId4Ow6bVfuGwuRj6BDwK0mvOWqF--KbKuD15Fw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b3192bc4409e7cb9bb836137b0ae266298d2ce252cb1404ed8121e8a4b6d11

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
HIT
last-modified
Wed, 19 Oct 2022 15:54:00 GMT
x-mg-request-uuid
2fb41096-ff00-4697-80c7-daacadade106
server
cloudflare
age
6065
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
762b3411bc427545-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12370
expires
Tue, 01 Nov 2022 07:19:53 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNDI1NTc1LzZiMDZlZjIwZTc3ZDgxMDMwYWFmMGRmMGZlMmIxMzI3LmpwZWc.webp
s-img.idealmedia.io/n/10248736/492x277/0x0x542x305/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10248736/492x277/0x0x542x305/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNDI1NTc1LzZiMDZlZjIwZTc3ZDgxMDMwYWFmMGRmMGZlMmIxMzI3LmpwZWc.webp?v=1667206858-uKxwVeXZuP7Nzdq5LCFQwaIdAxlBkV9ru4QkL5uObIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a5ad3b368819bae415e1d041922f757deb95fd03489c8ba62276aff003e693

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
HIT
last-modified
Wed, 19 Oct 2022 06:54:07 GMT
x-mg-request-uuid
0969fd64-599f-4669-a991-40a6ec24603c
server
cloudflare
age
40828
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
762b3411bc457545-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5256
expires
Mon, 31 Oct 2022 21:40:30 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNDcxNTA5LzYxZGJiMDllOTcxNTNmZTQyN2M3NDBkNmQ2NWY3ZmQ5LmpwZWc.webp
s-img.idealmedia.io/n/10249373/492x277/0x0x1015x571/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10249373/492x277/0x0x1015x571/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNDcxNTA5LzYxZGJiMDllOTcxNTNmZTQyN2M3NDBkNmQ2NWY3ZmQ5LmpwZWc.webp?v=1667206858-lQZuBAjkdjPP31KC6hgUZyz2RvxWJdu8V-4uMUT4A9E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36dfd7a5cced4a38de54957dc10c0ab633e3365bb0ab9c1e7c0d3e1762bea664

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
HIT
last-modified
Wed, 19 Oct 2022 13:04:06 GMT
x-mg-request-uuid
195b85e5-066d-45f4-9369-2554f844cf64
server
cloudflare
age
60646
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
762b3411bc467545-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9270
expires
Mon, 31 Oct 2022 16:10:12 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNjg2MzMwLzljZWIzYzAwMjdmZTVjZTE1NDU3YjRmNTNlNThjZDE5LmpwZWc.webp
s-img.idealmedia.io/n/10246907/492x277/0x0x702x395/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10246907/492x277/0x0x702x395/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNjg2MzMwLzljZWIzYzAwMjdmZTVjZTE1NDU3YjRmNTNlNThjZDE5LmpwZWc.webp?v=1667206858-NfH9HHoUnc9QAaM_ZdiMyJTjPz6zK0I2nMRD4qn2GFs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d08a504faa876d0d4e3d2409efdea18bb09f56206a71aa4cfb74ed4a4153cea

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 14:24:06 GMT
x-mg-request-uuid
d6a2bc17-56ee-49b3-9667-c65eba2be877
server
cloudflare
age
6065
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
762b3411cc507545-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23636
expires
Tue, 01 Nov 2022 07:19:53 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNjg2MzMwLzU1ZDk2NTg5NWIyYTM1OTkzYzYyYzQyMzZlOTY4YWU2LmpwZWc.webp
s-img.idealmedia.io/n/10246537/492x277/0x0x667x375/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10246537/492x277/0x0x667x375/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvNjg2MzMwLzU1ZDk2NTg5NWIyYTM1OTkzYzYyYzQyMzZlOTY4YWU2LmpwZWc.webp?v=1667206858-dtl67Y2BRh6MZX8hKmUaEOgagZhn6hEPLyuUg-VEnxc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f92e6c8765a92f0e82d4822ab6a48bb6e289fdd789a02c725e9fcd6ce9570ee8

Request headers

Referer
https://49000.com.ua/
Origin
https://49000.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 10:44:08 GMT
x-mg-request-uuid
4da349b3-c720-419a-9b5c-8aa031bd52a4
server
cloudflare
age
86248
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
762b3411cc517545-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6616
expires
Mon, 31 Oct 2022 09:03:30 GMT
csync
sync.console.adtarget.com.tr/ Frame A3F6 		0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 31 Oct 2022 09:00:57 GMT
Etag
a3760737500346e0
Server
Adtelligent
cookie
cm.adform.net/ Frame D4E9 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 31 Oct 2022 09:00:58 GMT
server
nginx
csync
sync.adtelligent.com/ Frame A56F
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=a3760737500346e0
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=a3760737500346e0
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
0cd1c9aad927b279
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=a3760737500346e0
Date
Mon, 31 Oct 2022 09:00:57 GMT
Server
Adtelligent
Etag
a3760737500346e0
Content-Length
0
counter.php
autocounter.idealmedia.io/autocreative/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=497443&pid=61777&referer=&cxurl=https://49000.com.ua/&undefinedh2=Y_kVS1ZMsLlGcgghJxuzb6wDPWpZRMhY7EqMH2sHQ-o*&cbuster=1667206858420364301219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
762b3411df247750-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/gif
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/4/9/49000.com.ua.747853.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
YRNVB0MHG5H0YHVT
age
1828
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
762b341149d2732c-LHR
x-amz-id-2
1dQqfCWw1bHCHflxC2H8GyqBB7dBnyhuQvkLTtOGGlCGDzOjtSxA48CVVz3WvC7Rk938x/F9Plo=
ptag
a.audrte.com/ Frame 33A6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.233.198 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6565f724269771ba235cd16da6efdaef9b6b5b9feff92b01f894511e3e78bb9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
transfer-encoding
chunked
Connection
keep-alive
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 33A6 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 30 Oct 2027 09:00:58 GMT
um
u-ams03.e-planning.net/ Frame 33A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D73a649dc6aeebfda%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=73a649dc6aeebfda&uid=600028355026675025
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=73a649dc6aeebfda&uid=600028355026675025
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Mon, 31 Oct 2022 09:00:58 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:58 GMT
AN-X-Request-Uuid
1f9889a5-dfa3-45d9-9fad-2109133f98f8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=73a649dc6aeebfda&uid=600028355026675025
Connection
keep-alive
X-Proxy-Origin
82.199.130.43; 82.199.130.43; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 33A6
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D73a649dc6aeebfda%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=73a649dc6aeebfda&uid=ua-9358decc-89ae-324a-9627-22e9ebc11c23
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=73a649dc6aeebfda&uid=ua-9358decc-89ae-324a-9627-22e9ebc11c23
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Mon, 31 Oct 2022 09:00:59 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=73a649dc6aeebfda&uid=ua-9358decc-89ae-324a-9627-22e9ebc11c23
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 33A6 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 30 Oct 2027 09:00:58 GMT
usync.html
eus.rubiconproject.com/ Frame 4A37
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 09:00:58 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 31 Oct 2022 09:00:58 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 3881
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
094bea57d8ec38bef45dadddb6097b096e6eb1194a2e0a9263867385b8f6581e

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
762b3412ed2d88a3-LHR
content-encoding
br
content-type
text/html
date
Mon, 31 Oct 2022 09:00:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSkak87rNKcly0igF03ftFi5qdNcOpTEVcC9U1wSwELYexRVme6zMY61WsHGaLjNWhJaB9kK82kdKG%2Fu84d8A%2F5vX7wfGiulsNDmOhXbsDPLYRqCi1m74dD15%2FsI%2F5uJrpGB6HqD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
762b34121dde71de-LHR
content-length
0
date
Mon, 31 Oct 2022 09:00:58 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETxR9O%2FjBRWkUGdumIiMZPeLvGpeSDDrJbYm5ifgj5QWsltukYVflSQNm6KOL0upvnaIdhIwWgFowRmKVme21Uk%2BMwf6Eg%2FD62I0v9pLJjT0NGishS33EjVUm643t5oHOJ7LvsPM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame B6B8 		1 KB
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
3425
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Mon, 31 Oct 2022 09:00:58 GMT
etag
W/"61ddbb71-5f5"
expires
Sat, 09 Oct 2027 01:48:25 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
6eb2cf9e5b1cb4212a9ede62e0fb2239
x-cf-tsc
1665369932
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
spl.zeotap.com/ Frame C289 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f3a0f4cf813be7d84eddf6cdad31ba8dfdd62b0a0ed0c1f28909b08b4ad85d

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
762b34121e88dd70-LHR
content-encoding
br
content-type
text/html
date
Mon, 31 Oct 2022 09:00:58 GMT
server
cloudflare
vary
Origin
via
1.1 google
match
c1.adform.net/serving/cookie/ Frame 1B86
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 31 Oct 2022 09:00:58 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 31 Oct 2022 09:00:58 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 369D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9114109510495736383
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9114109510495736383
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Oct 2022 09:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9114109510495736383
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1C76
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0d66635f-8ecb-4f00-a631-c19ce1c21264&gdpr=0&gdpr_consent=
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0d66635f-8ecb-4f00-a631-c19ce1c21264&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Oct 2022 09:00:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 31 Oct 2022 09:00:59 GMT
Expires
Mon, 31 Oct 2022 09:00:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master hkg-pixel-x2 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0d66635f-8ecb-4f00-a631-c19ce1c21264&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame D313 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 31 Oct 2022 09:00:57 GMT
expires
Mon, 31 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
500738
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame EDC5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=600028355026675025&gdpr=0&gdpr_consent=
42 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=600028355026675025&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 31 Oct 2022 09:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
80d8b359-66bd-4b55-a9a1-a7bf53bdd964
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 31 Oct 2022 09:00:58 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=600028355026675025&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
82.199.130.43; 82.199.130.43; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D521
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 31 Oct 2022 09:00:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8AJT3BW0YFTED2EZ2QH4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 31 Oct 2022 09:00:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XJQ21CZMTWCFH8ZWSJQ7
csync
sync.adtelligent.com/ Frame 316B 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=40024A76-B2C3-4536-8BC0-49DCD05FBE5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 31 Oct 2022 09:00:57 GMT
Etag
9c292c9c9f4b1789
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1EAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QAJKdrLDRTaLwEnc0F--XQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=120337
accept-ranges
bytes
content-length
5549
expires
Tue, 01 Nov 2022 18:26:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1EAC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1936635f-8ecb-4400-9745-995d3210da34
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1936635f-8ecb-4400-9745-995d3210da34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 31 Oct 2022 09:00:59 GMT
Server
MT3 4539 98cc2da master hkg-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1936635f-8ecb-4400-9745-995d3210da34
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Oct 2022 09:00:58 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1EAC
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=40024A76-B2C3-4536-8BC0-49DCD05FBE5D&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bf1bcb1e1196a35fd9e74e9853a665f7&gdpr=0
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=8886354185621736172&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=06ef24cc8d67292d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=39be02bf8746d225204b7e0a2b373c1b&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1EAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDAwMjRBNzYtQjJDMy00NTM2LThCQzAtNDlEQ0QwNUZCRTVE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1EAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECAlgSeigo0rTGx8clVZFs8&google_cver=1
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECAlgSeigo0rTGx8clVZFs8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECAlgSeigo0rTGx8clVZFs8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1EAC 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 30 Oct 2022 09:00:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1EAC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8886354185621736172
42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8886354185621736172
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8886354185621736172
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1EAC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
6337eccd3aa9f3e58ac3510e9bfc75f3d5ceb02cf32422d52c5141194230c09e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://49000.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://49000.com.ua
date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
94c39791ec2ff493608a088102efd94ae926929ddb022142df6af26d39e3a046

Request headers

Referer
https://49000.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://49000.com.ua
date
Mon, 31 Oct 2022 09:00:58 GMT
content-length
34
vary
Origin
content-type
application/json
231.json
id5-sync.com/g/v2/ 		216 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
4259c0b06bd85a100b8de5075b74634130183d48b1c9daa5acf13080d3fbae74
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://49000.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://49000.com.ua
date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
getuid
ib.adnxs.com/ Frame C289 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame C289 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=3e402299-2276-490f-9dd9-3426b1280f46&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=3e402299-2276-490f-9dd9-3426b1280f46&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b3414db69dd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=3e402299-2276-490f-9dd9-3426b1280f46&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame C289 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C289 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame C289 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 31 Oct 2022 09:00:58 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1667206859.754463,VS0,VE8
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4283-LON
u
dmp.v.fwmrm.net/ad/ Frame C289 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:5::148 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Cache-Control
no-store
Expires
0
Content-Length
0
Content-Type
text/html
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C289 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 31 Oct 2022 09:00:57 GMT
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=a59d281a-f110-42f4-9898-45b6d257ec5b&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a59d281a-f110-42f4-9898-45b6d257ec5b&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b34153c13dd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=a59d281a-f110-42f4-9898-45b6d257ec5b&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2400adc2-6b11-44ba-7566-e664210e1168&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2400adc2-6b11-44ba-7566-e664210e1168&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=14044779521176545432291062841819582898&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-...
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=14044779521176545432291062841819582898&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b3414db67dd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v045-0ba4161da.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8zJQ1P/USPk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=14044779521176545432291062841819582898&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame C289 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=2400adc2-6b11-44ba-7566-e664210e1168&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022103111-12508-0.041100001667213167-f367b4bf6dda7d883ca7c8dd06bf6d1e&zdid=533&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022103111-12508-0.041100001667213167-f367b4bf6dda7d883ca7c8dd06bf6d1e&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b3414db6ddd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022103111-12508-0.041100001667213167-f367b4bf6dda7d883ca7c8dd06bf6d1e&zdid=533&env=mWeb
Date
Mon, 31 Oct 2022 10:46:07 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7160598930794608795&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-...
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7160598930794608795&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b3413c99bdd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7160598930794608795&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Date
Mon, 31 Oct 2022 09:00:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame C289
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2400adc2-6b11-44ba-7566-e664210e1168
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2400adc2-6b11-44ba-7566-e664210e1168
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2400adc2-6b11-44ba-7566-e664210e1168
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 31 Oct 2022 09:00:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2400adc2-6b11-44ba-7566-e664210e1168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2400adc2-6b11-44ba-7566-e664210e1168&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2400adc2-6b11-44ba-7566-e664210e1168&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=kYKKcgEz3.VLmEYErGt1Z.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=kYKKcgEz3.VLmEYErGt1Z.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b3415ed8cdd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
via
1.1 google
last-modified
Mon, 31 Oct 2022 09:00:59 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=kYKKcgEz3.VLmEYErGt1Z.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame C289 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=2400adc2-6b11-44ba-7566-e664210e1168&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2400adc2-6b11-44ba-7566-e664210e1168?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2400adc2-6b11-44ba-7566-e664210e1168?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=39be02bf8746d225204b7e0a2b373c1b&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=39be02bf8746d225204b7e0a2b373c1b&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b34163e05dd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=39be02bf8746d225204b7e0a2b373c1b&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
cache-control
no-cache
x-server
10.45.19.193
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-bvoCknhE2ooBfib.2tK5MHJALr8gizqPWg--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-bvoCknhE2ooBfib.2tK5MHJALr8gizqPWg--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b34158cb5dd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 31 Oct 2022 09:00:59 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-bvoCknhE2ooBfib.2tK5MHJALr8gizqPWg--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1je3L%2B8WuX%2B0utMIVPt3ZhR%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1je3L%2B8WuX%2B0utMIVPt3ZhR%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b34163e0ddd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1je3L%2B8WuX%2B0utMIVPt3ZhR%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame C289 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=2400adc2-6b11-44ba-7566-e664210e1168&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame C289 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.54.255 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n013-dub-prod.krxd.net
date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=51 t=1667206859
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame C289 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=2400adc2-6b11-44ba-7566-e664210e1168&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Mon, 31 Oct 2022 09:00:59 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame C289 		0
0
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=4dbd635f-8ecb-4200-86f3-04d80b5d7b77&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=7611471...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4dbd635f-8ecb-4200-86f3-04d80b5d7b77&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b34185a0ddd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 31 Oct 2022 09:00:59 GMT
Server
MT3 4539 98cc2da master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=4dbd635f-8ecb-4200-86f3-04d80b5d7b77&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 31 Oct 2022 09:00:58 GMT
usermatch.gif
beacon.krxd.net/ Frame C289
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
52.208.54.255 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=52 t=1667206859
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
date
Mon, 31 Oct 2022 09:00:59 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a001-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame C289
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2400adc2-6b11-44ba-7566-e664210e1168&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-756...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2400adc2-6b11-44ba-7566-e664210e1168&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-756...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2400adc2-6b11-44ba-7566-e664210e1168&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3HFZS3BCBYTQ266XRCYA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XP5J786PX8QYQZC2BRTB
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2400adc2-6b11-44ba-7566-e664210e1168&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame C289 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=2400adc2-6b11-44ba-7566-e664210e1168&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D240...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b341839a7dd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
date
Mon, 31 Oct 2022 09:00:59 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame C289 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=2400adc2-6b11-44ba-7566-e664210e1168&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame C289
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=2400adc2-6b11-44ba-7566-e664210e1168&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24...
  • https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b34170f59dd70-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Date
Mon, 31 Oct 2022 09:00:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cmp.min.js
spl.zeotap.com/ Frame C289 		557 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088150fc8b030a04e7b1b67089081222b13e4ee9da31f5fa48352f1c554ed4f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762b34129f63dd70-LHR
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame 0EA8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13519
Connection
keep-alive
Content-Length
9454
Expires
Mon, 31 Oct 2022 12:46:17 GMT
usync.js
eus.rubiconproject.com/ Frame 4A37 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 09:00:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13519
Connection
keep-alive
Content-Length
9454
Expires
Mon, 31 Oct 2022 12:46:17 GMT
cmp
spl.zeotap.com/ Frame C289 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
762b34130818dd70-LHR
date
Mon, 31 Oct 2022 09:00:58 GMT
server
cloudflare
vary
Origin
via
1.1 google
khaos.jpg
token.rubiconproject.com/ Frame 0EA8 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 4A37 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
casale
match.adsrvr.org/track/cmf/ Frame 3881 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3881
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1.OysCKKmJHdrANDEISAAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBsdK6GU745QYGW3KnUlTdI&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBsdK6GU745QYGW3KnUlTdI&google_cver=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBsdK6GU745QYGW3KnUlTdI&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3881 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1-OysCKKmJHdrANDEISAAAAEbAAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z3C5791B8ACXJ6YR9YWK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3881
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1-OysCKKmJHdrANDEISAAAAEbAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBC7tMk_F7ythIaoemUTogY&google_cver=1
43 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBC7tMk_F7ythIaoemUTogY&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQMkjXJM%2FpxF00A1LGQNuvRIkqAHbv%2F2l0D4IHbSEWPyfN1W04%2FYrIbARSCxnhAFToKKVeiXNDIjsSiBBLYDDT2jQyJ7vT7nAEoeleR4fvjJKxgYJoUAPOnOs0xE%2FSV9Hc4amNBXd%2Ff5LA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
762b34151b2b7741-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBC7tMk_F7ythIaoemUTogY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 3881 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame 3881
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1667293259
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1667293259
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1667293259
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 3881
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322323596863256
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322323596863256
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322323596863256
Date
Mon, 31 Oct 2022 09:00:59 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 3881
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y1_OywAEe3B8ogA7
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1_OywAEe3B8ogA7&_test=Y1_OywAEe3B8ogA7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1_OywAEe3B8ogA7&_test=Y1_OywAEe3B8ogA7
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn4042-HHN
pragma
no-cache
date
Mon, 31 Oct 2022 09:00:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1667206859.164646,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1_OywAEe3B8ogA7&_test=Y1_OywAEe3B8ogA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
um
u-ams03.e-planning.net/ Frame 3881 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=73a649dc6aeebfda&uid=Y1.OysCKKmJHdrANDEISAAAA%264528
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D73a649dc6aeebfda%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Mon, 31 Oct 2022 09:00:58 GMT
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame 0EA8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4A37 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 33A6 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aac5a43f828f84e14d2454907ca2af0a788710420b7b2c555d53fe467f833969

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 00:54:52 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 21:31:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
29168
etag
W/"a8a7847cb97a775aba95cba568af7328"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
xjhtHlt7Prv-v5K4t1FfP-el48L7zrFIFUNz9ZfC_EqgLMS5jqIpRw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame B406 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Mon, 31 Oct 2022 09:00:58 GMT
etag
W/"601b131c-27c"
expires
Sat, 30 Oct 2027 09:00:58 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 589B 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D73a649dc6aeebfda%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 31 Oct 2022 09:00:59 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AdRmOLHAn7Gh
x-77-nzt-ray
ffffffff0604ba07cb8e5f63e0905c05
x-77-pop
frankfurtDE
x-accel-expires
@1668243659
x-cache
MISS
sync
eb2.3lift.com/ Frame 0879 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 31 Oct 2022 09:00:59 GMT
csync
sync.adtelligent.com/ Frame 3EF8 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ACj%2feIsQk5ecpDtZ
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Mon, 31 Oct 2022 09:00:58 GMT
Etag
0cd1c9aad927b279
Server
Adtelligent
GS.d
js.cookieless-data.com/ Frame B406 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1667206859132
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 -, , ASN (),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 09:00:59 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
c
c.mgid.com/ 		43 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=324|112|28|vPHjlrSUuGPHTmOHjGdLFVg5EkM3Utnu5HKookjTy3PYwMb1neEIq3Nk1fWCaSLwkFRL1EIV6SMiWvGKbUo26g**&fw=1&extjs=66044&cid=1338774&h2=Y_kVS1ZMsLlGcgghJxuzb6wDPWpZRMhY7EqMH2sHQ-o*&rid=88d223fb-58fa-11ed-ac72-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=1842d45c437af4126de&muid=m9vVVX6HEB02&cbuster=1667206859287691481571
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 09:00:59 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
ea61c781-6ca3-438e-8742-72edd064fb1d
server
cloudflare
content-type
image/gif
cf-ray
762b3416bd5771da-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
client.js
cdn.gravitec.net/storage/236d035ad920de6678f2eafc411841cf/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/236d035ad920de6678f2eafc411841cf/client.js
Requested by
Host: 49000.com.ua
URL: https://49000.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c6016fa753afa25e3e7b3487c795e15a7c65ab8eabe2efc0cb4b8bb837050053

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://49000.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 20 Oct 2022 03:44:58 GMT
date
Mon, 31 Oct 2022 09:01:00 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 00:05:04 GMT
server
nginx
etag
W/"635090b0-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
REVALIDATED
SPug
simage4.pubmatic.com/AdServer/ Frame 1EAC 		0
0
configs
cdn.gravitec.net/sdk/web/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2400adc2-6b11-44ba-7566-e664210e1168%26reqId%3D76114710-4d12-4e26-45bc-ab463f87de79%26zdid%3D1361
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Domain
cdn.gravitec.net
URL
https://cdn.gravitec.net/sdk/web/configs?appKey=236d035ad920de6678f2eafc411841cf

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| a2a_config object| a2a_localize object| __cfQR object| a2a function| a2a_init object| _wpemojiSettings object| sfpp_script_vars undefined| $ function| jQuery object| adevApi object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| slickNavVars object| _gaq function| fbq function| _fbq object| adsbygoogle object| d string| iframe string| cl object| siCss function| siClickCount function| LoadInformer object| twemoji object| wp object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 function| renderInvisibleReCaptcha object| matched object| browser object| aDban boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms object| FB object| _gat object| gaGlobal object| recaptcha object| _mgIntExchangeNews object| MarketGidInfC1338774 boolean| mg_loaded_746052_1338774 object| onClickExcludes object| __buffer function| mgReject1338774 function| mgLoadAds1338774_079ee function| MarketGidCReject1338774 function| MarketGidLoadGoods1338774_079ee object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint746052 string| _mgCanonicalUri object| _mgPageView746052 string| _mgPvid boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT object| pbjs object| IdealmediaInfC747853 boolean| mg_loaded_497443_747853 function| mgReject747853 function| mgLoadAds747853_0e11f function| IdealmediaCReject747853 function| IdealmediaLoadGoods747853_0e11f object| _mgPageViewEndPoint497443 object| _mgPageView497443 object| ID5 function| owpbjsChunk object| owpbjs object| _pbjsGlobals boolean| _mgPubmaticExists object| _mgRequests

78 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: MHLgMDcyWvI2o2qedCjVOknvFDteKTfrbE725.ZCbf4-1667206855-0-ARHH3IUu6gQyfOq+lhkW4UkziIhlywsMQb03xcuGj8ubegTSA33KDPadVGKUKOOt11KKJIwEU518an7vEQFJUS0=
49000.com.ua/ Name: cookielawinfo-checkbox-necessary
Value: yes
49000.com.ua/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.49000.com.ua/ Name: __utma
Value: 5260918.512367901.1667206858.1667206858.1667206858.1
.49000.com.ua/ Name: __utmc
Value: 5260918
.49000.com.ua/ Name: __utmz
Value: 5260918.1667206858.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.49000.com.ua/ Name: __utmt
Value: 1
.49000.com.ua/ Name: __utmb
Value: 5260918.1.10.1667206858
.49000.com.ua/ Name: _fbp
Value: fb.2.1667206857809.1177925038
.mgid.com/ Name: muidn
Value: m9vVVX6HEB02
49000.com.ua/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1338774%22%3A%7B%22page%22%3A1%2C%22time%22%3A1667206857929%7D%7D
49000.com.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.e-volution.ai/ Name: v_usr
Value: 65e1f5aa-4fc2-4d4e-979b-b11fb355eb39
.ads.pubmatic.com/ Name: KCCH
Value: YES
.360yield.com/ Name: tuuid_lu
Value: 1667206858
.360yield.com/ Name: tuuid
Value: ba5c9e3d-3c2c-4617-8e5b-60b051c3d38a
.idealmedia.io/ Name: muidn
Value: m9vVVX6HEB02
ads.us.e-planning.net/ Name: CT
Value: 1
49000.com.ua/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C747853%22%3A%7B%22page%22%3A1%2C%22time%22%3A1667206858386%7D%7D
.creativecdn.com/ Name: u
Value: 06BHNU8PMlbIAeroC8Ew
.creativecdn.com/ Name: ts
Value: 1667206858
.bidswitch.net/ Name: c
Value: 1667206858
.bidswitch.net/ Name: tuuid_lu
Value: 1667206858
.bidswitch.net/ Name: tuuid
Value: 39ad5927-3117-4d4f-902d-38f55a351c8b
.openx.net/ Name: i
Value: d8a464ba-1992-4961-af0b-569e8c916482|1667206858
.adnxs.com/ Name: uuid2
Value: 600028355026675025
.e-planning.net/ Name: E
Value: ACj/eIsQk5ecpDtZ
.smartadserver.com/ Name: pid
Value: 5296029035258338361
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 40024A76-B2C3-4536-8BC0-49DCD05FBE5D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1668384000%3A201_197_219%7C1667260800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1668384000%3A21_13_7_54_220_161_56_3_251%7C1668470400%3A35
a4p.adpartner.pro/ Name: apuid
Value: b324cef6-fbb0-435f-b3f4-b787d2409fc2
.zeotap.com/ Name: zc
Value: 2400adc2-6b11-44ba-7566-e664210e1168
.zeotap.com/ Name: zsc
Value: %F8%B6%A1-%2B%24-I%23%88%B7t%A2%24%40%8CP%D8%B0%A0%C6%3B%F5%F1%05%D2NG%B5%C5%B6%96T.%E4%06%1E%90H0b%F7m%B6%B0%D1%B6%7D%BB%14ph%1F%9Cx%C0%E2%F6%C0i%22%89%FC%A9%EE%CC%14%22%29%98%91g%258%C0%2F%5E%BE%CB%2C8S%01%B2%9D%C0%02%B0%A9%E0%84%E3%87%F3%AC%DC%06U%7Dd%E2%7F%5C~%F3%AC%F2%A0%03%99%BAmA%E3%10%1A%B8%7C%A6%AB0%F3%FE%0A2%CB%83%95%81%03%07%F2B%C0%B5%1C%FD%14%E4%22I%FFCr%F8K%CE%A6%C9U%E8%EE%28%2Fm%94%9EU%A8%C2z%E4%AC%AE%E9%C0%E2%5B%F1
.doubleclick.net/ Name: IDE
Value: AHWqTUk97xxOKw_jSmRtjWZWo5fXfGni7F8QlyUVohg_Uuq2G_TSiPCxQi8cnSwx3hk
.casalemedia.com/ Name: CMID
Value: Y1.OysCKKmJHdrANDEISAAAA
.casalemedia.com/ Name: CMPS
Value: 4528
.casalemedia.com/ Name: CMPRO
Value: 4528
cm.mgid.com/ Name: mg_sync
Value: {"265689":1667206858,"363887":1667206858,"433146":1667206858,"516418":1667206858,"617666":1667206858,"665953":1667206858}
.onaudience.com/ Name: cookie
Value: 06ef24cc8d67292d
.onaudience.com/ Name: done_redirects161
Value: 1
.simpli.fi/ Name: suid
Value: 0347914537484820BD90AF1B52D8CF90
.console.adtarget.com.tr/ Name: vmuid
Value: a3760737500346e0
.adtelligent.com/ Name: a289656
Value: ba5c9e3d-3c2c-4617-8e5b-60b051c3d38a
.de17a.com/ Name: guid
Value: 1.9114109510495736383
.spotxchange.com/ Name: audience
Value: 894cb8b2-58fa-11ed-8343-1bce7de30306
.adform.net/ Name: C
Value: 1
.adtelligent.com/ Name: a558003
Value: 40024A76-B2C3-4536-8BC0-49DCD05FBE5D
.adtelligent.com/ Name: vmuid
Value: 0cd1c9aad927b279
.adtelligent.com/ Name: a297253
Value: 600028355026675025
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-600028355026675025&KRTB&23339-600028355026675025
.pubmatic.com/ Name: PugT
Value: 1667206858
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECAlgSeigo0rTGx8clVZFs8&KRTB&16514-CAESECAlgSeigo0rTGx8clVZFs8&KRTB&23025-CAESECAlgSeigo0rTGx8clVZFs8&KRTB&23386-CAESECAlgSeigo0rTGx8clVZFs8
.adtelligent.com/ Name: a318342
Value: a3760737500346e0
.adform.net/ Name: uid
Value: 8886354185621736172
.adfarm1.adition.com/ Name: UserID1
Value: 7160598930794608795
.tapad.com/ Name: TapAd_TS
Value: 1667206858783
.tapad.com/ Name: TapAd_DID
Value: 3e402299-2276-490f-9dd9-3426b1280f46
.console.adtarget.com.tr/ Name: a307565
Value: ${UID}
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9114109510495736383
.adtelligent.com/ Name: a584890
Value: 600028355026675025
.adtelligent.com/ Name: a307558
Value: b324cef6-fbb0-435f-b3f4-b787d2409fc2
.adtelligent.com/ Name: a309255
Value: 32d6d42c-098a-457f-9e51-5e6369ed95f2
.demdex.net/ Name: demdex
Value: 14044779521176545432291062841819582898
.amazon-adsystem.com/ Name: ad-id
Value: AymAKjvnKkgSkgvfP1nOGLI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tidaltv.com/ Name: tidal_ttid
Value: a59d281a-f110-42f4-9898-45b6d257ec5b
.dpm.demdex.net/ Name: dpm
Value: 14044779521176545432291062841819582898
.weborama.fr/ Name: AFFICHE_W
Value: ZnVnwUpj4elm87
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.casalemedia.com/ Name: CMTS
Value: 3187
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NrIwtzK0MAIAlbuidQkAAAA="
.onaudience.com/ Name: done_redirects68
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-9358decc-89ae-324a-9627-22e9ebc11c23
.yahoo.com/ Name: A3
Value: d=AQABBMuOX2MCEOzQtyfd4gvVXaKcnstSNnQ&S=AQAAAgjLmad1e-OQY7CDre2dorY
.crwdcntrl.net/ Name: _cc_cc
Value: ctst

5 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=2400adc2-6b11-44ba-7566-e664210e1168&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=2400adc2-6b11-44ba-7566-e664210e1168&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2400adc2-6b11-44ba-7566-e664210e1168&reqId=76114710-4d12-4e26-45bc-ab463f87de79&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49000.com.ua
a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
autocounter.idealmedia.io
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
c.idealmedia.io
c.mgid.com
c1.adform.net
casale-match.dotomi.com
cdn.gravitec.net
cdn.id5-sync.com
cdn.idealmedia.io
cdn.mgid.com
cdn4.telegram-cdn.org
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
informer.minfin.com.ua
js.cookieless-data.com
jsc.idealmedia.io
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
loada.exelator.com
loadeu.exelator.com
match.adsrvr.org
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
rtb.openx.net
s-img.idealmedia.io
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
secure-assets.rubiconproject.com
servicer.idealmedia.io
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
sinoptik.ua
sinst.fwdcdn.com
spl.zeotap.com
ssbsync.smartadserver.com
ssl.google-analytics.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.addtoany.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-volution.ai
sync.inmobi.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
telegram.org
token.rubiconproject.com
trc.taboola.com
u-ams03.e-planning.net
um.simpli.fi
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google.com
www.google.de
www.gstatic.com
x.bidswitch.net
cdn.gravitec.net
cs.admanmedia.com
simage4.pubmatic.com
sync-tm.everesttech.net
sync.inmobi.com
103.229.206.241
104.18.18.126
104.18.19.126
109.206.161.21
13.225.78.128
141.94.170.64
141.95.98.65
142.250.181.226
151.1.205.165
151.101.2.49
162.19.138.83
162.55.233.28
18.198.69.109
185.15.245.80
185.172.90.249
185.172.90.252
185.184.8.90
185.64.189.110
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
185.86.139.101
185.89.210.153
185.94.180.126
193.0.160.129
198.47.127.18
2001:41d0:701:1000::96f
2001:67c:4e8:f004::9
205.234.175.175
212.42.76.150
212.82.100.182
213.155.156.184
23.205.235.133
23.35.236.201
2606:4700:10::6816:1957
2606:4700:10::6816:3556
2606:4700:10::6816:46c5
2606:4700:1::6813:884e
2606:4700:20::681a:263
2606:4700::6810:dd4a
2607:ae80:5::148
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9b
2a02:2638:1::18
2a02:6ea0:c700::21
2a02:fa8:8806:12::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::300
2a05:d018:24:b002:eb7b:3a65:f7da:a48f
2a06:98c1:3120::3
2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0
3.127.121.212
3.225.127.201
34.111.131.239
34.111.35.152
34.249.28.28
34.254.143.3
34.98.67.61
35.186.253.211
35.204.74.118
35.214.236.176
35.227.248.159
37.157.3.29
37.157.6.248
37.157.6.253
45.133.44.4
47.252.78.131
51.15.145.116
51.89.9.252
52.208.54.255
52.211.12.99
52.223.40.198
52.30.5.146
52.46.128.147
52.57.24.30
52.70.254.182
52.73.233.198
52.95.118.179
54.38.197.123
62.149.1.122
63.251.232.165
63.32.244.82
67.202.105.32
69.173.144.138
69.173.144.165
69.192.160.219
72.251.249.13
76.223.111.18
85.114.159.118
88.221.168.207
96.16.141.156
0033d7b7d4b46740119f53db5e68f9490b158f0fe4cc535ab6892beba08b0229
013dc884954b6a4d7ba92351b2a399c96d808b1ec68cb0c8cd21145ec21a75a6
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05f7ee2ca274de8e211b0c8fa9e06883448d6ee8e3f89feced0a332e2d74a4c9
065d38079361e0747bf9a6137799512e819eba94a9af7f21bd1a95bce782a01e
0762626c9fc5748687e16d766c669cff5dbe574435ecd2c9586758e2eee59d81
07b3192bc4409e7cb9bb836137b0ae266298d2ce252cb1404ed8121e8a4b6d11
088150fc8b030a04e7b1b67089081222b13e4ee9da31f5fa48352f1c554ed4f9
094bea57d8ec38bef45dadddb6097b096e6eb1194a2e0a9263867385b8f6581e
0a740c857a77259681a00a87341785628c6069093255b945650d5400b4599cd0
0ad9a17c64cb30ec9df3c4b49b4b25ce305e45440c6a24519e4347f505f4490a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d08a504faa876d0d4e3d2409efdea18bb09f56206a71aa4cfb74ed4a4153cea
0d74e29c60f4cbf0e3d9d73a400162db15a9801e369faf116aecfe8dd2d5fea6
0df600db928a5580475febac2e04b49a9a2bcb3e98543275dc823f65032829c1
0e7f356101f19500f3aec6125f09474270ec51d0056af02afe1d80e1b2683a34
0efec9d757b4ebc640573b237a2d580ef9e54d4f8b63c68da2216deb8c3dab3b
1095332e0abad0cf4dfed16d44acf13f310796bc1fedc5e7c481fdbd7c9b1123
1139f1d19c0f340f767dbff5feb266cea1ba7761e78b7db7d765eef605285d79
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1705187171c2f288d019737c841d2fd149499205f663ee046f2a9fe73ad3260b
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f3a0f4cf813be7d84eddf6cdad31ba8dfdd62b0a0ed0c1f28909b08b4ad85d
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1acb7dcb32a7fd25daec76d1b1fdaa787359b884f4c4c2a1bb1c018ca93b51fa
1c72f275241ecbb90e943e7259abf03851ee32ca7e82c9c6fbbf65046a6f13f1
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
223f4a9158981830e4db24f729cec00d9450fc5f6cefd38bc216ff05ce6542af
247487e5c8e756cc99c1d14f2494b027819eecac4aedf9ff01b6446459b015ab
24893f3840af6a32f00abd232ba5e5619595345e55ff3db71a0f66db9afc905b
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
267e5fb978fa691c1b12174c588280dd4e69df0123957736d771b9f1dcd13f76
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2be1124845db7d09b145b359c2c21fed158b23d8090ef8e6e95d82d826db2ee2
2cff247538bb788277645dd9481dff71940e8aea9fa4cd9da57317092f29ed96
2d34b1a5747f60c08852ce6709a8c2dfe94cc5ccf0c693224d757c006e1ad5b3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7b27c8f47efcab39c9bf3cf1463a227eff640d917ecb00399019ff11690f7f
3381385fc7c38e645dd94c6e86cc48144153d356385fff1fe423fa5a5b472bb1
36881e576619c157397e1004d906a7f4254bdcc145c068fa6f795c84af665d3f
36dfd7a5cced4a38de54957dc10c0ab633e3365bb0ab9c1e7c0d3e1762bea664
38e4353e2d06deba5dbe2cfd0411c57b7c26e581c5b49aaa1f5f221adfb3fe51
3a73af51b01550926c685b940beb98275a4fde236d4d8b0db117f08cd1eea53c
3cd57cf64aa125c4c295b7e3d529c0c19fdf572ea1438dd252f7ef2bf05c8a1c
3d176763a552c8a6f25c3db3e4f21f56bb1b02fbdf4e819937b9ea116e204470
3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f572771d285678869ac7ff18c671c1b17ce6b624e8d063ef14d1fba9ae08acf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41
41c85d7c7908724782f210aa1e851336d3d15f5915653cb470f4af5be2d3cd7d
4240b412e288fb05bb4191bab38475d283c86dc8db56c87c9d0614b01b737d7a
4259c0b06bd85a100b8de5075b74634130183d48b1c9daa5acf13080d3fbae74
427f6e61b801e93e2cc2d8cba9dc8f7e6a30e3ef00cf189e6f3d7a6b983f5c10
47aa9d07562b746b9c3de99512e3fc7daac399b6391a47d1f5ec5fcda471905d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
4a003dc58f3e95a18e44712b9161181319e6a40613242cbcac158f6dc8d7339d
4a94ff9fb18039e72ab79b9b06dc3597307d70cb99a01e4ae5fe610fb6a555a5
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4fd2c3e7e8fa4d98d719e1cbc3e98b0fea8f90eca687cdb51f79220b48cf40ba
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
528fb99c61ea01178b5c14d67ee5eab393375619c0ecd90c8b678bcf3e2e402e
53093900ab95717d9deed83852cf33251cf7642fad9b5dec88c012d7b3538fd8
53fb291f0fc7e3ca84d4d021ecb798774c1dd0c96b1de8dcc647617c5b1a70bc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54a642e40b1981ded4cfffa9521fe0cdc5237d4cfdafaface8736db4c912cee5
5a3535bf9c68a69732cec8f625abb8a79db09a0466d0793f491a9193710aff92
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d519bef382e417bd33c64672e069a2ef3bde52e4b6b6632618641611a19adc0
5f1a662152c1b181faee3414c71763cfa9108a0bc2c3e0a88e3814c4f9d71e34
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460
5fad8d7ef9400cec405cca8b4c5355d82f877900e35df0d861e1bf4ababa31c9
6064c20c57faae34acd6c36af37a61beeaf9ea6a370b390afed4b88b78a8d17c
6082d060bd7aafdab0b0bebbb8b4c530872faa4520fb52bc6cdb6027a71acb1d
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
622943a57bd4bd775e7cf2c27a08ec8281aa54e8775faacfc963a9826c361382
6254db7fe727a37de66515993d741b094c45df9715c33a32dbf993ee8b3c20e5
6337eccd3aa9f3e58ac3510e9bfc75f3d5ceb02cf32422d52c5141194230c09e
63a1fc9a0fc0e7324bfe549a0ff2c0f1e00ffea9fe1557020d448a9dc30f34ab
6565f724269771ba235cd16da6efdaef9b6b5b9feff92b01f894511e3e78bb9a
66606f638cac4ec81584871c3a319b4eddf4d2839f72107d7faabf79bf0d6b7f
6b502352cce2915be6263f971ccdcc9988c4805269d9b200820c3e2a46864261
6c077a89e644603448ef5dc3a85f2bfbaebab7c0fa53ed827e4e39f72f98a310
6cf291201b76e17fdbfb732933a2738cba6b4fa9308a29c86994047aa354883a
6dabd00e869613ae43cd7cc2354ee31b85105b3aac1d4118885ed8fcacb573cd
6e10c5894feb68b18a011cbaeacaac67ca84b72b0e2b88c17995456f104a060f
6e9297588e400bc759a297054036cf991bf9f2f8194b2e23629cda397d24be48
6e9ded812c2793bb47af5e0ac5bb6d77d3e681d8dd518edbc0dd45415440ac98
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
7017a544ffcf08b96b70de02e3f451f554dfcb92be5ed0a4fde929f33375f51b
70180227eda4824373efe6b0cffb4734c962d037749d2c34f3330afb542d486f
7057ac9b9e4e63889df8e5f499e8791ec316e8a5e50c17d067ea48f32d490cf7
7062e72edad5a2fb54912ad146b3c9009adc2af7f3d7c5b0dcf73ca8db87fc10
70796d32d9399c19ca1f64ce5c1f1a67c42643159ea5ba5ad9f3703e35622333
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7380065158426eccfc3286e8be72c08ff4234a023e4eeddf5a77567404559d45
757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d
75eeb7b11d00a114eb8e4184d3ea4ed9ae1aa4531ddd27f3a6a32cb368f74fed
772726b7f5423bc5bc8e9222b9690c30056a23732a904763d4d167c31d995e5a
77680c1d7564d58990306283483627d1f611c2d9feb4c995aedf4afd547cd9b0
78f527fc04546ae8fe9bf1208b881c327df8c06546be530e4269a0397e6b9467
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7c63622048acfd312b34229e902058d2e6f6bf43b449bac8cd5d9e510905e1f1
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
7e9ed810f4b4f2adbbc013a94aceeb1a23966f0aaf1f30012c51f09cb6facb5e
7f9d82ef51d906a46f993247b4c73c79073fff8c3484941274e0b6aea1efaca8
803df509fe55bade6e1d161b961ff9c59c6645daa104e41b453ca014628d7994
81003b15fc9afb795bfb737fb5e8f6bbb65ba6c530ed9bc16475690fe11dda1c
829f31120b62520ca2f867d310d77f6e9eabbc95bb669a9300aa82bccf6b53c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bed8453c53c70cc10c83e230bced5dab177ad54dcccb6ec5fea4987be485f8
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
861a3b9d835ef87a8946575fe26adbc8c204cc9d9a8d44e7053cede7f278d5e1
8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78
897a5e559d4036e6e56812311b87cddb8b0142968fd7f017890825ae514e021f
89b5323bc8ec96c1ba2e05645ca91ea408458334f69330e80b5fbfb73f33a790
8af08d3b9b7947ef0d3bc1c4e7422200d9b08d2bd782d854a8bedca69b8f55c4
8bad129de3ef766fa40f28d69c625443c63ac4c3830b2418016f67da33833e6c
8d58784649fcff377385433d77b1712aa4a5ea38b2c93428585e179e43a67fb8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f934b9dcb83e66d7d9d97961ff48c91e981f7d2277b35db090be6de194354fc
90b4abfa7281f9465c5d65947c7a035d414ec1add2729ad1a2a5dc2bb7bf9878
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93aaac92a1535c7bf910fc628e21399b6dc88c7e7925840339c12db9254a2a69
94c39791ec2ff493608a088102efd94ae926929ddb022142df6af26d39e3a046
97af8c28ae779c92b3dcaaf61845f821cdb307c3426c6cdf5606d351af10f792
97c6c183e2df976693a9439f544eecfe4337229ee41ffb89b5d78f8da707b168
9b1e68362961b7641e00727d943f8b3104889789fca2f38ddd5a9367619f75f2
9d04afca237ea834243b63da47c2d0e8229dc5c7effd0ca9f7acfc82a8d38fc1
9dda86ee0005000514874f80765a81c56674e21b6bde82a554225730f067985f
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e7b15b60d1c28b3399de5a5910cda3e452ce4ba21a632f35e5657d240ed2b8
a1b3299e5e7466757da9fb719a05c807cd2979ed1dcb8371436e14156fb2c558
a1c02bc817578f589ab1824f978d5b688aa8abf58fabc80c94abf93447d0ae3c
a1e73d18cae7fa3cafdcdfc62dad87c5054b4f4d218b83a637658b0c8cd70d2c
a660200bd7da495c00c41354af551bc1c3b2550983aa53187f8181a6e655986a
a783fbd613bad4f504c89e94a9687451e1f40840d9797590e0a9ab024ca7c70c
a8ded3ad6c2f222cd6fee8328a475ff7f4a0725d5a4f448e3175afd9f7889c85
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aac5a43f828f84e14d2454907ca2af0a788710420b7b2c555d53fe467f833969
ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ae194ce29e7bb4c4a3dc4eac226f2a781d0d179aa9b3c065efa9083e3697bf9e
aecc606114320ce6760f4b108ba6fade0db9c6ff68ca8e58c130f415e4e5b824
b09cb1f183ad143a1e9645642498f058b7cc36c7a74c331edf80230cf6b314fa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a5ad3b368819bae415e1d041922f757deb95fd03489c8ba62276aff003e693
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b26d67fcc2d8ab3560a14548a4dd3f37e1868c2e2377b17b605d559de8108a66
b305cdf5bb59ba2f40dc225013415ba357d2a9f7e654f4e4e1cc422a743a041e
b4058c5ddc9ab248f7fe3afa877df1e5c4d7e5c04f426247cdc7043b653368ca
b4dc7118464c434f7caac42fd0535dac1102dfcace0feb4c35e3bb29594b14c3
b5b705277a119afee1fb398b5fa8c2b880b620e258c85c8ae79dfc409d8cafea
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b619e0d075aeb70019a5f94e1d12041599fe41ac0d912106d4972ed22c35e2b0
b7c76724466a1425b0ad3d041f1d9b70af514baa66830674e842372dbedd6d79
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
bf3d2214b30a8f3752a9e3d0c1c1a3b2c0f9a707c41381aae3dd444aed74b149
c0c4bf060f35d3014d2a78498b6523bb7789101da2960a8841eae0d36b0c6348
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c42c3b668bd024887c5a2e45d52726eca515086b9cf79d7cb009e5a80db0ba5a
c5ba9b7342eb964db038d633422c497bdc8ced1fa2300e73c9fee3b8fd801613
c5d5d4a63737d2730eae49d88c3ac64f0ba572bffd5068a99e7206064745243d
c6016fa753afa25e3e7b3487c795e15a7c65ab8eabe2efc0cb4b8bb837050053
c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91
c9291094d8820df2704e3919eb47d6ea69b1ab21ef6813be2d5c634d391ba258
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a
ca7dedac21f19ed1998aa999efa46418c45c8ad475ce29e0287eeb408cba4e09
cb5e235eb0a1d01b2654a6831602d568d72abc1abff0228615d77f1263915c11
ccb3a0b998d1b29bff776b4ecc67632907f4b97dde28c48a6b0fa12ff4976ae8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1e72d393c035b11bfe0d2f399035f7e72e3dc1869f8c2503477eccd4ecee8c
cea1364ffbf15ec9d2c19a0507b0fa4e3693325e6ece26cc683978f2644e9f55
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcde322182a6103211b1115a3d493bc1edff9d7a738df5e396d453603033e3d
d07dff8a09455f8aa214f1853f2d6243753e30a8d7404ce9733ed0acd5f38121
d097bda59092b06b5bb3051bbef1791e8a7fc533a5aa62e40e898b3ec9308249
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d5ab93c1b1567d531a27d123c41f8bd4a724d87fafea5074f56597f5b4d50642
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d78e766d5c55208116e30eaae9956639cc2c16b17a91547d1ac626d0bba0af14
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20
db1869a9deee18c0eda28e30d074f2e447bff358936064d0b7739cd2c95140a8
db23da23416121d1b20fff6524e1402d7c60a3301cadd122ecf3e113136fd9b7
dcce227a85ed5049132aa40b03b56d9b6bf07b4312baeb3eaff984b6b646dc76
dd6e691a27d07125e04993917cfb3f75ac9d8926f6b66d7c2e45368aa130e660
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df19bde9da6f2a90ba4f0b1bfa24a44e7f160bcab3ccb1c042b6650bf58f51ec
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e3f1337d98ae9bdc5324add86b6d9fada463831f9f4f3d808b0cea1c9479fbd8
e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
eb0097db47de9e370b9a16dbdbb0034e688caa3032a78612974d7769026d3dec
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
eb69175f81f4fec2e64d01c7ccfaafb803fc95541eb58303130766e5c9f1b2ec
eb7451c66790840a3181f487dbcfedc373d9d10efa87b23baa1087930397998f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eea545e78efff567451de5543e54ec5de308ad87793ffcf919484d733973e5ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef975ed953b8db0a0bf2ccdc207ed9ee5cfd05a531b88c2c2fde7f06c5210ca0
f216650eb16519fa87f0687dadd30f301019437289d15c91a8c1f5f6024019a9
f346c5c77002dc488f7ce012eec232cff8f8202e214a5435ce426b112161cf02
f4ca318ceb5674e1e7f7fd8f09aa571606ebc20b374193b703bfab4ada363dd0
f54eff5f25b12a98e2fb7b6df0cc27e1aea7aed654c1cf6115f61f849ac64039
f87eececfce9a0eb07739ae5030e022e1f415b462ecd8c32b2e84ce3b52c15d1
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f8dba5405d21c747124407bd1d364bb0c5f4c38640bd5924fcde57ff41041e03
f92e6c8765a92f0e82d4822ab6a48bb6e289fdd789a02c725e9fcd6ce9570ee8
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fa818ccfedc1726c23667b5e9535cd7966b432a228ef6a96b52961ffbcca0c99
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fcec7f9abc1634dfa428b33eb178780d736c21fba6bd5c0e4b290533056b3222
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff9b26cf51251eae11aefdb3007f0ab9691ecac454bb1994b08b890acd661ff9