urlscan.io logo urlscan.io
SecurityTrails logo

www.ukr.net Open in urlscan Pro
212.42.76.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ukr.net/
Effective URL: https://www.ukr.net/
Submission Tags: falconsandbox
Submission: On April 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 89 IPs in 14 countries across 81 domains to perform 296 HTTP transactions. The main IP is 212.42.76.252, located in Ukraine and belongs to UKRNET Kiev, Ukraine, UA. The main domain is www.ukr.net.
TLS certificate: Issued by Thawte RSA CA 2018 on March 31st 2021. Valid for: a year.
This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 212.42.76.252 8856 (UKRNET Kiev)
1 2a00:1450:400... 15169 (GOOGLE)
15 212.42.76.247 8856 (UKRNET Kiev)
2 212.42.76.248 8856 (UKRNET Kiev)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 212.42.75.249 8856 (UKRNET Kiev)
4 213.174.135.1 39572 (ADVANCEDH...)
14 172.217.18.98 15169 (GOOGLE)
1 10 212.42.75.253 8856 (UKRNET Kiev)
6 136.243.84.74 24940 (HETZNER-AS)
1 5.135.83.158 16276 (OVH)
3 212.42.83.135 8856 (UKRNET Kiev)
3 193.200.65.2 6681 (GIVEME-CLOUD)
1 104.19.133.78 13335 (CLOUDFLAR...)
4 195.214.195.101 8856 (UKRNET Kiev)
6 2a0c:5c81:514... 55081 (24SHELLS)
2 2a0c:5c81:509... 55081 (24SHELLS)
1 1 116.202.161.117 24940 (HETZNER-AS)
4 14 62.149.0.72 15497 (COLOCALL ...)
2 193.200.65.5 6681 (GIVEME-CLOUD)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 136.243.128.165 24940 (HETZNER-AS)
2 2a02:2638::1c 44788 (ASN-CRITE...)
2 213.19.162.51 26667 (RUBICONPR...)
2 146.0.227.110 20773 (GODADDY)
2 4 185.33.221.52 29990 (ASN-APPNEX)
1 35.244.159.8 15169 (GOOGLE)
3 6 188.42.196.115 7979 (SERVERS-COM)
2 3 216.52.2.48 30282 (AS-INAPCD...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
1 9 46.249.52.249 50673 (SERVERIUS-AS)
4 23.218.208.200 16625 (AKAMAI-AS)
3 104.117.222.11 16625 (AKAMAI-AS)
2 3 37.157.4.23 198622 (ADFORM)
2 2a00:f48:2000... 47447 (TTM)
1 1 52.21.63.28 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.157 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 213.19.147.45 26120 (RHYTHMONE)
5 5.178.65.253 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.186.253.211 15169 (GOOGLE)
1 3.221.146.169 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 116.202.85.171 24940 (HETZNER-AS)
1 178.162.133.149 60781 (LEASEWEB-...)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 88.214.206.142 46636 (NATCOWEB)
1 67.202.110.34 32748 (STEADFAST)
1 37 2a00:1450:400... 15169 (GOOGLE)
4 10 23.218.208.246 16625 (AKAMAI-AS)
1 18 2606:4700:10:... 13335 (CLOUDFLAR...)
10 195.191.235.71 208566 (ROZETKA-AS)
1 193.200.64.15 6681 (GIVEME-CLOUD)
5 6 142.250.186.66 15169 (GOOGLE)
6 7 35.227.248.159 15169 (GOOGLE)
1 37.157.3.28 198622 (ADFORM)
2 3 34.247.242.33 16509 (AMAZON-02)
1 151.101.13.44 54113 (FASTLY)
1 154.57.158.51 26558 (FREEWHEEL)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.250.160.147 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.107 24961 (MYLOC-AS ...)
2 2 52.208.103.128 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.120.52.200 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 54.170.10.95 16509 (AMAZON-02)
4 4 151.101.114.49 54113 (FASTLY)
1 1 184.30.20.207 16625 (AKAMAI-AS)
1 1 54.165.137.101 14618 (AMAZON-AES)
1 2 52.95.124.165 16509 (AMAZON-02)
2 2 23.45.110.176 16625 (AKAMAI-AS)
1 54.229.253.85 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 13 18.158.173.146 16509 (AMAZON-02)
1 1 194.213.62.34 5588 (GTSCE GTS...)
3 3 185.29.133.199 30419 (MEDIAMATH...)
1 1 37.252.173.113 29990 (ASN-APPNEX)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 2 104.111.237.88 16625 (AKAMAI-AS)
1 2 52.94.232.32 16509 (AMAZON-02)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 54.195.19.148 16509 (AMAZON-02)
1 143.204.245.29 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.158.28.83 12876 (Online SAS)
4 7 52.4.128.233 14618 (AMAZON-AES)
3 8 52.48.137.92 16509 (AMAZON-02)
1 52.48.18.249 16509 (AMAZON-02)
1 1 185.29.132.144 30419 (MEDIAMATH...)
4 4 51.89.21.21 16276 (OVH)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 142.250.186.162 15169 (GOOGLE)
2 2 37.157.4.29 198622 (ADFORM)
1 2 3.127.178.105 16509 (AMAZON-02)
296 89
9    212.42.76.252 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv252.fwdcdn.com
ukr.net
www.ukr.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    212.42.76.247 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv247.fwdcdn.com
upst.fwdcdn.com
2    212.42.76.248 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv248.fwdcdn.com
zakladki.ukr.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
encrypted-tbn0.gstatic.com
3    212.42.75.249 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com
mail.ukr.net
4    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
14    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
10    212.42.75.253 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com
accounts.ukr.net
6    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
go.rcvlink.com
recreativ.ru
1    5.135.83.158 (France)

ASN16276 (OVH, FR)
PTR: app-05.adpartner.pro
a4p.adpartner.pro
3    212.42.83.135 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
kinoafisha.ua
3    193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com
trafmag.com
1    104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)
servicer.mgid.com
4    195.214.195.101 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
counter.ukr.net
6    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
2    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
s.adtelligent.com
1    116.202.161.117 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
14    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
sync.console.adtarget.com.tr
2    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
6    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
1    136.243.128.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: st11.recreativ.ru
st11.rcvlink.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
4    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adtelligent-d.openx.net
6    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    2606:4700:e0::ac40:6308 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
9    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
4    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    104.117.222.11 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-222-11.deploy.static.akamaitechnologies.com
js.adscale.de
3    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)
cdn.admatic.com.tr
1    52.21.63.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
1    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
5    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
s.e-planning.net
1    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    3.221.146.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
1    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    116.202.85.171 (Germany)

ASN24940 (HETZNER-AS, DE)
sync.richaudience.com
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    67.202.110.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-110.static.steadfastdns.net
ic.tynt.com
37    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
10    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
18    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
10    195.191.235.71 (Warsaw, Poland)

ASN208566 (ROZETKA-AS, PL)
cs03.trafmag.com
1    193.200.64.15 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
afl.rozetka.com.ua
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
7    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
3    34.247.242.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-242-33.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b001:cff3:ca6f:14e6:5ad7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.250.160.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-160-147.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.107 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
2    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
cms.analytics.yahoo.com
1    3.120.52.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    54.170.10.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-10-95.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    54.165.137.101 (United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    23.45.110.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.229.253.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    18.158.173.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ih.adscale.de
1    194.213.62.34 (Brno, Czech Republic)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
bbnaut.ibillboard.com
3    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    37.252.173.113 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
adscale-emea.adnxs.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com
tracking.m6r.eu
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    54.195.19.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-19-148.eu-west-1.compute.amazonaws.com
d.adroll.com
1    143.204.245.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-29.cph50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
js.cookieless-data.com
7    52.4.128.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
8    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    52.48.18.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com
id5-sync.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
2    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
35 googlesyndication.com
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
171 KB
28 ukr.net
ukr.net
www.ukr.net
zakladki.ukr.net
mail.ukr.net
accounts.ukr.net
counter.ukr.net
327 KB
20 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
176 KB
19 adtelligent.com
player.adtelligent.com
ghb.adtelligent.com
sync.adtelligent.com
ghb1.adtelligent.com
s.adtelligent.com
132 KB
18 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
6 KB
16 ampproject.org
cdn.ampproject.org
328 KB
16 adscale.de
js.adscale.de
ih.adscale.de
17 KB
15 trafmag.com
trafmag.com
t.trafmag.com
cs03.trafmag.com
104 KB
15 fwdcdn.com
upst.fwdcdn.com
103 KB
14 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
18 KB
11 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
16 KB
10 gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
fonts.gstatic.com
189 KB
10 casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
11 KB
8 audrte.com
a.audrte.com
9 KB
7 tapad.com
pixel.tapad.com
3 KB
7 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
4 KB
6 adform.net
cm.adform.net
dmp.adform.net
track.adform.net
2 KB
6 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
35 KB
6 betweendigital.com
ads.betweendigital.com
3 KB
6 google.com
adservice.google.com
www.google.com
403 B
6 rcvlink.com
go.rcvlink.com
st11.rcvlink.com
17 KB
5 mathtag.com
pixel.mathtag.com
sync.mathtag.com
3 KB
5 adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
4 KB
5 criteo.com
gum.criteo.com
mug.criteo.com Failed
bidder.criteo.com
dis.criteo.com
806 B
4 id5-sync.com
id5-sync.com
6 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 krxd.net
beacon.krxd.net
usermatch.krxd.net
1 KB
3 googleapis.com
fonts.googleapis.com
2 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
2 KB
3 richaudience.com
sync.richaudience.com
742 B
3 googletagservices.com
www.googletagservices.com
100 KB
3 lijit.com
ap.lijit.com
2 KB
3 openx.net
adtelligent-d.openx.net
rtb.openx.net
1 KB
3 google.de
adservice.google.de
www.google.de
394 B
3 kinoafisha.ua
kinoafisha.ua
56 KB
2 eyeota.net
ps.eyeota.net
2 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 criteo.net
static.criteo.net
51 KB
2 bluekai.com
tags.bluekai.com
641 B
2 weborama.fr
idsync.frontend.weborama.fr
841 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
791 B
2 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
677 B
2 admatic.com.tr
cdn.admatic.com.tr
21 KB
2 creativecdn.com
prebid-eu.creativecdn.com Failed
creativecdn.com
721 B
2 admixer.net
inv-nets.admixer.net
890 B
2 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com Failed
3 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 turn.com
d.turn.com
444 B
1 cookieless-data.com
js.cookieless-data.com
367 B
1 quantumdex.io
sync.quantumdex.io
608 B
1 adroll.com
d.adroll.com
112 B
1 rfihub.com
p.rfihub.com
776 B
1 adgrx.com
cm.adgrx.com
408 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
384 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 taboola.com
trc.taboola.com
161 B
1 rozetka.com.ua
afl.rozetka.com.ua
389 B
1 tynt.com
ic.tynt.com
1 admanmedia.com
cs.admanmedia.com
428 B
1 sonobi.com
sync.go.sonobi.com
478 B
1 dotomi.com
prebid-match.dotomi.com
104 B
1 navdmp.com
tag.navdmp.com
4 KB
1 1rx.io
sync.1rx.io
199 B
1 advangelists.com
nep.advangelists.com
229 B
1 adxpremium.services
rtb.adxpremium.services
969 B
1 loopme.me
csync.loopme.me
207 B
1 recreativ.ru
recreativ.ru
192 B
1 mgid.com
servicer.mgid.com
3 KB
1 adpartner.pro
a4p.adpartner.pro
313 B
1 googletagmanager.com
www.googletagmanager.com
37 KB
0 sinoptik.ua Failed
pinformer.sinoptik.ua Failed
296 81
Domain Requested by
23 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
16 cdn.ampproject.org securepubads.g.doubleclick.net
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
15 mwzeom.zeotap.com 1 redirects ads.us.e-planning.net
15 upst.fwdcdn.com www.ukr.net
upst.fwdcdn.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
12 securepubads.g.doubleclick.net www.ukr.net
securepubads.g.doubleclick.net
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
www.googletagservices.com
10 cs03.trafmag.com trafmag.com
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
10 accounts.ukr.net 1 redirects upst.fwdcdn.com
accounts.ukr.net
www.ukr.net
8 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
8 sync.adtelligent.com 3 redirects player.adtelligent.com
s.console.adtarget.com.tr
s.adtelligent.com
8 www.ukr.net 1 redirects www.ukr.net
upst.fwdcdn.com
7 pixel.tapad.com 6 redirects ads.us.e-planning.net
7 cm.g.doubleclick.net 6 redirects bcp.crwdcntrl.net
6 pagead2.googlesyndication.com www.googletagservices.com
www.ukr.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
6 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
s.adtelligent.com
js.adscale.de
ads.us.e-planning.net
6 ads.betweendigital.com 3 redirects www.ukr.net
6 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
5 bcp.crwdcntrl.net 4 redirects tags.crwdcntrl.net
5 s.e-planning.net ads.us.e-planning.net
5 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
5 ghb.adtelligent.com player.adtelligent.com
5 go.rcvlink.com www.ukr.net
go.rcvlink.com
4 id5-sync.com 4 redirects
4 sync.mathtag.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 ssum.casalemedia.com 3 redirects ads.us.e-planning.net
4 www.google.com www.ukr.net
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
4 ads.pubmatic.com s.console.adtarget.com.tr
ads.us.e-planning.net
ads.pubmatic.com
4 ib.adnxs.com 2 redirects player.adtelligent.com
spl.zeotap.com
4 counter.ukr.net www.ukr.net
counter.ukr.net
4 player.adtelligent.com www.ukr.net
player.adtelligent.com
3 fonts.googleapis.com 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
3 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
bcp.crwdcntrl.net
3 match.adsrvr.org 2 redirects ssum.casalemedia.com
3 dmp.adform.net 2 redirects spl.zeotap.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 www.googletagservices.com securepubads.g.doubleclick.net
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 ap.lijit.com 2 redirects player.adtelligent.com
3 trafmag.com upst.fwdcdn.com
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
3 kinoafisha.ua upst.fwdcdn.com
kinoafisha.ua
3 mail.ukr.net 2 redirects upst.fwdcdn.com
2 ps.eyeota.net 1 redirects s.console.adtarget.com.tr
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 tags.bluekai.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 rtb.openx.net 2 redirects
2 sync.e-planning.net ads.us.e-planning.net
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 creativecdn.com 2 redirects
2 inv-nets.admixer.net player.adtelligent.com
2 fastlane.rubiconproject.com player.adtelligent.com
2 gum.criteo.com static.criteo.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 t.trafmag.com www.ukr.net
s.adtelligent.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 zakladki.ukr.net www.ukr.net
1 pixel-sync.sitescout.com 1 redirects
1 d.turn.com 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 sync.quantumdex.io ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 d.adroll.com 1 redirects
1 p.rfihub.com 1 redirects
1 cm.adgrx.com ssum.casalemedia.com
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 dis.criteo.com 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 encrypted-tbn1.gstatic.com 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
1 encrypted-tbn0.gstatic.com 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
1 encrypted-tbn2.gstatic.com 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
1 www.gstatic.com 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 afl.rozetka.com.ua trafmag.com
1 ic.tynt.com s.adtelligent.com
1 cs.admanmedia.com 1 redirects
1 sync.go.sonobi.com ads.us.e-planning.net
1 prebid-match.dotomi.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 sync.1rx.io 1 redirects
1 pixel.sitescout.com 1 redirects
1 www.google.de www.ukr.net
1 nep.advangelists.com 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 s.adtelligent.com s.console.adtarget.com.tr
1 stats.g.doubleclick.net www.google-analytics.com
1 ghb1.adtelligent.com player.adtelligent.com
1 rtb.adxpremium.services player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 adtelligent-d.openx.net player.adtelligent.com
1 mug.criteo.com www.ukr.net
1 st11.rcvlink.com www.ukr.net
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr player.adtelligent.com
1 recreativ.ru go.rcvlink.com
1 servicer.mgid.com upst.fwdcdn.com
1 a4p.adpartner.pro upst.fwdcdn.com
1 www.googletagmanager.com www.ukr.net
1 ukr.net 1 redirects
0 secure-assets.rubiconproject.com Failed ads.us.e-planning.net
0 prebid-eu.creativecdn.com Failed player.adtelligent.com
0 pinformer.sinoptik.ua Failed upst.fwdcdn.com
296 128

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
tvgid.ua
kinoafisha.ua
www.booking.com
rozetka.com.ua
kasta.ua
www.citrus.ua
makeup.com.ua
ukrzoloto.ua
auto.ria.com
rst.ua
ab.ua
atlanticexpress.com.ua
avtosale.ua
osaggo.com.ua
vidi-automarket.com.ua
lassa-tyres.com.ua
evatech.com.ua
suzuki.ua
dom.ria.com
lun.ua
nerukhomi.ua
1realty.ua
flatfy.ua
bit.ly
onona.ua
www.accordtour.com
www.impuls24.com.ua
med-magazin.ua
www.lissod.com.ua
www.ailas.com.ua
healthyway.com.ua
www.lampa.ua
e27.com.ua
www.caravella.com.ua
dom-mebeli.com.ua
www.dybok.com.ua
shop.agromat.ua
electrica-shop.com.ua
lovespace.ua
sex-shop.ua
work.ua
grc.ua
learning.ua
optima.school
buki.com.ua
slav.in.ua
www.otpusk.com
panoramadeluxe.com
www.hotelscombined.com
www.youtube.com
vv-hotel.com
hvosting.ua
nic.ua
www.besthosting.ua
internetua.com
make2web.pro
sport.ua
www.ukrtennis.com
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
www.europe-stomatolog-centre.com.ua
24tv.ua
www.pravda.com.ua
gordonua.com
dilo.net.ua
www.slovoidilo.ua
www.rbc.ua
hvylya.net
ukrainian.voanews.com
babel.ua
hromadske.ua
hromadske.radio
kriminal.tv
crimezone.in.ua
cripo.com.ua
novosti-n.org
magnolia-tv.com
lenta.ua
www.dymka.com.ua
censor.net
podrobno.hyser.ua
kurs.com.ua
cursorinfo.co.il
www.unn.com.ua
portaltele.com.ua
prm.ua
sud.ua
stroyobzor.ua
budport.com.ua
apostrophe.ua
bykvu.com
prostomob.com
expert.com.ua
avtodream.org
uamotors.com.ua
newsyou.info
avtosota.com
bizua.org
footballtransfer.com.ua
terrikon.com
www.footboom.com
theageoffootball.com
golos.ua
greenpost.ua
wworld.com.ua
lhealth.info
sport.znaj.ua
sport.politeka.net
stars.clutch.net.ua
kinowar.com
bilshe.com
www.facenews.ua
parlament.ua
news.obozrevatel.com
focus.ua
u-news.com.ua
plus.obozrevatel.com
rezina.cc
testoteka.ukr.net
www.zapchast.com.ua
americamotors.com
kiaparts.com.ua
autoshini.com
pokraska.diskservice.com.ua
transshina.com.ua
shinadiski.com.ua
sailuntyre.com.ua
goldnomer.com
www.aks.ua
panama.ua
diaton.ua
artpotolok.kiev.ua
590.ua
pro-electronics.com.ua
lascala.ua
www.m-stelya.com.ua
stellag.com.ua
flowers.ua
isex.com.ua
buketland.com.ua
amurchik.ua
trafmag.com
answear.ua
sneakerstudio.com.ua
pierrecardin.net.ua
mgid.com
www.mgid.com
adline.kiev.ua
mail.ukr.net
zakladki.ukr.net
Subject Issuer Validity Valid
*.ukr.net
Thawte RSA CA 2018		 2021-03-31 -
2022-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.fwdcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-09 -
2021-11-07		 2 years crt.sh
mail.ukr.net
Thawte RSA CA 2018		 2020-04-06 -
2022-05-06		 2 years crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
rcvlink.com
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
adpartner.pro
R3		 2021-02-26 -
2021-05-27		 3 months crt.sh
kinoafisha.ua
Sectigo RSA Domain Validation Secure Server CA		 2020-08-11 -
2021-11-07		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-15 -
2021-06-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
ghb.adtelligent.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2020-08-14 -
2021-09-06		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-04-03 -
2021-07-02		 3 months crt.sh
sync.adtelligent.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2020-08-17 -
2021-11-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
ghb1.adtelligent.com
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
sync.console.adtarget.com.tr
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
cat.adscale.de
DigiCert SHA2 Secure Server CA		 2020-10-23 -
2021-11-21		 a year crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-04-07 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.e-planning.net
R3		 2021-03-26 -
2021-06-24		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
afl.rozetka.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2020-11-23 -
2021-11-24		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.adscale.de
Amazon		 2020-06-05 -
2021-07-07		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
js.cookieless-data.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
*.eyeota.net
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh

This page contains 34 frames:

Primary Page: https://www.ukr.net/
Frame ID: 7D3D438F4AD521F88BCE6989B2AF0DC3
Requests: 80 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 3058706060C7F4B760D690E938CDD725
Requests: 8 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: C4D730DB9D99429C8F9155E43D759DC6
Requests: 7 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php
Frame ID: 8A2F0E647169A63041334D48DD38B9C4
Requests: 1 HTTP requests in this frame

Frame: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1619050542741
Frame ID: F54F3CC29CCBF854329BEA6350E704FF
Requests: 4 HTTP requests in this frame

Frame: https://www.ukr.net/dat/covid19.html
Frame ID: CA33DCE1478647D8608D2E0A22F25689
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: F044AC7DDEE4F8F583FA6F135A0DDC9F
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=804acc73-790f-48ab-b202-b1c57e9e5aad
Frame ID: AE85738FADAFF4D68B826EDE47D27DC2
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: 5FEE3081D74844DE62D9B8DEDCA5F8B5
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mGbX1zr7z08DJjsL1G6J&pi=admatic&tc=1
Frame ID: EA7F60E66D70092B68DC41C8B0C5C022
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 24455EF69CFCB00E4C19FC091D0909EC
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 35D510314ED47FCC04C028A7055A8A72
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: FB9B2898BB6989FFDB5F5E8DF28A1B04
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: D3832DAE21B9BFEB531877D1C0544D44
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 7B40D6D3AFDEF7F11E5E808FEA57A174
Requests: 2 HTTP requests in this frame

Frame: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3DD78ABE2946F047795E660CFE628641
Requests: 20 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
Frame ID: 25AF05ACE67B3013BBD2E3CEB61C5735
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4aff87c7de3885af%26uid%3D
Frame ID: 6AB629A0C1B13439FE3C2C7B47EFC7BB
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 7818B07F71717E54063B51676C208359
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Frame ID: BBEDED9E5008866DD0B067CCBD3432A8
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&cmp=0
Frame ID: 3CD8F5EDD2BCF83035A077F8FA42260A
Requests: 31 HTTP requests in this frame

Frame: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E05209049E5888FFB4B48C02185C1866
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B8F944055DACDCA41DC95767346C6B79
Requests: 2 HTTP requests in this frame

Frame: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E6751FBE4BBD307A31FFF399A34BBFC0
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9B7E5E86A01693BC3BE8EA9C8F305AEE
Requests: 1 HTTP requests in this frame

Frame: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FBBAF6AB6668EE4844F47C329B008643
Requests: 15 HTTP requests in this frame

Frame: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A05610463FE54944D8CFE4F627680F1
Requests: 18 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 7D8BA588D21797B19C1A7EFA32118E69
Requests: 11 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: C74D3924E70E60D09ED3B04D6AEF5131
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: BA9662E230461033E5541ED4FEF55FF0
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AHeeiU21aVBnFQ1n
Frame ID: 0B2BD8062EDD1D8CBFE9868AC7182D32
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 1F7C961A693EF7220FF3E1F80B5A9C1A
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.ukr.net
Frame ID: D7BC267907E9D10C6A32E5B6D842F47E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7A815EE2BD3677E721A5AD5403E69817
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ukr.net/ HTTP 301
    http://www.ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

296
Requests

99 %
HTTPS

27 %
IPv6

81
Domains

128
Subdomains

89
IPs

14
Countries

1957 kB
Transfer

4875 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ukr.net/ HTTP 301
    http://www.ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://mail.ukr.net/widget?lang=uk HTTP 303
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Request Chain 22
  • https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1619050542731 HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php HTTP 301
  • https://pinformer.sinoptik.ua/pinformer4.php
Request Chain 52
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=804acc73-790f-48ab-b202-b1c57e9e5aad
Request Chain 53
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=383270a38b1b3e30
Request Chain 62
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IM8fHXx4blNUVEZERkdWUitlNE9SRHF3M2w1b1lVQkVnMjRNUks5REpMM0wzU1RydjBvSmJGUnhWWE9vbkNuMHNkdXJBZ0pkbmJ3OWFZUlFpQ0xVeFQ2MmUxRGlMNm5LOW93cCtBOER1emdpK21YclVDZzNiam4rSTh3WFEzZTcwekhBRTAvZG4rS0xIN25rWWcrTHFuSlBzR3hCZTlUREhyZWpqdnNpUTlBcXR4S2dicEhoenJuaEJWaGh1YXcrQjNFVndrTGFSM1RUUk5ZSGJlT0pUNjB5ckRoY1ZQOEtIdWorMmhtOFd0Uk5MZENVPXw&cppv=2
Request Chain 68
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5211724572833236&tz=-120&fl=0&rr=direct&s=2894403&bidid=14ce5f9b8abaaf6&transactionid=47e90492-4023-476e-9f2c-ba4e664ad7cc&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5211724572833236&tz=-120&fl=0&rr=direct&s=2894403&bidid=14ce5f9b8abaaf6&transactionid=47e90492-4023-476e-9f2c-ba4e664ad7cc&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Request Chain 69
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=1165093561932682&tz=-120&fl=0&rr=direct&s=2894403&bidid=157300f9452750d&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=1165093561932682&tz=-120&fl=0&rr=direct&s=2894403&bidid=157300f9452750d&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Request Chain 70
  • https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8762921657996892&tz=-120&fl=0&rr=direct&s=3622782&bidid=1662f3c3bf59ff8&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8762921657996892&tz=-120&fl=0&rr=direct&s=3622782&bidid=1662f3c3bf59ff8&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Request Chain 91
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mGbX1zr7z08DJjsL1G6J&pi=admatic&tc=1
Request Chain 92
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 97
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-818b35d1-3f0d-4d73-8cc0-aca035f7a155
Request Chain 98
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=8de00546fed5e454
Request Chain 105
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4aff87c7de3885af HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4aff87c7de3885af
Request Chain 106
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
Request Chain 110
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4aff87c7de3885af%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4aff87c7de3885af&uid=3506db4c-02ac-43eb-83cc-c8484fb16a59
Request Chain 114
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4aff87c7de3885af HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 115
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4aff87c7de3885af%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4aff87c7de3885af&uid=1725340105984438029
Request Chain 117
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-QfBpgbhE2uE2ljmLauwaLXt9RtSNW4rGwNTdePI-~A
Request Chain 118
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4aff87c7de3885af%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4aff87c7de3885af&uid=e56670f06c3b184ccc7c62949156d9d5cf3e66ad
Request Chain 123
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=383270a38b1b3e30
Request Chain 124
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a3a0b87435498867486ae984
Request Chain 125
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3506db4c-02ac-43eb-83cc-c8484fb16a59
Request Chain 126
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1725340105984438029
Request Chain 127
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=383270a38b1b3e30
Request Chain 131
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIUmZWqv-AFKkuhP2dki5Eg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Request Chain 149
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=e1265cc5-a2ff-11eb-a57c-ee4330ad0bed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Request Chain 151
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=e7c15faf-476e-436c-af55-4dbbba49c90f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Request Chain 155
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=43cfaed4-4b35-4aec-bf92-422118e4afb7&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 156
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=59dc400c-7e29-4d3a-781b-2cf993fa7a25&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=59dc400c-7e29-4d3a-781b-2cf993fa7a25&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=12664080161612308071023987694398849280&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Request Chain 158
  • https://bn01.er.bemail.it/zeotap.php?_bid=59dc400c-7e29-4d3a-781b-2cf993fa7a25&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021042202-97751-0.517600001619050544-62e92936ea9bd0dba20828fe84ef9c0b&zdid=533&env=mWeb
Request Chain 159
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6953769137053366424&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Request Chain 160
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=59dc400c-7e29-4d3a-781b-2cf993fa7a25 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=59dc400c-7e29-4d3a-781b-2cf993fa7a25
Request Chain 161
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=59dc400c-7e29-4d3a-781b-2cf993fa7a25&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=59dc400c-7e29-4d3a-781b-2cf993fa7a25&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361&bounce=1&random=3141402156 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=xA00FgPdMVbP46un7CAdC.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Request Chain 163
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=59dc400c-7e29-4d3a-781b-2cf993fa7a25?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=59dc400c-7e29-4d3a-781b-2cf993fa7a25?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=f8b16faa690e570392ece1e9cb2bf986&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Request Chain 164
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-zmCKgM1E2opMEUpDxUUhvdqwHGRtUM8KMw--~A&zpartnerid=570&env=mWeb
Request Chain 165
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lVpII2ASj4kLyYT7Iv%2F75DzPtHJZ25lc%2BS41iYitP1U%3D
Request Chain 169
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361&_test=YIDAMgAAXv9I7QA4 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YIDAMgAAXv9I7QA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&_test=YIDAMgAAXv9I7QA4
Request Chain 170
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7eac6080-c031-4400-aa43-ead5f8ee4252&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Request Chain 171
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OE1kyLmj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=59dc400c-7e29-4d3a-781b-2cf993fa7a25
Request Chain 172
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=59dc400c-7e29-4d3a-781b-2cf993fa7a25&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=59dc400c-7e29-4d3a-781b-2cf993fa7a25&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&dcc=t
Request Chain 173
  • https://tags.bluekai.com/site/87734?id=59dc400c-7e29-4d3a-781b-2cf993fa7a25&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 193
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn0YHZhwEQ9AMY9AMyCBly5q0lZL0G HTTP 301
  • https://tpc.googlesyndication.com/simgad/8720707406544737770
Request Chain 256
  • https://ih.adscale.de/uu?cbfn=receive&t=1619050546 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1619050546&nut&uu=6de55f67c2254f83a9930f62cee0d12a
Request Chain 263
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=6de55f67c2254f83a9930f62cee0d12a&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=101&tpuid=BBID-01-02937645475218849-16268184
Request Chain 264
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=abf1a429cb3d411e82219008ba4aae2e087380627bd8f797c274ff7c59db3338&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=0&gdpr_consent=
Request Chain 266
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=75&tpuid=1725340105984438029&gdpr=0
Request Chain 267
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=9490d110008d98ca7a596617ca6b56652be6a08163c7497e34d7c9ecca7c04db&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=9490d110008d98ca7a596617ca6b56652be6a08163c7497e34d7c9ecca7c04db&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg&gdpr=0&C=1 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YIDANtMEiWnu5RzOTZWOZwAA%261104&gdpr=0
Request Chain 268
  • https://track.adform.net/serving/cookie/match/?party=9&uid=961adb816300fd7b928c2899029b8ea0233f10062eba4ce2eb590385578ddee7&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=961adb816300fd7b928c2899029b8ea0233f10062eba4ce2eb590385578ddee7&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=42&gdpr=0&tpuid=6375776904072534689
Request Chain 269
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=9bd3492fc80b0fe25ae56419b44a43d1910c0174ddbaefbba130f4854fcb4778&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=ea5f4ce6-ac8e-43b4-b678-8f02ba1ee1a2
Request Chain 270
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=50b53911ff817b9e9de3815e41e26c68ee11da9002b6565721f5adab66b549a9&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=0&gdpr_consent=
Request Chain 271
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=476b34ec39fdd63fed0b8015c2910fc6b00a2ca50dfc4b5c1d687e4fdf15ed25&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=476b34ec39fdd63fed0b8015c2910fc6b00a2ca50dfc4b5c1d687e4fdf15ed25&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/js?tpid=48&tpuid=6abeca0d37660e79fc97bdf316072e18
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIDANtMEiWnu5RzOTZWOZQAABHUAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECi8NU1FAcFA_vwuk86JGpI&google_cver=1
Request Chain 274
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIDANtMEiWnu5RzOTZWOZQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC-FgsjpyB_8-4WwF9v9ZQM&google_cver=1
Request Chain 275
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIDANtMEiWnu5RzOTZWOZQAABHUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIDANtMEiWnu5RzOTZWOZQAABHUAAAAB&dcc=t
Request Chain 278
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739026143269368
Request Chain 279
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 280
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=1&gdpr_consent=
Request Chain 288
  • https://bcp.crwdcntrl.net/5/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Request Chain 290
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=f8b16faa690e570392ece1e9cb2bf986&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=f8b16faa690e570392ece1e9cb2bf986&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=e968ece1-a2ff-11eb-bbbb-66bd867ef1ea
Request Chain 291
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=fa186080-c03d-4200-9181-2376f6142fb1
Request Chain 292
  • https://id5-sync.com/s/19/9.gif?puid=f8b16faa690e570392ece1e9cb2bf986&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=f8b16faa690e570392ece1e9cb2bf986&gdpr=1&gdpr_consent= HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOcqS2KxVehjVLOER-T1BvvmKhmbH5SAHKwSv2bQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/8/2.gif?puid=7491462278572078094&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=f89339547ad239c476b50b12972b6d97&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOcqS2KxVehjVLOER-T1BvvmKhmbH5SAHKwSv2bQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjhiMTZmYWE2OTBlNTcwMzkyZWNlMWU5Y2IyYmY5ODY&google_redir={xENCODEDURL}&id5id=ID5-ZHMOcqS2KxVehjVLOER-T1BvvmKhmbH5SAHKwSv2bQ
Request Chain 293
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YIDAPgAAXWXJlQAC HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YIDAPgAAXWXJlQAC&_test=YIDAPgAAXWXJlQAC
Request Chain 294
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=&google_gid=CAESEObsCLHQPjmslfJ1bEq-pm4&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 296
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7345545461322590395 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESEObsCLHQPjmslfJ1bEq-pm4&google_cver=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=04bnM47EyTJR12Ohb-R-hVpqQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 297
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=

296 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ukr.net/
Redirect Chain
  • http://ukr.net/
  • http://www.ukr.net/
  • https://www.ukr.net/
167 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
a08fcb2215e39ea6a679a5382c6b83278db218e7ceb0487ad67f7de1976c89b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ukr.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGCAwC590TOrA2ulAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Thu, 22 Apr 2021 00:15:42 GMT
content-type
text/html
content-length
44911
cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
expires
-1
set-cookie
un_lang=ua; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure snr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure scr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure sfr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure
etag
"6080c00e-af6f"
content-encoding
gzip
vary
User-Agent
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Server
nginx
Date
Thu, 22 Apr 2021 00:15:42 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://www.ukr.net/
Vary
User-Agent
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Set-Cookie
uid=Cj1tBGCAwC590TOrA2ulAg==; expires=Fri, 22-Apr-22 00:15:42 GMT; domain=.ukr.net; path=/
js
www.googletagmanager.com/gtag/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5903420-1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f4cf1f4c8b40b3d2218191af77dbd94aa9059cd545a02f36966e7845cb2e044
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37450
x-xss-protection
0
last-modified
Thu, 22 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Apr 2021 00:15:42 GMT
top_links.css
upst.fwdcdn.com/css/1612185778/ 		2 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/1612185778/top_links.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
6a2a30567ebb12a8d345d65a0b81185660e1263584a6bcac041f2a63a868272d

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 13:23:03 GMT
server
nginx
etag
W/"601800b7-696"
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
expires
Fri, 22 Apr 2022 00:15:42 GMT
/
upst.fwdcdn.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
af0cb902656b4fde470988b5fafcfb29703d1e18469371fca027bbcb6fbd7724

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 08:56:16 GMT
server
nginx
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
expires
Fri, 22 Apr 2022 00:15:42 GMT
main.css
upst.fwdcdn.com/css/66/portal/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/66/portal/main.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
f3352012cfa03559709cc1820c6ef16f21c2a556cca03750e0c7201ba7b8e307

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 14:19:03 GMT
server
nginx
etag
"60803457-1e58"
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
7768
expires
Fri, 22 Apr 2022 00:15:42 GMT
_desktop.js
www.ukr.net/news/ 		20 B
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/news/_desktop.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/news/_desktop.js
pragma
no-cache
cookie
uid=Cj1tBGCAwC590TOrA2ulAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
vary
User-Agent
server
nginx
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
concat.js
upst.fwdcdn.com/js/31/portal/ 		166 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/31/portal/concat.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 09:53:05 GMT
server
nginx
etag
"5f6dbe01-cc31"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
52273
expires
Fri, 22 Apr 2022 00:15:42 GMT
main.js
upst.fwdcdn.com/js/516/portal/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/516/portal/main.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
061769e5c7eb97935122a0492b7b2365f8a8538ec018a37e31e030f2192750ab

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 14:28:03 GMT
server
nginx
etag
"6076fbf3-40d9"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
16601
expires
Fri, 22 Apr 2022 00:15:42 GMT
zakladki_v2.min.js
zakladki.ukr.net/bookmarks/js/ 		104 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.248 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv248.fwdcdn.com
Software
nginx/1.16.1 /
Resource Hash
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:42 GMT
Last-Modified
Fri, 14 Aug 2020 10:42:05 GMT
Server
nginx/1.16.1
ETag
"5f366a7d-19e00"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
close
Accept-Ranges
bytes
Content-Length
105984
Expires
Thu, 29 Apr 2021 00:15:42 GMT
logo_ua.gif
upst.fwdcdn.com/temp/holidays/9928/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/temp/holidays/9928/logo_ua.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
340e0e0fb94958dd17432fbe30211cfe3b2f2f8d582e4656fb013377ada6a708

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
last-modified
Thu, 22 Apr 2021 00:15:00 GMT
server
nginx
etag
"6080c004-1b9a"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
accept-ranges
bytes
content-length
7066
title_img_ua.gif
upst.fwdcdn.com/temp/holidays/9928/ 		872 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/temp/holidays/9928/title_img_ua.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
7d34a60e92b3e10b42d6a5b806e093143240110dee1937656d6e63eab7450afc

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
last-modified
Thu, 22 Apr 2021 00:15:00 GMT
server
nginx
etag
"6080c004-368"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
accept-ranges
bytes
content-length
872
grey-pix.gif
upst.fwdcdn.com/img/ 		53 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/grey-pix.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-35"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
53
expires
Thu, 29 Apr 2021 00:15:42 GMT
fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-1134"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
4404
expires
Thu, 29 Apr 2021 00:15:42 GMT
fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-134e"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
4942
expires
Thu, 29 Apr 2021 00:15:42 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5608
date
Wed, 21 Apr 2021 22:42:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 22 Apr 2021 00:42:14 GMT
can_https
mail.ukr.net/ 		46 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.ukr.net/can_https
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.249 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-249.fwdcdn.com
Software
nginx /
Resource Hash
bfc9fbc4575f67c1903d4ff0b0d8889b7a66b72676dd61cec9abec0019a2fe50

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
server
nginx
content-length
46
content-type
text/javascript
hb_300016_4947.js
player.adtelligent.com/prebidlink/449736/ 		298 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cba522390b1c9e02f762cfb76673612b1db16b7093a47998d4944a6752f2fe2f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 10:30:45 GMT
server
nginx
etag
W/"6066f255-4a95e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 22 Apr 2021 01:15:42 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
7531b79597ad63a3dd3be39269ff6160ea1a8b979db54b4955f2dbada7c31a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"849 / 687 of 1000 / last-modified: 1619043102"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21097
x-xss-protection
0
expires
Thu, 22 Apr 2021 00:15:42 GMT
wrapper_hb_300016_4947.js
player.adtelligent.com/prebidlink/449736/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
de5b1578774e803e4bc0b3f3e44d4b14b26b6856f4cb0b9a23c957130e45e370

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 12:10:57 GMT
server
nginx
etag
W/"60801651-14781"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 22 Apr 2021 01:15:42 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
test
accounts.ukr.net/public/access/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/public/access/test?_=1619050542714
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
server
nginx
access-control-max-age
600
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
access-control-allow-credentials
true
x-upstream
4210.10.20.48:5080
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length
2
login
accounts.ukr.net/widget/ Frame 3058
Redirect Chain
  • https://mail.ukr.net/widget?lang=uk
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
07d3b253e202af1cbbf728e53b09d684206d64240685841a864e80a527101707
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://www.ukr.net/
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.ukr.net
:scheme
https
:path
/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGCAwC590TOrA2ulAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; can_https=1; _ga=GA1.2.1342618151.1619050543; _gid=GA1.2.924513607.1619050543
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Thu, 22 Apr 2021 00:15:42 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 22 Apr 2021 00:15:41 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-frame-options
ALLOW-FROM https://www.ukr.net/
vary
*
content-security-policy
default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-encoding
gzip
x-upstream
4510.10.20.49:5080

Redirect headers

server
nginx
date
Thu, 22 Apr 2021 00:15:42 GMT
content-length
0
location
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
set-cookie
freemail=; Domain=ukr.net; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ sid=; Domain=mail.ukr.net; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ sid=; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ fvsid=; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/
x-detected-skin
widget
expires
Thu, 22 Apr 2021 00:15:41 GMT
cache-control
no-cache
content-security-policy
default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
5ysrIfrF92
go.rcvlink.com/ifr/ Frame C4D7 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
c6e062ccfb4e7bf2e4020e000a457da3cee98015550fb029221d9797d9e19858

Request headers

:method
GET
:authority
go.rcvlink.com
:scheme
https
:path
/ifr/5ysrIfrF92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Thu, 22 Apr 2021 00:15:42 GMT
content-type
text/html
last-modified
Sat, 03 Apr 2021 06:37:04 GMT
etag
W/"60680d10-3435"
expires
Fri, 23 Apr 2021 00:15:42 GMT
cache-control
max-age=86400
content-encoding
gzip
v2
a4p.adpartner.pro/jsunit/jsonp/ 		300 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery300026595150646710897_1619050542689&_=1619050542690
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.83.158 , France, ASN16276 (OVH, FR),
Reverse DNS
app-05.adpartner.pro
Software
nginx /
Resource Hash
5ae48f0f8c6ff93351d7b74212241993317b94f07eebc3000a82824c8f2ac02e

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
pinformer4.php
pinformer.sinoptik.ua/ Frame 8A2F
Redirect Chain
  • https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1619050542731
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
  • https://pinformer.sinoptik.ua/pinformer4.php
0
0
ukrnet_ua.html
kinoafisha.ua/widget/ Frame F54F 		240 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1619050542741
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
bf62cad5e502d4a66197ca9edf1dc114d1fe6b6934d376b9b0e611ec93d14123

Request headers

:method
GET
:authority
kinoafisha.ua
:scheme
https
:path
/widget/ukrnet_ua.html?rnd=1619050542741
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Thu, 22 Apr 2021 00:15:42 GMT
content-type
text/html
last-modified
Thu, 22 Apr 2021 00:00:00 GMT
etag
W/"6080bc80-3c0ec"
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
content-encoding
gzip
covid19.html
www.ukr.net/dat/ Frame CA33 		47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/dat/covid19.html
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
137e2b463ce1179a5530ce1a99b6ce209f483d9b51ac8ef8e77a00605ed9e054
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ukr.net
:scheme
https
:path
/dat/covid19.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGCAwC590TOrA2ulAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; can_https=1; _ga=GA1.2.1342618151.1619050543; _gid=GA1.2.924513607.1619050543
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Thu, 22 Apr 2021 00:15:42 GMT
content-type
text/html
content-length
13372
last-modified
Thu, 22 Apr 2021 00:05:31 GMT
etag
"6080bdcb-343c"
content-encoding
gzip
vary
User-Agent
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ukrnet2.js
trafmag.com/ 		332 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trafmag.com/ukrnet2.js?callback=jQuery300026595150646710897_1619050542691&_=1619050542692
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
e006e0c56c865c83ef02bb7a878f62886d56a972ce1e4f975f0455e8fd44734f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
server
nginx
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
p3p
CP="NON DSP COR CURa TIA"
1119189
servicer.mgid.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1119189?callback=jQuery300026595150646710897_1619050542693&_=1619050542694
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73087fb55a57ea60e0e60fe3d51625eca18d5091d50c1ebb1bcf4f90f7accf81

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
099887ced200003324712ac000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
643aa8c48d863324-CDG
access-control-allow-headers
*
addlink.gif
zakladki.ukr.net/bookmarks/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zakladki.ukr.net/bookmarks/img/addlink.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.248 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv248.fwdcdn.com
Software
nginx/1.16.1 /
Resource Hash
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:42 GMT
Last-Modified
Tue, 20 Aug 2013 02:30:01 GMT
Server
nginx/1.16.1
ETag
"5212d4a9-6dc"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
close
Accept-Ranges
bytes
Content-Length
1756
Expires
Thu, 29 Apr 2021 00:15:42 GMT
cnt.php
counter.ukr.net/c5/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/c5/cnt.php?rand=0.845446727086236&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Thu, 22 Apr 2021 00:15:41 GMT
cnt.php
counter.ukr.net/aid/portal/ 		314 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/aid/portal/cnt.php?rand=0.8686991472045797&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
91b13dca8d574a13acc7ea213346e85759447f8feb96e68eaf7a6c7420584282

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:42 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Thu, 22 Apr 2021 00:15:41 GMT
cnt.php
counter.ukr.net/lid/329/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/lid/329/cnt.php?rand=0.3145852491807728&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Thu, 22 Apr 2021 00:15:41 GMT
tracking
ghb.adtelligent.com/adunit/ 		43 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=300016&site_id=4947&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=s4w24r.10&vpbv=0773&lifecycle_tte=234
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Thu, 22 Apr 2021 00:15:42 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
pubads_impl_2021041501.js
securepubads.g.doubleclick.net/gpt/ 		299 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 08:41:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107555
x-xss-protection
0
expires
Thu, 22 Apr 2021 00:15:42 GMT
chartist.min.css
www.ukr.net/css/1/ Frame CA33 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/css/1/chartist.min.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/dat/covid19.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/1/chartist.min.css
pragma
no-cache
cookie
uid=Cj1tBGCAwC590TOrA2ulAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; can_https=1; _ga=GA1.2.1342618151.1619050543; _gid=GA1.2.924513607.1619050543
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.ukr.net
referer
https://www.ukr.net/dat/covid19.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/dat/covid19.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
vary
User-Agent
last-modified
Wed, 22 Apr 2020 15:50:12 GMT
server
nginx
etag
"5ea067b4-5db"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
content-length
1499
x-xss-protection
1; mode=block
expires
Thu, 29 Apr 2021 00:15:42 GMT
chartist.min.js
www.ukr.net/js/1/ Frame CA33 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/js/1/chartist.min.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/dat/covid19.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
de624a0a9b0ce2f2a5a44c44f80210ed7c42095f089a6109d0b29d6eecc2b074
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/1/chartist.min.js
pragma
no-cache
cookie
uid=Cj1tBGCAwC590TOrA2ulAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; can_https=1; _ga=GA1.2.1342618151.1619050543; _gid=GA1.2.924513607.1619050543
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ukr.net
referer
https://www.ukr.net/dat/covid19.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/dat/covid19.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
vary
User-Agent
last-modified
Wed, 22 Apr 2020 15:50:12 GMT
server
nginx
etag
"5ea067b4-2f28"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=604800
content-length
12072
x-xss-protection
1; mode=block
expires
Thu, 29 Apr 2021 00:15:42 GMT
1
recreativ.ru/cs/1/ Frame C4D7 		34 B
192 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recreativ.ru/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
48a704261cb0d92d91ce87329283f740a9d2523f4f3ef5cd3940a77242e19c32

Request headers

Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b16
cache-control
private, max-age=315360000
expires
Sun, 20 Apr 2031 03:15:42 +0300
1
go.rcvlink.com/cs/1/ Frame C4D7 		34 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
0d41211151488d96a3556cea1831ffd45f37bacee7f8db92c57dbb4e4d37bad3

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b23
cache-control
private, max-age=315360000
expires
Sun, 20 Apr 2031 03:15:42 +0300
truncated
/ Frame F54F 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
bundle.css
accounts.ukr.net/widget/login/css/ Frame 3058 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/css/bundle.css?63ed99eb
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
cf4f8ce4e9d310e448f37a9868c601fe20a9a8b2bf098bce26c59881f92c5a08

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 15:06:36 GMT
server
nginx
etag
W/"6075b37c-211a"
content-type
text/css
x-upstream
4510.10.20.48:5080
cache-control
max-age=1209600
expires
Thu, 06 May 2021 00:15:42 GMT
bundle.js
accounts.ukr.net/widget/login/js/ Frame 3058 		147 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/bundle.js?7939f931
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
c35f5b8b56d55e7cece8df68b398eb091a17d494357e7eb07e71b87a33b4ed04

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 15:06:36 GMT
server
nginx
etag
W/"6075b37c-24b7d"
content-type
application/javascript
x-upstream
4510.10.20.49:5080
cache-control
max-age=1209600
expires
Thu, 06 May 2021 00:15:42 GMT
m_223tgoosnikto.jpg
kinoafisha.ua/upload/2020/12/films/9389/ Frame F54F 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2020/12/films/9389/m_223tgoosnikto.jpg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1619050542741
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
be689eef89eb30083900794c6823077617878d22bfc8e0619fd4f5ab0d435950

Request headers

Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1619050542741
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
last-modified
Fri, 12 Feb 2021 11:03:07 GMT
server
nginx
etag
"6026606b-4b40"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
19264
expires
Thu, 29 Apr 2021 00:15:42 GMT
m_20f7vs84plohie-parni-3.jpg
kinoafisha.ua/upload/2017/03/films/7578/ Frame F54F 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2017/03/films/7578/m_20f7vs84plohie-parni-3.jpg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1619050542741
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
898c0927ddec0a0284ddbda0e47f02d12e1fcbc43125a50456f76062e99a4c70

Request headers

Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1619050542741
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
last-modified
Mon, 16 Dec 2019 08:40:10 GMT
server
nginx
etag
"5df742ea-5572"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
21874
expires
Thu, 29 Apr 2021 00:15:42 GMT
get
accounts.ukr.net/api/v1/cai/browser/ Frame 3058 		107 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/cai/browser/get
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?7939f931
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
3ce9d8e2e9732482f80d6cde2142feecb61569c4a35588c1c58e6d4ad4ea5330

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
server
nginx
content-type
application/json
x-upstream
4510.10.20.48:5080
expires
Thu, 22 Apr 2021 00:15:41 GMT
cache-control
no-cache
content-length
107
x-served-by
127.0.0.1:10000
get
accounts.ukr.net/api/v1/cai/browser/ Frame 3058 		107 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/cai/browser/get
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?7939f931
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
5c1205b80ad28624967b8e1f154ccef5a65979b3ab5d709bd5109f9ff4758df5

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
server
nginx
content-type
application/json
x-upstream
4510.10.20.49:5080
expires
Thu, 22 Apr 2021 00:15:41 GMT
cache-control
no-cache
content-length
107
x-served-by
127.0.0.1:10000
csyncs
ghb.adtelligent.com/ 		658 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=463287&aid2=463288&aid3=605039&aid4=607661
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
7dbd8c7566195ada3f3e2a2f33b832358d0526e1384d0217ec96264eb17da819

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:42 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
336
workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 3058 		58 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?04375957e1af052dd87a
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
338f69fe1de47efce159b38aef5d8ccb729ff5f40e6fb8eb6e5b7ad5f214dfcc

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 15:06:36 GMT
server
nginx
etag
W/"6075b37c-e602"
content-type
application/javascript
x-upstream
4510.10.20.48:5080
cache-control
max-age=1209600
expires
Thu, 06 May 2021 00:15:42 GMT
workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 3058 		58 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?04375957e1af052dd87a
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
338f69fe1de47efce159b38aef5d8ccb729ff5f40e6fb8eb6e5b7ad5f214dfcc

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 15:06:36 GMT
server
nginx
etag
W/"6075b37c-e602"
content-type
application/javascript
x-upstream
4510.10.20.49:5080
cache-control
max-age=1209600
expires
Thu, 06 May 2021 00:15:42 GMT
acquire
accounts.ukr.net/api/v1/token/verification/ Frame 3058 		27 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?7939f931
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-upstream
4510.10.20.48:5080
date
Thu, 22 Apr 2021 00:15:42 GMT
server
nginx
content-length
27
content-type
application/json
1
go.rcvlink.com/cs/1/ Frame C4D7 		34 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
48a704261cb0d92d91ce87329283f740a9d2523f4f3ef5cd3940a77242e19c32

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
Cache-Control
max-age=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-cache
t5zc79bUvWn43h0

Response headers

date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b22
cache-control
private, max-age=315360000
expires
Sun, 20 Apr 2031 03:15:42 +0300
config.json
player.adtelligent.com/exchange_rates/299917/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/299917/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b2ce8b01fadfaf4444a51c10a39a5a7bd3598cd4d40a4d58bf8c40b056ed64cc

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 00:02:09 GMT
server
nginx
etag
W/"6080bd01-19b4"
content-type
application/json
access-control-allow-origin
https://www.ukr.net
expires
Thu, 22 Apr 2021 01:15:43 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
go.rcvlink.com/bdto/5ysrIfrF92/ Frame C4D7 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=t5zc79bUvWn43h0&ver=210403-0937&w=0&h=0&vw=0&ms=127.0&ref=&
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
99c90b05e153e5395c31d5758488ea658ee15ed95f6bbe550279e44c9ee8939d

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 00:15:42 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b27
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/json
expires
Thu, 22 Apr 2021 03:15:42 +0300
sync.html
s.console.adtarget.com.tr/ Frame F044 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
6e74d7dbb84774e89bbb01d3ec2490647e716e7b59a3815772ef5113dbe03ead

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ukr.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

Server
VertaMedia 1.0
Date
Thu, 22 Apr 2021 00:15:42 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
947
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.adtelligent.com/ Frame AE85
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=804acc73-790f-48ab-b202-b1c57e9e5aad
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=804acc73-790f-48ab-b202-b1c57e9e5aad
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ukr.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=383270a38b1b3e30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

Server
VertaMedia 1.0
Date
Thu, 22 Apr 2021 00:15:43 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=383270a38b1b3e30; expires=Wed, 23 Jun 2021 00:15:43 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a319130=804acc73-790f-48ab-b202-b1c57e9e5aad; expires=Wed, 23 Jun 2021 00:15:43 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

set-cookie
viewer_token=804acc73-790f-48ab-b202-b1c57e9e5aad; path=/; domain=csync.loopme.me; Expires=Sat, 22-May-2021 00:15:42 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=804acc73-790f-48ab-b202-b1c57e9e5aad
content-length
0
date
Thu, 22 Apr 2021 00:15:42 GMT
server
_
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=383270a38b1b3e30
35 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=383270a38b1b3e30
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=383270a38b1b3e30
Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=334067520153073&correlator=3632089336276691&output=ldjh&impl=fifs&eid=31060312%2C31060740%2C31060789%2C31060505&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210422&iu_parts=17774365%2Cukr.net_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1619050542&dt=1619050542963&dlt=1619050542620&idt=305&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=583682291&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1342618151.1619050543&ga_sid=1619050543&ga_hid=758841748&ga_fc=false&fws=128&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
11a5cdba25ad7586072ad1875715ce91b174f500cd041f5d79471d59e447fb7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11941
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=334067520153073&correlator=3984471462951494&output=ldjh&impl=fifs&eid=31060312%2C31060740%2C31060789%2C31060505&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210422&iu_parts=17774365%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x145%7C300x175&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1619050542&dt=1619050542968&dlt=1619050542620&idt=305&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2005426448&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1342618151.1619050543&ga_sid=1619050543&ga_hid=758841748&ga_fc=false&fws=128&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
aee8a7d33ee42bc9d1de82b2de008bfb5899ebe7a618564abba187110af2a4f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4342
x-xss-protection
0
google-lineitem-id
5669338252
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347001982
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
099313547446a8e23d335290264927d7
st11.rcvlink.com/2/200/ Frame C4D7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/200/099313547446a8e23d335290264927d7
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.128.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
st11.recreativ.ru
Software
openresty /
Resource Hash
f5e4aefc2e3e452791806dcc3ecbb25fd1d09f836f2939cfb1bd66ec0eb12ad2

Request headers

Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
last-modified
Sun, 18 Apr 2021 19:55:35 GMT
server
openresty
etag
"607c8eb7-4c41"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
2586
expires
Wed, 21 Jul 2021 00:15:43 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.ukr.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.ukr.net
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
2681
date
Thu, 22 Apr 2021 00:15:42 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1
  • https://mug.criteo.com/sid?cpp=IM8fHXx4blNUVEZERkdWUitlNE9SRHF3M2w1b1lVQkVnMjRNUks5REpMM0wzU1RydjBvSmJGUnhWWE9vbkNuMHNkdXJBZ0pkbmJ3OWFZUlFpQ0xVeFQ2MmUxRGlMNm5LOW93cCtBOER1emdpK21YclVDZzNiam4rSTh3WF...
0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		236 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832306&size_id=15&rp_schain=1.0,1!adtelligent.com,300016,1,,,&eid_pubcid.org=df746bda-12b4-4ff5-b296-c0b5aacd9b29%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=47e90492-4023-476e-9f2c-ba4e664ad7cc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.23970836561037978
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3d6538c9180003374f0f79f5468faf229326953fe35d6d142a20bc0f3996b898

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
236
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832306&size_id=15&alt_size_ids=10&rp_schain=1.0,1!adtelligent.com,300016,1,,,&eid_pubcid.org=df746bda-12b4-4ff5-b296-c0b5aacd9b29%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=5a989449-fc7e-460b-81f8-e1cda71f4766&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7889975885545588
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
58693a49773a094a56c6e585b179f92ab57ccbbfe1e0c7524cf53b7736144297

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid.1.0.aspx
inv-nets.admixer.net/ 		2 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.0.aspx?data={%22imps%22:[{%22id%22:12204,%22name%22:%22Admixer%20premium%20bottom%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:12072,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22b2f69d9c-d99f-4bcd-a357-a6c083deaf9a%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:1649992,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22df746bda-12b4-4ff5-b296-c0b5aacd9b29%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22df746bda-12b4-4ff5-b296-c0b5aacd9b29%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,145],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528258762-0%22,%22transactionId%22:%2247e90492-4023-476e-9f2c-ba4e664ad7cc%22,%22sizes%22:[[300,145],[300,250]],%22bidId%22:%225d9d998dc36e3%22,%22bidderRequestId%22:%22482c6ce4ebe5d1%22,%22auctionId%22:%22s4w2b0.j2%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0},{%22id%22:13987,%22name%22:%22Admixer%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:14496,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22d765a0ca-a2cc-4c2c-a7cf-cc07398aab34%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:1805870,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22df746bda-12b4-4ff5-b296-c0b5aacd9b29%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22df746bda-12b4-4ff5-b296-c0b5aacd9b29%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528657150-0%22,%22transactionId%22:%225a989449-fc7e-460b-81f8-e1cda71f4766%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%226ad495decac4d8%22,%22bidderRequestId%22:%22482c6ce4ebe5d1%22,%22auctionId%22:%22s4w2b0.j2%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwww.ukr.net%2F%22}
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2
X-Xss-Protection
0
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c351a44a457cc7b9d2bbb93f4efe90462ab9050cf7ee4b2fff1e94893004a413
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:43 GMT
X-Proxy-Origin
152.89.163.4; 152.89.163.4; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid
3b6d0b1b-b77a-429a-a3e5-ed2797b71194
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adtelligent-d.openx.net/w/1.0/ 		172 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ukr.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=47e90492-4023-476e-9f2c-ba4e664ad7cc%2C5a989449-fc7e-460b-81f8-e1cda71f4766&nocache=1619050543047&pubcid=df746bda-12b4-4ff5-b296-c0b5aacd9b29&schain=1.0%2C1!adtelligent.com%2C300016%2C1%2C%2C%2C&aus=300x145%2C300x250%7C300x600%2C300x250&divIds=div-gpt-ad-1544528258762-0%2Cdiv-gpt-ad-1544528657150-0&auid=541177132%2C541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
42a26641deff15b5d2852d331c17bcef213d4ef8b04964a145c7ac62a6bd1e6e

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ukr.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
161
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5211724572833236&tz=-120&fl=0&rr=direct&s=2894403&bidid=14ce5f9b8abaaf6&transactionid=47e90492-4023-476e-9f2c-ba4e664ad7cc&auctionid=s...
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5211724572833236&tz=-120&fl=0&rr=direct&s=2894403&bidid=14ce5f9b8abaaf6&transactionid=47e90492-4023-476e-9f2c-ba4e664ad7cc&auctionid=s...
2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5211724572833236&tz=-120&fl=0&rr=direct&s=2894403&bidid=14ce5f9b8abaaf6&transactionid=47e90492-4023-476e-9f2c-ba4e664ad7cc&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x250&jst=hb&ord=5211724572833236&tz=-120&fl=0&rr=direct&s=2894403&bidid=14ce5f9b8abaaf6&transactionid=47e90492-4023-476e-9f2c-ba4e664ad7cc&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.ukr.net
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=1165093561932682&tz=-120&fl=0&rr=direct&s=2894403&bidid=157300f9452750d&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s...
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=1165093561932682&tz=-120&fl=0&rr=direct&s=2894403&bidid=157300f9452750d&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s...
2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=1165093561932682&tz=-120&fl=0&rr=direct&s=2894403&bidid=157300f9452750d&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x250&jst=hb&ord=1165093561932682&tz=-120&fl=0&rr=direct&s=2894403&bidid=157300f9452750d&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.ukr.net
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8762921657996892&tz=-120&fl=0&rr=direct&s=3622782&bidid=1662f3c3bf59ff8&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s...
  • https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8762921657996892&tz=-120&fl=0&rr=direct&s=3622782&bidid=1662f3c3bf59ff8&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s...
2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8762921657996892&tz=-120&fl=0&rr=direct&s=3622782&bidid=1662f3c3bf59ff8&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x600&jst=hb&ord=8762921657996892&tz=-120&fl=0&rr=direct&s=3622782&bidid=1662f3c3bf59ff8&transactionid=5a989449-fc7e-460b-81f8-e1cda71f4766&auctionid=s4w2b0.j2&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.ukr.net
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
0
bid
ap.lijit.com/rtb/ 		94 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.15.0-11
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
11481310946de201a8555e07f21794ab57a2d42087ae0c44ce4617b42f22e2ce

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 22 Apr 2021 00:15:43 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cdb
bidder.criteo.com/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0-11&cb=72818852684
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ukr.net
date
Thu, 22 Apr 2021 00:15:44 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
/
ghb.adtelligent.com/v2/auction/ 		1 KB
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
7a5c086aa75b66a13f248828a85bf6f46730f29d98f0343b042d75f42df90f58

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 22 Apr 2021 00:15:42 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
405
prebid.1.0.aspx
inv-nets.admixer.net/ 		2 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.0.aspx?data={%22imps%22:[{%22id%22:15960,%22name%22:%22AmplifiAdmixer%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22amplifi%22,%22entityId%22:12072,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22b335c008-b837-40e8-b569-4468a77e1c0b%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:2637829,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22df746bda-12b4-4ff5-b296-c0b5aacd9b29%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22df746bda-12b4-4ff5-b296-c0b5aacd9b29%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,145],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528258762-0%22,%22transactionId%22:%2247e90492-4023-476e-9f2c-ba4e664ad7cc%22,%22sizes%22:[[300,145],[300,250]],%22bidId%22:%22334a23f8bbbe9dd%22,%22bidderRequestId%22:%2232cb2a6e8c8d3c9%22,%22auctionId%22:%22s4w2b0.j2%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwww.ukr.net%2F%22}
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2
X-Xss-Protection
0
auction
rtb.adxpremium.services/openrtb2/ 		324 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35872bfa300b14854d843dc333781d1610f3f4988376330eff0734404f39bfe0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
099887cfdf00001f2153a72000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ckOWSROr2D%2BN9%2FfiyAYuaxzrEAdcYM2RpYbLTP8LyuNCLSTRvGOcgkm%2F3HViB28gxnuFIoBjC8pPguouoN4IspXUHc7wQfu3lpNQhFbtb4Q23EWYgma26rJ19qOXSfQmH0MLHg%3D%3D"}],"max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
643aa8c638d81f21-FRA
expires
0
/
ghb1.adtelligent.com/v2/auction/ 		481 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
0630f2682661b9c3a9661a774eb39a7f4d0ca5fcf50ef8deec0d2725c15ebc74

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 22 Apr 2021 00:15:42 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
190
cnt.php
counter.ukr.net/advert/adv/portal/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.8686991472045797&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.8686991472045797&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:46 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Thu, 22 Apr 2021 00:15:45 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=758841748&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ukr.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=qGBAAUABAAAAAC~&jid=1262543468&gjid=119220515&cid=1342618151.1619050543&tid=UA-5903420-1&_gid=924513607.1619050543&_r=1&cd1=Unregistered&cd2=n&cd3=0&gtm=2ou472&z=105885467
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=334067520153073&correlator=1618417970839368&output=ldjh&impl=fifs&eid=31060312%2C31060740%2C31060789%2C31060505&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210422&iu_parts=17774365%2Cukr.net_brend_resize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C120x600%7C160x600&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1619050543&dt=1619050543076&dlt=1619050542620&idt=305&frm=20&biw=1600&bih=1200&oid=3&adxs=130&adys=89&adks=1069264500&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=160x-1&ga_vid=1342618151.1619050543&ga_sid=1619050543&ga_hid=758841748&ga_fc=false&fws=512&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
7631c31daea159ed292225eb55dadbf86807371c6c4c14b3bda879f561b757eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17753
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
start.json
www.ukr.net/ajax/ 		60 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/ajax/start.json
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
c84c85f88daa7bc793ebdcbc973bba8567be4f7b1de75b2a3d3d932d52519f8b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
uid=Cj1tBGCAwC590TOrA2ulAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; can_https=1; _ga=GA1.2.1342618151.1619050543; _gid=GA1.2.924513607.1619050543; tracknew=1619050542554022.1619050542.1; _pbjs_userid_consent_data=3524755945110770; _pubcid=df746bda-12b4-4ff5-b296-c0b5aacd9b29; _gat_gtag_UA_5903420_1=1
:path
/ajax/start.json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
vary
User-Agent
server
nginx
x-frame-options
SAMEORIGIN
content-length
61896
x-xss-protection
1; mode=block
content-type
application/json
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5903420-1&cid=1342618151.1619050543&jid=1262543468&gjid=119220515&_gid=924513607.1619050543&_u=qGBAAUAAAAAAAC~&z=854270461
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 22 Apr 2021 00:15:43 GMT
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1619050543158.html
www.ukr.net/viewids/main/84607851,899,699,139,10,4,4,13,8,18,33,14,10,16,35,13,10,17,11,19,1,6,5,1,17,25,18,2,13,6,2,18,11,4,8,1,5,1,10,9,4,5,1,4,2,4,1,1,3,7,3,2,1,1,4,18,2,2,2,1,2,1,7,1,1,10,3,2,1... 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/viewids/main/84607851,899,699,139,10,4,4,13,8,18,33,14,10,16,35,13,10,17,11,19,1,6,5,1,17,25,18,2,13,6,2,18,11,4,8,1,5,1,10,9,4,5,1,4,2,4,1,1,3,7,3,2,1,1,4,18,2,2,2,1,2,1,7,1,1,10,3,2,1,3,1,1,1,5,2,2,3,2,2,1,2,1,2/1619050543158.html
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
uid=Cj1tBGCAwC590TOrA2ulAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; can_https=1; _ga=GA1.2.1342618151.1619050543; _gid=GA1.2.924513607.1619050543; tracknew=1619050542554022.1619050542.1; _pbjs_userid_consent_data=3524755945110770; _pubcid=df746bda-12b4-4ff5-b296-c0b5aacd9b29; _gat_gtag_UA_5903420_1=1
:path
/viewids/main/84607851,899,699,139,10,4,4,13,8,18,33,14,10,16,35,13,10,17,11,19,1,6,5,1,17,25,18,2,13,6,2,18,11,4,8,1,5,1,10,9,4,5,1,4,2,4,1,1,3,7,3,2,1,1,4,18,2,2,2,1,2,1,7,1,1,10,3,2,1,3,1,1,1,5,2,2,3,2,2,1,2,1,2/1619050543158.html
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
last-modified
Fri, 11 Nov 2016 10:00:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"582596a2-0"
vary
User-Agent
content-type
text/plain
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
top_links.png
upst.fwdcdn.com/img/1612185778/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/1612185778/top_links.png
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1612185778/top_links.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
0e9914554b80aba1f7ab23fa72b263a779d29fe29aa5d36e826fb60d8cfb9314

Request headers

Referer
https://upst.fwdcdn.com/css/1612185778/top_links.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
last-modified
Mon, 01 Feb 2021 13:23:03 GMT
server
nginx
etag
"601800b7-1278"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
4728
expires
Thu, 29 Apr 2021 00:15:43 GMT
icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 		395 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/66/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

Referer
https://upst.fwdcdn.com/css/66/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
nginx
etag
"6076e064-18b"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
395
expires
Thu, 29 Apr 2021 00:15:43 GMT
icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 		461 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/66/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

Referer
https://upst.fwdcdn.com/css/66/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
nginx
etag
"6076e064-1cd"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
461
expires
Thu, 29 Apr 2021 00:15:43 GMT
dot.svg
upst.fwdcdn.com/img/portal/main/ 		650 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/66/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

Referer
https://upst.fwdcdn.com/css/66/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Nov 2016 10:06:26 GMT
server
nginx
etag
"58259822-18e"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
content-length
398
expires
Thu, 29 Apr 2021 00:15:43 GMT
arrow.svg
upst.fwdcdn.com/img/portal/main/ 		233 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/66/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

Referer
https://upst.fwdcdn.com/css/66/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Nov 2016 10:06:26 GMT
server
nginx
etag
"58259822-bc"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
content-length
188
expires
Thu, 29 Apr 2021 00:15:43 GMT
logo160.png
go.rcvlink.com/img/ Frame C4D7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Thu, 29 Apr 2021 00:15:43 GMT
sync.html
s.adtelligent.com/ Frame 5FEE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
75f62120b95e617215684e9aef305a9c4db72d7f2326b69e9e4ee78a4c07a353

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=383270a38b1b3e30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Thu, 22 Apr 2021 00:15:43 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
887
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.console.adtarget.com.tr/ Frame EA7F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mGbX1zr7z08DJjsL1G6J&pi=admatic&tc=1
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mGbX1zr7z08DJjsL1G6J&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Thu, 22 Apr 2021 00:15:43 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=8de00546fed5e454; expires=Wed, 23 Jun 2021 00:15:43 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=mGbX1zr7z08DJjsL1G6J; expires=Wed, 23 Jun 2021 00:15:43 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date
Thu, 22 Apr 2021 00:15:43 GMT Thu, 22 Apr 2021 00:15:43 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mGbX1zr7z08DJjsL1G6J&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 2445
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d99418fe22b8ab533f1fff72e6fc429b4351cb2bea43d3a1624ab7644c726b5d

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Thu, 22 Apr 2021 00:15:43 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AHeeiU21aVBnFQ1n; path=/; domain=e-planning.net; expires=Thu, 20-Apr-2028 00:15:43 GMT; SameSite=None; Secure
expires
Thu, 22 Apr 2021 00:15:43 GMT
x-sid
AMS-746
content-encoding
gzip

Redirect headers

server
openresty
date
Thu, 22 Apr 2021 00:15:43 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-746
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 35D5 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=25283
Expires
Thu, 22 Apr 2021 07:17:06 GMT
Date
Thu, 22 Apr 2021 00:15:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame FB9B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.222.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-222-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Host
js.adscale.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

x-amz-id-2
VwyEhJArvf2Kp5z8tINV3mbhe+CW5j0aDSWJBHQJFX5LIU/lmASHpqZH1uRriHARED3E1RdAKOE=
x-amz-request-id
CK5H3V0YEWAPEX0R
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
ETag
"5550fca00caf055568d6ced373f2721f"
x-amz-version-id
ljUMRnw1Ux.L_G6sluuTuNwF_kYaf8ny
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1509
Cache-Control
max-age=300
Date
Thu, 22 Apr 2021 00:15:46 GMT
Connection
keep-alive
cookie
cm.adform.net/ Frame D383 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cm.adform.net
:scheme
https
:path
/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Thu, 22 Apr 2021 00:15:46 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 7B40 		251 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-481
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
481
cdn-storageserver
DE-51
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-04-21 22:43:04
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
b60218c8062e6a3dc9e879f86fd72b00
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame F044
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-818b35d1-3f0d-4d73-8cc0-aca035f7a155
86 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-818b35d1-3f0d-4d73-8cc0-aca035f7a155
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

location
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-818b35d1-3f0d-4d73-8cc0-aca035f7a155
date
Thu, 22 Apr 2021 00:15:50 GMT
server
Apache-Coyote/1.1
content-length
0
csync
sync.adtelligent.com/ Frame F044
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=8de00546fed5e454
86 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=8de00546fed5e454
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=8de00546fed5e454
Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5903420-1&cid=1342618151.1619050543&jid=1262543468&_u=qGBAAUAAAAAAAC~&z=803952692
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5903420-1&cid=1342618151.1619050543&jid=1262543468&_u=qGBAAUAAAAAAAC~&z=803952692
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IM8fHXx4blNUVEZERkdWUitlNE9SRHF3M2w1b1lVQkVnMjRNUks5REpMM0wzU1RydjBvSmJGUnhWWE9vbkNuMHNkdXJBZ0pkbmJ3OWFZUlFpQ0xVeFQ2MmUxRGlMNm5LOW93cCtBOER1emdpK21YclVDZzNiam4rSTh3WFEzZTcwekhBRTAvZG4rS0xIN25rWWcrTHFuSlBzR3hCZTlUREhyZWpqdnNpUTlBcXR4S2dicEhoenJuaEJWaGh1YXcrQjNFVndrTGFSM1RUUk5ZSGJlT0pUNjB5ckRoY1ZQOEtIdWorMmhtOFd0Uk5MZENVPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1007
date
Thu, 22 Apr 2021 00:15:45 GMT
content-encoding
gzip
vary
Accept-Encoding
bundle.js
cdn.admatic.com.tr/user/ Frame 7B40 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
br
cdn-edgestorageid
481
cdn-storageserver
DE-51
cdn-cachedat
2021-04-21 22:27:42
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
2c6adf7984a89b6d621ec0c379edaf09
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
container.html
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3DD7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Apr 2021 00:15:43 GMT
expires
Fri, 22 Apr 2022 00:15:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831909828443"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Thu, 22 Apr 2021 00:15:43 GMT
um
u-ams02.e-planning.net/ Frame 2445
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4aff87c7de3885af
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4aff87c7de3885af
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4aff87c7de3885af
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4aff87c7de3885af
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame 2445
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:50 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:50 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
cache-control
no-store, no-cache, must-revalidate
expires
0
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 2445 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 21 Apr 2026 00:15:43 GMT
tm60118.js
tag.navdmp.com/ Frame 2445 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
cf-cache-status
HIT
age
376
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
099887d11900004db216163000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
643aa8c82adf4db2-FRA
expires
Thu, 22 Apr 2021 01:09:27 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 2445 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 21 Apr 2026 00:15:43 GMT
um
u-ams02.e-planning.net/ Frame 2445
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4aff87c7de3885af%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4aff87c7de3885af&uid=3506db4c-02ac-43eb-83cc-c8484fb16a59
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4aff87c7de3885af&uid=3506db4c-02ac-43eb-83cc-c8484fb16a59
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:50 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:50 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4aff87c7de3885af&uid=3506db4c-02ac-43eb-83cc-c8484fb16a59
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
csnd0mau776pvto9sl160nvrvdpukb6l
ptag
a.audrte.com/ Frame 2445 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dc009431cb1d53be3fd737d4ba4bb368c70aa1f7ec5e1b09caa8ea8bc7489e10

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:50 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 2445 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 21 Apr 2026 00:15:43 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 2445 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4aff87c7de3885af%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 2445
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4aff87c7de3885af
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.85.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Thu, 22 Apr 2021 00:15:43 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 2445
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4aff87c7de3885af%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4aff87c7de3885af&uid=1725340105984438029
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4aff87c7de3885af&uid=1725340105984438029
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:43 GMT
X-Proxy-Origin
152.89.163.4; 152.89.163.4; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid
30a76b3f-7003-480a-97ff-209292e3a399
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4aff87c7de3885af&uid=1725340105984438029
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 2445 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4aff87c7de3885af%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 2445
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-QfBpgbhE2uE2ljmLauwaLXt9RtSNW4rGwNTdePI-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-QfBpgbhE2uE2ljmLauwaLXt9RtSNW4rGwNTdePI-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Thu, 22 Apr 2021 00:15:46 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-QfBpgbhE2uE2ljmLauwaLXt9RtSNW4rGwNTdePI-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 2445
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4aff87c7de3885af%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4aff87c7de3885af&uid=e56670f06c3b184ccc7c62949156d9d5cf3e66ad
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4aff87c7de3885af&uid=e56670f06c3b184ccc7c62949156d9d5cf3e66ad
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:50 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4aff87c7de3885af&uid=e56670f06c3b184ccc7c62949156d9d5cf3e66ad
Date
Thu, 22 Apr 2021 00:15:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame 2445 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 25AF 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6AB6 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4aff87c7de3885af%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=25283
Expires
Thu, 22 Apr 2021 07:17:06 GMT
Date
Thu, 22 Apr 2021 00:15:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
d
ic.tynt.com/r/ Frame 7818 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-110.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.adtelligent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.adtelligent.com/

Response headers

server
nginx/1.16.1
date
Thu, 22 Apr 2021 00:15:50 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 5FEE
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=383270a38b1b3e30
35 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=383270a38b1b3e30
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=383270a38b1b3e30
Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
csync
sync.adtelligent.com/ Frame 5FEE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a3a0b87435498867486ae984
86 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a3a0b87435498867486ae984
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
nginx
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a3a0b87435498867486ae984
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame 5FEE
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3506db4c-02ac-43eb-83cc-c8484fb16a59
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3506db4c-02ac-43eb-83cc-c8484fb16a59
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:49 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3506db4c-02ac-43eb-83cc-c8484fb16a59
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
mmk3i9h42f568j3eb4q1ip99ivp74ns6
csync
sync.adtelligent.com/ Frame 5FEE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1725340105984438029
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1725340105984438029
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:43 GMT
X-Proxy-Origin
152.89.163.4; 152.89.163.4; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.232:80
AN-X-Request-Uuid
03e9b72b-089d-4130-92cd-ae7a22de1245
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1725340105984438029
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame 5FEE
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=383270a38b1b3e30
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=383270a38b1b3e30
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=383270a38b1b3e30
Date
Thu, 22 Apr 2021 00:15:43 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3DD7 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 17:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22565
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 17:59:38 GMT
bannercode-2c3d41a0.js
trafmag.com/ Frame 3DD7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafmag.com/bannercode-2c3d41a0.js
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
ca4191751a31b0e2ff64a304011aaa03dca08ceac0df78bd496ef0fb302ff550
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
p3p
CP="NON DSP COR CURa TIA"
access-control-allow-origin
*
cache-control
no-cache
content-type
text/javascript; charset=utf-8;
content-length
2954
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3DD7 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Thu, 22 Apr 2021 00:15:43 GMT
Cookie set usermatch
ssum.casalemedia.com/ Frame BBED
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bb0b08877833dc33e7b1a9e9a3eccf7a8016f0f43c2ef0e86be55c9bed1dce20

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIDANtMEiWnu5RzOTZWOZQAA; CMPS=5218
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|241|39|41|57|105|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1708
Expires
Thu, 22 Apr 2021 00:15:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:50 GMT
Connection
keep-alive
Set-Cookie
CMID=YIDANtMEiWnu5RzOTZWOZQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Apr 2022 00:15:50 GMT CMPS=5218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Jul 2021 00:15:50 GMT CMPRO=1141;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Jul 2021 00:15:50 GMT CMRUM3=e66080c03627600&f16080c03605a0&696080c03605a0&296080c03605a00&2d6080c03605a0&276080c0360b40&036080c03605a0&396080c03605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Apr 2022 00:15:50 GMT CMST=YIDANmCAwDYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Apr 2021 00:15:50 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 22 Apr 2021 00:15:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:50 GMT
Connection
keep-alive
Set-Cookie
CMID=YIDANtMEiWnu5RzOTZWOZQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Apr 2022 00:15:50 GMT CMPS=5218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Jul 2021 00:15:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3DD7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3WOoXSnm57wQQB1VD7R1kWiUtDSrQUtu328p7gSSYrBWuo1jE03ZEvKzL1TRT17D6Ait1uadNzW3DM7Nd_DMwm059cUbnxgv5u_b-ldHSbLVr8IBjMHV7igDnUxszQPPKzLTU3Kwx9QgVE7APtQHnMDTGpKImYUX7Ud__EA6wwYLu7uGuaHi4yHCTJiulSgu2yFlQJb7Cs6Jc0D0M6ZQtLotJaMf9aRrFgVl81GG13VgavJM-y85EacXlhpbMT6w9FP6ILPRu30HQ-fhg_SUAyE14WObh6fjBBzQ2d134oy9e&sai=AMfl-YSGoQw5t9hO3DNKx0ZBM5DaCV_R40RY5qpyxZRP2NTv_7rn9M3I8GrgDCNcBZMsnPwq9S4wnj2kdxuBt553ZhwyTTn1j7z8ZEyig1R_EmxWONyKBGgINnCSh0hZxyw&sig=Cg0ArKJSzHikTa7NhenMEAE&urlfix=1&adurl=
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 00:15:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Apr 2021 00:15:43 GMT
truncated
/ Frame 3DD7 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d29aa02e0a656bb1cc442404d5dd9523eae3549e25aa751647c59c2dd2c3fea0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
spl.zeotap.com/ Frame 3CD8 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3376802e873cdb0ed98931ff5b98efa64db01aefd2f2a2cd1337ce724391e83

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-type
text/html
set-cookie
__cfduid=d786bb2f373c9e5a8b9f04eadae58d0e61619050543; expires=Sat, 22-May-21 00:15:43 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=59dc400c-7e29-4d3a-781b-2cf993fa7a25; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%88%A6zi%EF%8EI%01%AEl%E12kuw%99%2A%09%ACy_%2A%C1%1BtG%5E%96%24r%1C%DF%AB%9F%03Pr%E3%E7%1D%0F%03%08%7C%7B%25C%A7%FB%5E%2C%A7r%16%A8-%E3%B4%E4%9C%D3%CA%BA%05%8F%FC%90%DE%0F%B5%AF4%0D%BD%DD%3A%FFt%401%8B%3D%3F%F5%5C%E22%D2%AF7%7Cm3%94%B7%FE%11%89%EE%F3%7DC%EA%DF8%5ES%BB%1AfY%BF%E1%27%CB%DF%8EB%DF%82%BF%B4%9A%EE%D1~%D03%C9%FE%C7%F3%A01%AD%C0%1F%3D%C3l%19%0E%5C%C7%F9%09~%BF%09%5B%A3%FAQA%11Qa90%21P%D3%9F%89q%F1%94.; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
099887d18e0000befbe197c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
643aa8c8ea19befb-FRA
content-encoding
br
style.css
cs03.trafmag.com/banners/rozetka300x146v2/ Frame 3DD7 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cs03.trafmag.com/banners/rozetka300x146v2/style.css?rnd=778
Requested by
Host: trafmag.com
URL: https://trafmag.com/bannercode-2c3d41a0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
78a950d5468e108a83fd66bc5394400365b46f9645c742b24133c53100f558be

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Mon, 30 Nov 2020 16:30:02 GMT
server
nginx
etag
"5fc51e0a-c95"
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
3221
expires
Thu, 29 Apr 2021 00:15:46 GMT
main.js
cs03.trafmag.com/banners/rozetka300x146v2/ Frame 3DD7 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs03.trafmag.com/banners/rozetka300x146v2/main.js?rnd=778
Requested by
Host: trafmag.com
URL: https://trafmag.com/bannercode-2c3d41a0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
528cda079b4743d154dba29ca5608946877e132a95c35602cfcc307b2f5303c5

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Mon, 28 Dec 2020 09:29:02 GMT
server
nginx
etag
"5fe9a55e-19cd"
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
6605
expires
Thu, 29 Apr 2021 00:15:46 GMT
afclid
afl.rozetka.com.ua/ Frame 3DD7 		0
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://afl.rozetka.com.ua/afclid?rnd=0.7810861079443314
Requested by
Host: trafmag.com
URL: https://trafmag.com/bannercode-2c3d41a0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.15 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:43 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
P3P
CP="NON DSP COR CURa TIA"
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
0
logo.png
cs03.trafmag.com/banners/rozetka300x146v2/ Frame 3DD7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/banners/rozetka300x146v2/logo.png?rnd=1
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
1aec2bdc267370ccba729825eb4699cba852cb311f4469dfaa209683c7e48e39

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Tue, 18 Jun 2019 12:26:08 GMT
server
nginx
etag
"5d08d860-13fd"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
5117
expires
Thu, 29 Apr 2021 00:15:46 GMT
7115cd0f3cebd9c795f3a816c9b74e2e.jpg
cs03.trafmag.com/images/posters/ Frame 3DD7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/7115cd0f3cebd9c795f3a816c9b74e2e.jpg
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
d32420f85cf50a4ecef5c6868b93457af472761c4d76b0ee58010ce62649bb1a

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Wed, 03 Mar 2021 22:38:02 GMT
server
nginx
etag
"60400fca-eea"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3818
expires
Thu, 29 Apr 2021 00:15:46 GMT
1a55bc4ce2404cf8d1637e64e59d19f5.jpg
cs03.trafmag.com/images/posters/ Frame 3DD7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/1a55bc4ce2404cf8d1637e64e59d19f5.jpg
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
89a3b5a8d71ec59776930e967da98d383d99888e53f0f2f5821c91641cef9bea

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Wed, 17 Mar 2021 22:38:02 GMT
server
nginx
etag
"605284ca-fe8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4072
expires
Thu, 29 Apr 2021 00:15:46 GMT
c9156a2696113dfa071ffe16942f0998.jpg
cs03.trafmag.com/images/posters/ Frame 3DD7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/c9156a2696113dfa071ffe16942f0998.jpg
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
8c164e5c615f542b4b3f9d1db91a16cf781ee0197a296ee4fb067d3568f097b2

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Wed, 10 Jun 2020 17:38:03 GMT
server
nginx
etag
"5ee11a7b-c13"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3091
expires
Thu, 29 Apr 2021 00:15:46 GMT
a19b99b01e29e910d639974e877e29a5.jpg
cs03.trafmag.com/images/posters/ Frame 3DD7 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/a19b99b01e29e910d639974e877e29a5.jpg
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
8685f7ed6d8d551c84697fcef01c8a5f8cf25b50ba1d07fdc798bd1efb0eb6ca

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Thu, 30 Apr 2020 09:41:02 GMT
server
nginx
etag
"5eaa9d2e-91a9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
37289
expires
Thu, 29 Apr 2021 00:15:46 GMT
8a43dc01645b4094227009eb05a73ef3.jpg
cs03.trafmag.com/images/posters/ Frame 3DD7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/8a43dc01645b4094227009eb05a73ef3.jpg
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
048abc184d47b80d42b3bbfee60e02bbfa7726cc2f049791a7edd6278d12322b

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Mon, 20 Apr 2020 21:38:02 GMT
server
nginx
etag
"5e9e163a-12bf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4799
expires
Thu, 29 Apr 2021 00:15:46 GMT
a8337620bd8cdacc7f2cfbedfbcd8655.jpg
cs03.trafmag.com/images/posters/ Frame 3DD7 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/a8337620bd8cdacc7f2cfbedfbcd8655.jpg
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
b6a6c3c3bc3994b99e6fe926a48ffbf8162b2e0196aaf6fc0481f792f78d2e39

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Thu, 02 Jul 2020 13:06:02 GMT
server
nginx
etag
"5efddbba-7c0f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
31759
expires
Thu, 29 Apr 2021 00:15:46 GMT
bstbd14ff5e25cef1b1dd50e4165f1f55e1.gif
trafmag.com/ Frame 3DD7 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafmag.com/bstbd14ff5e25cef1b1dd50e4165f1f55e1.gif?site_id=1672&informer_id=0&rnd=1619050543415440090
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
cache-control
must-revalidate
content-type
image/gif
server
nginx
p3p
CP="NON DSP COR CURa TIA"
x-frame-options
SAMEORIGIN
expires
Wed, 01 Sep 2012 11:11:11 GMT
link_dot.png
cs03.trafmag.com/banners/rozetka300x146v2/ Frame 3DD7 		95 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/banners/rozetka300x146v2/link_dot.png
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
c581cfab3bce30352233131a4cbc18385b63982e86a0d9c97172ea12b188b282

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
last-modified
Tue, 18 Jun 2019 12:26:08 GMT
server
nginx
etag
"5d08d860-5f"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
95
expires
Thu, 29 Apr 2021 00:15:46 GMT
getuid
ib.adnxs.com/ Frame 3CD8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIUmZWqv-AFKkuhP2dki5Eg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c6...
95 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEIUmZWqv-AFKkuhP2dki5Eg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8d49bfbbefb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d8db0000befb0d2e5000000001

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEIUmZWqv-AFKkuhP2dki5Eg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=e1265cc5-a2ff-11eb-a57c-ee4330ad0bed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=e1265cc5-a2ff-11eb-a57c-ee4330ad0bed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8cdeac8befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d4b10000befb03b9f000000001

Redirect headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=e1265cc5-a2ff-11eb-a57c-ee4330ad0bed&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 3CD8 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:46 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1...
  • https://mwzeom.zeotap.com/mw?cid=e7c15faf-476e-436c-af55-4dbbba49c90f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=e7c15faf-476e-436c-af55-4dbbba49c90f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8e31e56befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887e1f20000befbeea3a000000001

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=e7c15faf-476e-436c-af55-4dbbba49c90f&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 3CD8 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 22 Apr 2021 00:15:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1619050547.828620,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19146-FRA
u
dmp.v.fwmrm.net/ad/ Frame 3CD8 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.57.158.51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:49 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3CD8 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:46 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=43cfaed4-4b35-4aec-bf92-422118e4afb7&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=43cfaed4-4b35-4aec-bf92-422118e4afb7&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8ca5a52befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d2780000befb1022c000000001

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:43 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=43cfaed4-4b35-4aec-bf92-422118e4afb7&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=59dc400c-7e29-4d3a-781b-2cf993fa7a25&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=59dc400c-7e29-4d3a-781b-2cf993fa7a25&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=12664080161612308071023987694398849280&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-...
95 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=12664080161612308071023987694398849280&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8d09b31befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d65b0000befbd7857000000001

Redirect headers

DCS
dcs-prod-irl1-1-v004-09822b98c.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HzbbNQdYTpo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=12664080161612308071023987694398849280&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 3CD8 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=59dc400c-7e29-4d3a-781b-2cf993fa7a25&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021042202-97751-0.517600001619050544-62e92936ea9bd0dba20828fe84ef9c0b&zdid=533&env=mWeb
95 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021042202-97751-0.517600001619050544-62e92936ea9bd0dba20828fe84ef9c0b&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8ccca99befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d4020000befbf0923000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021042202-97751-0.517600001619050544-62e92936ea9bd0dba20828fe84ef9c0b&zdid=533&env=mWeb
Date
Thu, 22 Apr 2021 00:15:44 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6953769137053366424&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6953769137053366424&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8cd4aacbefb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d4500000befbfbb90000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6953769137053366424&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Date
Thu, 22 Apr 2021 00:15:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 3CD8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=59dc400c-7e29-4d3a-781b-2cf993fa7a25
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=59dc400c-7e29-4d3a-781b-2cf993fa7a25
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=59dc400c-7e29-4d3a-781b-2cf993fa7a25
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=59dc400c-7e29-4d3a-781b-2cf993fa7a25
alt-svc
clear
content-length
0
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=59dc400c-7e29-4d3a-781b-2cf993fa7a25&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=59dc400c-7e29-4d3a-781b-2cf993fa7a25&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=xA00FgPdMVbP46un7CAdC.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-42...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=xA00FgPdMVbP46un7CAdC.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8ce4ad6befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d4ea0000befb08835000000001

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
last-modified
Thu, 22 Apr 2021 00:15:44 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=xA00FgPdMVbP46un7CAdC.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 3CD8 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=59dc400c-7e29-4d3a-781b-2cf993fa7a25&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.107 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:45 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=59dc400c-7e29-4d3a-781b-2cf993fa7a25?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=59dc400c-7e29-4d3a-781b-2cf993fa7a25?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=f8b16faa690e570392ece1e9cb2bf986&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bb...
95 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=f8b16faa690e570392ece1e9cb2bf986&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8e23e2cbefb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887e1620000befbf0953000000001

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:47 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=f8b16faa690e570392ece1e9cb2bf986&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
cache-control
no-cache
x-server
10.45.5.83
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-zmCKgM1E2opMEUpDxUUhvdqwHGRtUM8KMw--~A&zpartnerid=570&env=mWeb
95 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-zmCKgM1E2opMEUpDxUUhvdqwHGRtUM8KMw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8d18b76befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d6f50000befbd785b000000001

Redirect headers

date
Thu, 22 Apr 2021 00:15:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-zmCKgM1E2opMEUpDxUUhvdqwHGRtUM8KMw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lVpII2ASj4kLyYT7Iv%2F75DzPtHJZ25lc%2BS41iYitP1U%3D
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lVpII2ASj4kLyYT7Iv%2F75DzPtHJZ25lc%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8d21b90befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d74f0000befb1023d000000001

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:44 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lVpII2ASj4kLyYT7Iv%2F75DzPtHJZ25lc%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 3CD8 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=59dc400c-7e29-4d3a-781b-2cf993fa7a25&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:45 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 3CD8 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.10.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-10-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1619050545
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 3CD8 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=59dc400c-7e29-4d3a-781b-2cf993fa7a25&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.85.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:45 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YIDAMgAAXv9I7QA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-948...
95 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YIDAMgAAXv9I7QA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&_test=YIDAMgAAXv9I7QA4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8d9fd00befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887dc370000befb0d2f1000000001

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619050546.227396,VS0,VE0
x-served-by
cache-hhn4046-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YIDAMgAAXv9I7QA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&_test=YIDAMgAAXv9I7QA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=7eac6080-c031-4400-aa43-ead5f8ee4252&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c64...
95 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7eac6080-c031-4400-aa43-ead5f8ee4252&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8d37bd0befb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887d82a0000befbfbba0000000001

Redirect headers

Date
Thu, 22 Apr 2021 00:15:45 GMT
Server
MT3 3660 495c301 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=7eac6080-c031-4400-aa43-ead5f8ee4252&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Thu, 22 Apr 2021 00:16:59 GMT
usermatch.gif
beacon.krxd.net/ Frame 3CD8
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OE1kyLmj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=59dc400c-7e29-4d3a-781b-2cf993fa7a25
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=59dc400c-7e29-4d3a-781b-2cf993fa7a25
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.10.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-10-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1619050545
x-served-by
beacon-n008-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 22 Apr 2021 00:15:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=59dc400c-7e29-4d3a-781b-2cf993fa7a25
access-control-allow-credentials
true
cf-ray
643aa8d59c31befb-FRA
access-control-allow-headers
*
cf-request-id
099887d97c0000befbe1999000000001
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3CD8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=59dc400c-7e29-4d3a-781b-2cf993fa7a25&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=59dc400c-7e29-4d3a-781b-2cf993fa7a25&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=59dc400c-7e29-4d3a-781b-2cf993fa7a25&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=59dc400c-7e29-4d3a-781b-2cf993fa7a25&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3CD8
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=59dc400c-7e29-4d3a-781b-2cf993fa7a25&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
643aa8e8ff5abefb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099887e5970000befbd1b7b000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Thu, 22 Apr 2021 00:15:48 GMT
Connection
keep-alive
Content-Length
0
BK-Server
8bd8
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 3CD8 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D59dc400c-7e29-4d3a-781b-2cf993fa7a25%26reqId%3D1af8c643-bbd9-4200-4f91-94808ac0a36c%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.253.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:45 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 3CD8 		557 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a09bceb764c3d3dfb656dacf491137ee904cb2186a6deedb99436788e209655

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
643aa8c93a22befb-FRA
date
Thu, 22 Apr 2021 00:15:43 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
099887d1c00000befbdf97b000000001
container.html
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E052 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Apr 2021 00:15:43 GMT
expires
Fri, 22 Apr 2022 00:15:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
showad.js
ads.pubmatic.com/AdServer/js/ Frame B8F9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=136014
Expires
Fri, 23 Apr 2021 14:02:37 GMT
Date
Thu, 22 Apr 2021 00:15:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
container.html
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E675 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Apr 2021 00:15:43 GMT
expires
Fri, 22 Apr 2022 00:15:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012103020108001/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b08f507be9178208cdb6c60463bb0a2355ee7bd9943fc6efbe357d87ed0f2676
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
145280
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7390
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 07:54:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ee5fd327122cd2d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 07:54:23 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210419/r20110914/client/ Frame E052 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210419/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 00:12:11 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E052 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKqynL8CAYMCXB4Xd7_UPgtWSwA3gw56QYrXoguesDYCXq8jZIRABIJWn_A1glfrwgYwHoAH-xbLOAsgBCeACAKgDAcgDmwSqBNoBT9Ayh3N_d4OUjfcxZPwAYu3GppBxErm5_WhOu3iCIQsvAU6bo3ZCrJtdEivgJdm_l2389mKZMcNYgG25LvHSiU_AFI7sLye5ELKEbUlLPlQW2RCekSRzW6VF8BtwHMw-E3rRjwBSBUOmUyBGfFEIeF-bBDLzuozeu0_5OqQBlfeZay1A7-kYQQ5R_4EAvHW4Jr7fdNmsAKCJMx20KP6MyW7dRlpTvblu0ttFt9lQtJvu2pPKX1c8w920R4yOG-912tnQ3GfAU3mPNy_bdW6KUNgRCgyqpCapx5DABKmhksbnAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfquc2xAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ0NUI0ggJCIDhgFAQARgdgAoByAsB2BMLshcaChgIABIUcHViLTczMDIwMzYwODg3Njk0MTc&sigh=yCi-b_rWyhQ&template_id=494
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210419/r20110914/ Frame E052 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210419/r20110914/abg_lite_fy2019.js
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ef94bf64859083c25bdd7a2d317afc825ac1d2a3e3721239d79dee9a71376cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
3400864208869547588
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 00:04:51 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210419/r20110914/client/ Frame E052 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210419/r20110914/client/window_focus_fy2019.js
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 00:13:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E052 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Thu, 22 Apr 2021 00:15:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210419/r20110914/client/ Frame E052 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210419/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 00:12:33 GMT
l
www.google.com/ads/measurement/ Frame E052 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSq-R_B0viiwILOcR_YPhbTLSN_m9UK8RvHCaSDIsdNxLcRtSlL5tmGyWY7L-zTvaCWUyhU
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b42b11247d0ebeb7b44892ca7e629453.js
www.gstatic.com/mysidia/ Frame E052 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 10:35:46 GMT
server
sffe
age
47546
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10497
x-xss-protection
0
expires
Tue, 20 Jul 2021 11:03:17 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9B7E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4aff87c7de3885af%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4aff87c7de3885af%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4aff87c7de3885af%26uid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=136014
Expires
Fri, 23 Apr 2021 14:02:37 GMT
Date
Thu, 22 Apr 2021 00:15:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame B8F9 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=2754039&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:46 GMT
Content-Length
0
shopping
encrypted-tbn2.gstatic.com/ Frame E052 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRSLd3i6q9NnPFb5eTERhSD8dUW5AZ9X8g_3I2jP8umdNA0Wtlho43nI-PV0DQ&usqp=CAI
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b8c4b860d14e6858d77f4de18b232de5f7d43ae99691db07e92416e91f0aa1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:17:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Aug 2020 15:56:47 GMT
server
sffe
age
597493
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31301
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:17:30 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame E052 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSCy3Fc_B9pi5zzTtGmAEM8X1DFOXcW37Ewk7Gy7S2cS44jfB2nKuyBpvbkuQ0&usqp=CAI
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d22c03d0444c9836c52ee77100d534c017ea408c6806057c349691e23b615fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:05:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Sep 2020 15:03:21 GMT
server
sffe
age
310217
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23931
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:05:26 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E052 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSp9JoZFIxigC6nNInHCNPOGM_kDhMD1lcW1p9vV6-_Hu2SVYj-XmJrZfpsbg&usqp=CAI
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49f18021166fa8c8626f72727b5b77a772081649ce3154788b00ba4791250a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 03:55:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Aug 2019 07:43:50 GMT
server
sffe
age
591634
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31501
x-xss-protection
0
expires
Fri, 15 Apr 2022 03:55:09 GMT
8720707406544737770
tpc.googlesyndication.com/simgad/ Frame E052
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn0YHZhwEQ9AMY9AMyCBly5q0lZL0G
  • https://tpc.googlesyndication.com/simgad/8720707406544737770
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8720707406544737770
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2a6ae70abaadb5abee3317bfe13b653baaca295c18df5d1324d4b86494a79c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:49:15 GMT
x-content-type-options
nosniff
age
595588
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19698
x-xss-protection
0
last-modified
Mon, 09 Dec 2019 03:27:54 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Apr 2022 02:49:15 GMT

Redirect headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 19:23:53 GMT
x-content-type-options
nosniff
server
cafe
age
17510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/8720707406544737770
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 21 May 2021 19:23:53 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame E675 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
66426
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 21 Apr 2021 05:48:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 05:48:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E675 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221921
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E675 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221921
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E675 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221921
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E675 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
97088
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 21:17:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 21:17:35 GMT
css
fonts.googleapis.com/ Frame E675 		6 KB
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 23:10:49 GMT
server
ESF
date
Thu, 22 Apr 2021 00:15:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Apr 2021 00:15:43 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E675 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 16:24:53 GMT
x-content-type-options
nosniff
server
cafe
age
28250
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Thu, 22 Apr 2021 16:24:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E675 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 21:00:17 GMT
x-content-type-options
nosniff
server
cafe
age
11726
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 22 Apr 2021 21:00:17 GMT
l
www.google.com/ads/measurement/ Frame E675 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSILRXgumjQh-zygwTTkDN2qAlkaU9wJfcaIZhlpIoGM1mgiJF4PoUjB5ibHV89dZiyxL1W
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame E675 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiewhL8CAYIow7tXv9Q_O0bTYDujP_-5hoq_Dw_kL29keEAEglaf8DWCV-vCBjAegAZXP6PEDyAEJqQKQzIavbjC0PuACAKgDAcgDCqoE1gFP0HDgIIa23N8tyiN5pVEHlb4D-4nzbis4H6euTUr1GGy1PyFdclB8V8XpW5c0KhLjeUAV9uWzD9Y0UHUTatdD9M_wmIabpobIVDmq2RkxkkHBkgUqn-bmatI78XrDCYxCaOpljZLE-vgZNMCqRYtlA6rAEi1uQnBc-UNg8vB_eNc1qtqS9EtIISBnZfC0wls2KXBBCAadzDxOh0vRoXPH7re-oePR4VoLJZ6HhB4AIfOnqYK5ufUfWh70n1Eemki_elOKZ2XXCsUcQBk3EuStgp9oTQKcwAS-kN6ajQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH07CXDqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCIkgrSCAkIgOGAUBABGB2ACgHICwHYEw2IFAWyFxoKGAgAEhRwdWItNzMwMjAzNjA4ODc2OTQxNw&sigh=wg5BecUW4LY&template_id=484
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cmp
spl.zeotap.com/ Frame 3CD8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=59dc400c-7e29-4d3a-781b-2cf993fa7a25&reqId=1af8c643-bbd9-4200-4f91-94808ac0a36c&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=59dc400c-7e29-4d3a-781b-2cf993fa7a25; zsc=%88%A6zi%EF%8EI%01%AEl%E12kuw%99%2A%09%ACy_%2A%C1%1BtG%5E%96%24r%1C%DF%AB%9F%03Pr%E3%E7%1D%0F%03%08%7C%7B%25C%A7%FB%5E%2C%A7r%16%A8-%E3%B4%E4%9C%D3%CA%BA%05%8F%FC%90%DE%0F%B5%AF4%0D%BD%DD%3A%FFt%401%8B%3D%3F%F5%5C%E22%D2%AF7%7Cm3%94%B7%FE%11%89%EE%F3%7DC%EA%DF8%5ES%BB%1AfY%BF%E1%27%CB%DF%8EB%DF%82%BF%B4%9A%EE%D1~%D03%C9%FE%C7%F3%A01%AD%C0%1F%3D%C3l%19%0E%5C%C7%F9%09~%BF%09%5B%A3%FAQA%11Qa90%21P%D3%9F%89q%F1%94.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Thu, 22 Apr 2021 00:15:43 GMT
set-cookie
__cfduid=da7ce46a287ce4087f82e43a681904c141619050543; expires=Sat, 22-May-21 00:15:43 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
099887d20f0000befbdf97c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
643aa8c9ba34befb-FRA
2076313506083323656
tpc.googlesyndication.com/simgad/8069427594818656131/ Frame E675 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8069427594818656131/2076313506083323656
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d807044f0298d95066f8f5d8e2305186fc1fd3b0ad81a76e1abfd60eb26ee4fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:05:13 GMT
x-content-type-options
nosniff
age
328230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32014
x-xss-protection
0
last-modified
Fri, 10 Jul 2020 11:41:37 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 05:05:13 GMT
truncated
/ Frame E675 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2ea26c7f8e218a2abe5906009ed800b759f79b0428e0508a0ad08a003f40ae1

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E675 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4b187482938659b396dbc0481a05877f23745bd288fe9d20276832ff9b6ecc6

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E052 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d15cfa791353ad869a5b2a5b1b68deb6ab691d290ff9fdbe033d2ff5e41e7ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E675 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
183595
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 19 Apr 2022 21:15:48 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E675 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
330740
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 18 Apr 2022 04:23:23 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E675 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 16:24:53 GMT
x-content-type-options
nosniff
server
cafe
age
28250
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Thu, 22 Apr 2021 16:24:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E675 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 21:00:17 GMT
x-content-type-options
nosniff
server
cafe
age
11726
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 22 Apr 2021 21:00:17 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Thu, 22 Apr 2021 00:15:43 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 00:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 00:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=334067520153073&correlator=1251260660405658&output=ldjh&impl=fifs&eid=31060312%2C31060740%2C31060789%2C31060505&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210422&iu_parts=17774365%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x145%7C300x250%2C300x600%7C300x250&fsfs=1%2C1&fsbs=1%2C1&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie=ID%3Ddf01f488cc87473d-225ed994edc700ac%3AT%3D1619050542%3AS%3DALNI_MaM4tfQLFgCx5X6F1dBb1tde6Sfjg&bc=31&abxe=1&lmt=1619050544&dt=1619050544345&dlt=1619050542620&idt=305&frm=20&biw=1600&bih=1200&oid=3&adxs=995%2C995&adys=1096%2C2584&adks=4227265388%2C1469812228&ucis=4%7C5&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x953%7C300x600&msz=300x145%7C300x600&psts=AGkb-H8ut9J26l-jUyIY-HUyzJrTDBrxnU6KpOp2Bm5YRkBc3Ux0qtVZc4KmsXiWDFVlu3mmmzaJozqXV81I&ga_vid=1342618151.1619050543&ga_sid=1619050543&ga_hid=758841748&ga_fc=false&fws=0%2C0&ohw=0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ae331ea9e94daabf20845849890420c9fbb6e920f84ea6fa0b53d15b264c177c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15559
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 23 Apr 2021 00:15:44 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:44 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 23 Apr 2021 00:15:44 GMT
container.html
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FBBA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Apr 2021 00:15:43 GMT
expires
Fri, 22 Apr 2022 00:15:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A05 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Apr 2021 00:15:43 GMT
expires
Fri, 22 Apr 2022 00:15:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame E052 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkvg0FwWmRaEf4KxDDyF2fDg2eK9xuAetKH0iGS7mv02GDkjI3rVwwD8WcKJ_QKUZcFju8MstxHM0A_ocjDRgxqQl7Kd4-7XHTl3gODh4__JXM2MmqNG01XWiC6w&sai=AMfl-YSMWvqG8TZLw0fR3_gNXdYaGH5qwZ_CqQ_XzbScWBA3NQ8LsmsHd591DKrpUvnCSZy_k3SvLbhNp62f0wjMN9R9dB5OBixg0Tq7_hQIKCZmKkZgvmybeRMwOoIx9-I&sig=Cg0ArKJSzExEbj7DVS9FEAE&cid=CAASPeRobYWZb1BPrNTanUa6o3sW9EG4gl86gTwIDK-zVejsOU9naozinlVd565ruUjaCcDrZw-jEX9zafEpVE0&id=lidar2&mcvt=1009&p=89,170,689,290&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1069264500&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619050543556&dlt=23&rpt=1&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame FBBA 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
66427
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 21 Apr 2021 05:48:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 05:48:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame FBBA 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221922
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame FBBA 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221922
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame FBBA 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221922
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame FBBA 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
97089
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 21:17:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 21:17:35 GMT
css
fonts.googleapis.com/ Frame FBBA 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 23:10:14 GMT
server
ESF
date
Thu, 22 Apr 2021 00:15:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Apr 2021 00:15:44 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FBBA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 16:24:53 GMT
x-content-type-options
nosniff
server
cafe
age
28251
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Thu, 22 Apr 2021 16:24:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FBBA 		344 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 21:00:17 GMT
x-content-type-options
nosniff
server
cafe
age
11727
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 22 Apr 2021 21:00:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FBBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cgz14MMCAYJqfGNeV7_UPsY2rgAaIy5q1YaPz56mwDb20voKAJBABIJXUmR9glfrwgYwHoAHNr5nTAcgBCakCkMyGr24wtD7gAgCoAwHIAwqqBNcBT9CuwV1QBKk9b1Z-8-ydA-m9NQNrzJHC2DvDsPw9-DfxRo7Njei5THzKg05OH_eIqyQW0_ox1D7nfNnx7p7IFzPwRP4hg7R8e1Qe2ew81-r-bTFM-ximgsuj1nWBxDnDjv5jt7qJKCagWsmILBBpbWunI59IkLnWJuvfV5tWVLMLNHFbXO9KqHcEA5RHzFjTXjv-1dquP1d66JJCQ6X42sQa8gR6Qpkhp-rhZkETnLZd6RQeOGfN4WeQb7g53aSxfQANHtLZvyMtJhSnU0kDDmnZ_mynKV7ABOCgx9S1A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeb0OasAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCt6wTSCAkIgOGAEBABGB2ACgPICwHYEw2IFAGyFxoKGAgAEhRwdWItNjM1NzE1NzAyMDg4MTc5Nw&sigh=Ox_JnVK9qX8&template_id=484
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 9A05 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
66427
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 21 Apr 2021 05:48:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 05:48:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9A05 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221922
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9A05 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221922
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9A05 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
221922
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Mon, 19 Apr 2021 10:37:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 10:37:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9A05 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
97089
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 21:17:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 21:17:35 GMT
css
fonts.googleapis.com/ Frame 9A05 		4 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 23:18:12 GMT
server
ESF
date
Thu, 22 Apr 2021 00:15:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Apr 2021 00:15:44 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9A05 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 16:24:53 GMT
x-content-type-options
nosniff
server
cafe
age
28251
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Thu, 22 Apr 2021 16:24:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9A05 		344 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 21:00:17 GMT
x-content-type-options
nosniff
server
cafe
age
11727
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 22 Apr 2021 21:00:17 GMT
l
www.google.com/ads/measurement/ Frame 9A05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKJUKN8mKKbO7yO3Nw9Tc_buDVY0g6_5p_sR6nVK--nt7MN--55oTqnMQStygM7dO8Cl0aGBeEQgEgQUm7jP5zaaZSXA
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 9A05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtWSZMMCAYNegGNeV7_UPsY2rgAbu-ZyNYr7Gt9evDZT5-qGpIxABIJWn_A1glfrwgYwHoAGUs-SvAsgBCakCkMyGr24wtD7gAgCoAwHIAwqqBNoBT9AsT37ksKn4uT1cUhw5NLT_7YFkDedSW5w8Mb-bObfltboifhNgPvcOp0katj9vu4HyhQFmg59msSN3qVKI1GJZQ2MGo99cOXQ6cfw5xTuL6xU_mEXP-TQiSfaX7CeXblVFw7gJfL5B4FVGeAFTVEn6GT40WY95-ww1MMzcaI7LRRopsUQFRA4FZGRcAncDVIRh_VrCg9YrYoppx05oQwzc4J3LbFITqDcS9xGw6Bo5pBbBP4WNzv8SvJIP8xDNfwVQEOd3ltiUD5lMrQ5a9fEoTAN_0ftl6WrABOPzlPbCA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfn2ZTuAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCqggLSCAkIgOGAEBABGB2ACgHICwG4E4gn2BMNiBQCshcaChgIABIUcHViLTczMDIwMzYwODg3Njk0MTc&sigh=NGeFS6cjw8Q&template_id=5000
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/1361053054963661229/ Frame FBBA 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1361053054963661229/2076313506083323656
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b04d41740bc71428f2ebe8420ccdc7f3231e39786ef39a790786d1e0ac6bb824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 23:28:05 GMT
x-content-type-options
nosniff
age
89259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34859
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 14:58:41 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 23:28:05 GMT
truncated
/ Frame FBBA 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8fa73b24973972446ee111e924106308ee4968cfa0f1d962d465e6aa9bc7e40

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FBBA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9648ae642d57cdca0a0fa125e7edc4822c286d689e4b200e401c822b4eeff0a2

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/12220735705325160899/ Frame 9A05 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12220735705325160899/downsize_200k_v1?w=300&h=300
Requested by
Host: 32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
URL: https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47bfec901a77fb4b8bf0d08da97fb6fa95263ddea82fa2e1c688d672a6184c6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 14:24:48 GMT
x-content-type-options
nosniff
age
35456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8113
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 15:26:16 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 14:24:48 GMT
truncated
/ Frame 9A05 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9A05 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d8ce7d47265b5038ff7ced03530b14492db839337cb6c33aa1737a9fc1f2902

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FBBA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
183596
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 19 Apr 2022 21:15:48 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FBBA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
330741
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 18 Apr 2022 04:23:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9A05 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 00:12:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
173013
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 20 Apr 2022 00:12:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9A05 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
183596
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 19 Apr 2022 21:15:48 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9A05 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 16:24:53 GMT
x-content-type-options
nosniff
server
cafe
age
28251
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Thu, 22 Apr 2021 16:24:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9A05 		344 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 21:00:17 GMT
x-content-type-options
nosniff
server
cafe
age
11727
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 22 Apr 2021 21:00:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E675 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBRbWuQQ-BuOetZFWSNo3A-6uTkE2LPSV6QJ_srEeqZLsokfK-3kn0jl4pLncuh62Sy5_4BcL_TMR_Tyo1Y6_EBfOmaRxcz2NXLCYUp9dbW_OxS3oR53RCXP2ex9fRrENjLIFQhsCnrCzDulnD8rDg&sai=AMfl-YQz4KlvpTeLgbasZ6EnohTh9wxAcbrWljn5MRIFQdU4EipKVM-USZ5xQJcP5AbkOxD-g9r7kpAgPuJxucr48WzgDPdx3syzpXbY9r65kguxZoAsRmjhFKgNcrXSIRuY&sig=Cg0ArKJSzBInVoyas87kEAE&cid=CAASPeRouEgjgJb3gyfo94jPAGSmZ0Zved_kNcThYpk5A-pSS52f1zoif_D39DYKnFBTyhxtGYIQOm68MljvKj8&id=ampim&o=995,196&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1025&mtos=0,0,1025,1025,1025&tos=0,0,1025,0,0&tfs=209&tls=1234&g=100&h=100&tt=1234&r=v&avms=ampa&adk=583682291
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Thu, 22 Apr 2021 00:15:44 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
v2_300016_4947.json
player.adtelligent.com/prebidlink/2698417/ 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2698417/v2_300016_4947.json?cb=www.ukr.net
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
484aafb52acf99918dec093b6c3033f2363bad4c6f35dabceab7d6462971fad5

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:45 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 12:10:57 GMT
server
nginx
etag
W/"60801651-6bc5"
content-type
application/json
access-control-allow-origin
https://www.ukr.net
expires
Thu, 22 Apr 2021 01:15:45 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
uu
ih.adscale.de/ Frame FB9B
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1619050546
  • https://ih.adscale.de/uu?cbfn=receive&t=1619050546&nut&uu=6de55f67c2254f83a9930f62cee0d12a
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1619050546&nut&uu=6de55f67c2254f83a9930f62cee0d12a
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a76ff77dbdea1a277fd62f03b21028a13d63485131c8611abba545b11afbe78b

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:47 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1619050546&nut&uu=6de55f67c2254f83a9930f62cee0d12a
date
Thu, 22 Apr 2021 00:15:47 GMT
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3DD7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiGK_SIKevNofwDhOJg9OXdJM3NWHCzY3Vwor6m700SO8gFOLiUvjMo4osn4atWAOkUzlLHR8sCEACfOHcyukwTTJH8hN5JsrmrWAk35z8SVmKYBD2R6ahqFbjaQ6uPO-O1jz9-tRdOcTF7-n9_7noMa5-_Jd2EI7kxMdRJ0_bDmzbw9SBO8gvVDmq5vb0zGCUIu9ulmD433QLvEaZ7RSbE6WpFZBJvqdxiYfXEHrXktrrnEX4YfThMJ7ovZz2A4-dM1nqOJUUEgYwK4sY85B2bRduAgP8jojjJowbA2j6yS74YLk&sai=AMfl-YQq_31TE6ONleV_TQhCSIgvUoZ5X768Tkdl34weULcLB97DZu1yELaLP6ZZ-7KJu7Mu5bNXqaxY1CnsiCfTWkt2gq3oK1-sK6zNndgeLFMPpck8s7XfP9SL0XlRVT8&sig=Cg0ArKJSzNkayKZYRS9xEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 00:15:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Apr 2021 00:15:46 GMT
userconnect.js
js.adscale.de/ Frame FB9B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.222.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-222-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Vg_Jp.ZJ2u3YbQXNKkA7T4fbgrmEYgFi
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
6F0FCA3BF91C433D
ETag
"98f37b242862929d9aef4bde91abc8ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Thu, 22 Apr 2021 00:15:47 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4485
x-amz-id-2
Juz8bwpynUfQakBX91f/aOeMdehrL0L/st855StuU0rXzAiABUeW5nJpRog2iKcZ5436Vn7va7I=
csync
sync.console.adtarget.com.tr/ Frame FB9B 		86 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=6de55f67c2254f83a9930f62cee0d12a
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
userconnect
ih.adscale.de/ Frame FB9B 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1619050547427&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:47 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame 7D8B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d655bd2944fd8fc65e336ea15c21660344ac271e195dfab3cc8ec39bd8829b11

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=6de55f67c2254f83a9930f62cee0d12a; cct=1619050547403
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.adscale.de/

Response headers

date
Thu, 22 Apr 2021 00:15:47 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
set-cookie
tu=4#3363017656#48~~449736~449736~1#101~~449736~449736~1#39~~449736~449736~1#40~~449736~449736~1#42~~449736~449736~1#75~~449736~449736~1#108~~449736~449736~1#63~~449736~449736~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1619050547443; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
match.js
js.adscale.de/ Frame 7D8B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.222.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-222-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wLpT08_wLXVkyJ1J8XFuEEwEpe2lwEj_
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
C601F8EFDF94BC6D
ETag
"b75124846aec28a28b7a3441813682d5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Thu, 22 Apr 2021 00:15:47 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1700
x-amz-id-2
LklIE2go2b2Rp3GhTH0JJorvXNEdspOHgsiAjDG+rrFz3Mw6W4IqcUS84l6W2VmLAO+M+PWCHPk=
img
ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/ Frame 7D8B
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=6de55f67c2254f83a9930f62cee0d12a&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=101&tpuid=BBID-01-02937645475218849-16268184
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=101&tpuid=BBID-01-02937645475218849-16268184
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:47 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 22 Apr 2021 00:15:47 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=101&tpuid=BBID-01-02937645475218849-16268184
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 7D8B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=abf1a429cb3d411e8221900...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=0&gdpr_consent=
49 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:47 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 22 Apr 2021 00:15:51 GMT
Server
MT3 3660 495c301 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Apr 2021 00:15:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3DD7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBO8OmdgPb2QNV0llWxGoD9Ne5UMiCYJcbGY_QkT4bVmSqrRsfHGdSZYcs8wbVCyRiYi3isY06K714OGt_xkMNPsOIVIpF2-pddK1DpdU&sig=Cg0ArKJSzK5feUeIEBuTEAE&id=lidar2&mcvt=1000&p=196,995,341,1295&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2005426448&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619050543356&dlt=34&rpt=137&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/ Frame 7D8B
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac10570b664f46cb%2F1619050547443%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=75&tpuid=1725340105984438029&gdpr=0
49 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=75&tpuid=1725340105984438029&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:47 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:47 GMT
X-Proxy-Origin
152.89.163.4; 152.89.163.4; 832.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.110:80
AN-X-Request-Uuid
c8d9eb8e-027f-47df-a620-dcd51cda8a7b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=75&tpuid=1725340105984438029&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 7D8B
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=9490d110008d98ca7a596617c...
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=9490d110008d98ca7a596617c...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YIDANtMEiWnu5RzOTZWOZwAA%261104&gdpr=0
49 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YIDANtMEiWnu5RzOTZWOZwAA%261104&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YIDANtMEiWnu5RzOTZWOZwAA%261104&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Thu, 22 Apr 2021 00:15:50 GMT
img
ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/ Frame 7D8B
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=961adb816300fd7b928c2899029b8ea0233f10062eba4ce2eb590385578ddee7&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290ac1057...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=961adb816300fd7b928c2899029b8ea0233f10062eba4ce2eb590385578ddee7&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab24290a...
  • https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=42&gdpr=0&tpuid=6375776904072534689
49 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=42&gdpr=0&tpuid=6375776904072534689
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:48 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:48 GMT
server
nginx
location
https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/img?tpid=42&gdpr=0&tpuid=6375776904072534689
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 7D8B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=ea5f4ce6-ac8e-43b4-b678-8f02ba1ee1a2
49 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=ea5f4ce6-ac8e-43b4-b678-8f02ba1ee1a2
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Thu, 22 Apr 2021 00:15:48 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=ea5f4ce6-ac8e-43b4-b678-8f02ba1ee1a2
cache-control
no-cache
server-processing-duration-in-ticks
21783
content-type
text/html; charset=utf-8
content-length
237
expires
Thu, 22 Apr 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 7D8B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=50b53911ff817b9e9de3815e...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=0&gdpr_consent=
49 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 22 Apr 2021 00:15:52 GMT
Server
MT3 3660 495c301 master zrh-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Apr 2021 00:15:51 GMT
js
ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/ Frame 7D8B
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=476b34ec39fdd63fed0b8015c2910fc6b00a2ca50dfc4b5c1d687e4fdf15ed25&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab242...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=476b34ec39fdd63fed0b8015c2910fc6b00a2ca50dfc4b5c1d687e4fdf15ed25&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fc7f9a4bfaab242...
  • https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/js?tpid=48&tpuid=6abeca0d37660e79fc97bdf316072e18
44 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/js?tpid=48&tpuid=6abeca0d37660e79fc97bdf316072e18
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
181b08682ff61bf8ea254a88bc15b9d760386a808e46b20a8c7472eca0e541db

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:49 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Location
https://ih.adscale.de/sium/c7f9a4bfaab24290ac10570b664f46cb/1619050547443/0/js?tpid=48&tpuid=6abeca0d37660e79fc97bdf316072e18
Date
Thu, 22 Apr 2021 00:15:49 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
147
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sium
ih.adscale.de/ Frame 7D8B 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Thu, 22 Apr 2021 00:15:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
usermatchredir
ssum-sec.casalemedia.com/ Frame BBED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIDANtMEiWnu5RzOTZWOZQAABHUAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECi8NU1FAcFA_vwuk86JGpI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECi8NU1FAcFA_vwuk86JGpI&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 22 Apr 2021 00:15:51 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECi8NU1FAcFA_vwuk86JGpI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BBED
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIDANtMEiWnu5RzOTZWOZQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC-FgsjpyB_8-4WwF9v9ZQM&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC-FgsjpyB_8-4WwF9v9ZQM&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Apr 2021 00:15:51 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC-FgsjpyB_8-4WwF9v9ZQM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BBED
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIDANtMEiWnu5RzOTZWOZQAABHUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIDANtMEiWnu5RzOTZWOZQAABHUAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIDANtMEiWnu5RzOTZWOZQAABHUAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:52 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:52 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIDANtMEiWnu5RzOTZWOZQAABHUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BBED 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YIDANtMEiWnu5RzOTZWOZQAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bridge
cm.adgrx.com/ Frame BBED 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:51 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-3
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame BBED
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739026143269368
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739026143269368
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Apr 2021 00:15:51 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739026143269368
Date
Thu, 22 Apr 2021 00:15:51 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame BBED
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Apr 2021 00:15:51 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Thu, 22 Apr 2021 00:15:51 GMT
server
nginx/1.18.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame BBED
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 00:15:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Apr 2021 00:15:51 GMT

Redirect headers

Date
Thu, 22 Apr 2021 00:15:54 GMT
Server
MT3 3660 495c301 master zrh-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7eac6080-c031-4400-aa43-ead5f8ee4252&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Apr 2021 00:15:53 GMT
um
u-ams02.e-planning.net/ Frame BBED 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=4aff87c7de3885af&uid=YIDANtMEiWnu5RzOTZWOZQAA%261141
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4aff87c7de3885af%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:50 GMT
server
openresty
content-type
image/gif
cc.js
tags.crwdcntrl.net/c/15238/ Frame 2445 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-29.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 18:35:07 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
20443
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 7a024d32abd1bf1da267d76e57a01fa1.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
S8ZQFofoy61W4ZFPjLkYbFI6ik1GomsW5ky6fDfoUtW4vQhsltFh_w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame C74D 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AHeeiU21aVBnFQ1n
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Thu, 22 Apr 2021 00:15:49 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Tue, 21 Apr 2026 00:15:49 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame BA96 		0
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Thu, 22 Apr 2021 00:15:50 GMT
content-type
text/html; charset=utf-8
content-length
0
set-cookie
__cfduid=d4b62ad7e66450797b7a3395be8d4d4171619050550; expires=Sat, 22-May-21 00:15:50 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-request-id
099887ee500000c2fe61115000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w%2BHQa9R9Pgm%2FvdUeOlPVJz774WwvtjdoApOiG0RuirDhI%2BOBQT1dZwQSM2AjGF0be6wFyMeebej%2BglC8%2FxL9ID0EDP67CvYKj1JzpD7E47jthSpe6YqsaqFFWsus99Q%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
643aa8f6eb6cc2fe-FRA
Cookie set csync
sync.console.adtarget.com.tr/ Frame 0B2B 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AHeeiU21aVBnFQ1n
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
a307080=mGbX1zr7z08DJjsL1G6J; vmuid=0c2fd9c2134aa07f; a322988=383270a38b1b3e30; a307565=6de55f67c2254f83a9930f62cee0d12a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Thu, 22 Apr 2021 00:15:50 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=0c2fd9c2134aa07f; expires=Wed, 23 Jun 2021 00:15:50 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=AHeeiU21aVBnFQ1n; expires=Wed, 23 Jun 2021 00:15:50 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
GS.d
js.cookieless-data.com/ Frame C74D 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1619050550871
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:51 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
ptrack
a.audrte.com/ Frame 2445 		368 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=152.89.163.4&p=M1353665098&artime=2021-04-22T00:15:57.916Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9b1da6318dd5ed659a5e3ae4ff0979534f8384148447d174790f5899f391405a

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 1F7C
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3c159b1315a9f367b885345a2e5164047a5eda2d036117f5a52b72127233a1d5

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Thu, 22 Apr 2021 00:15:58 GMT
content-type
text/html;charset=UTF-8
content-length
1238
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.2.45
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 17-Jan-2022 00:01:00 GMT;SameSite=None;Secure _cc_id=f8b16faa690e570392ece1e9cb2bf986;Path=/;Domain=crwdcntrl.net;Expires=Mon, 17-Jan-2022 00:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQSLNIMjRLS0w0szRINTU3MLY0Sk1ONUy1TE4ySkqztDBjAIKEhgN2X%2F%2F%2F%2F88P4kAAAMjWDy8%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 17-Jan-2022 00:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIaDhgB6SgAAAXfAHf";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 17-Jan-2022 00:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Thu, 22 Apr 2021 00:15:57 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.5.83
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
usermatch.gif
beacon.krxd.net/ Frame 1F7C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=f8b16faa690e570392ece1e9cb2bf986
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1619050558
x-served-by
beacon-n022-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
tpid=e968ece1-a2ff-11eb-bbbb-66bd867ef1ea
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 1F7C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=f8b16faa690e570392ece1e9cb2bf986&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=f8b16faa690e570392ece1e9cb2bf986&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=e968ece1-a2ff-11eb-bbbb-66bd867ef1ea
49 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=e968ece1-a2ff-11eb-bbbb-66bd867ef1ea
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.3
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Thu, 22 Apr 2021 00:15:58 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=e968ece1-a2ff-11eb-bbbb-66bd867ef1ea
alt-svc
clear
content-length
0
qmap
sync.crwdcntrl.net/ Frame 1F7C
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=fa186080-c03d-4200-9181-2376f6142fb1
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=fa186080-c03d-4200-9181-2376f6142fb1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.226
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Thu, 22 Apr 2021 00:15:58 GMT
Server
MT3 3660 495c301 master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=fa186080-c03d-4200-9181-2376f6142fb1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Apr 2021 00:15:57 GMT
pixel
cm.g.doubleclick.net/ Frame 1F7C
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=f8b16faa690e570392ece1e9cb2bf986&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=f8b16faa690e570392ece1e9cb2bf986&gdpr=1&gdpr_consent=
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOcqS2KxVehjVLOER-T1BvvmKhmbH5SAHKwSv2bQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/8/2.gif?puid=7491462278572078094&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=f89339547ad239c476b50b12972b6d97&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOcqS2KxVehjVLOER-T1BvvmK...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjhiMTZmYWE2OTBlNTcwMzkyZWNlMWU5Y2IyYmY5ODY&google_redir={xENCODEDURL}&id5id=ID5-ZHMOcqS2KxVehjVLOER-T1BvvmKhmbH5SAHKwSv2bQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjhiMTZmYWE2OTBlNTcwMzkyZWNlMWU5Y2IyYmY5ODY&google_redir={xENCODEDURL}&id5id=ID5-ZHMOcqS2KxVehjVLOER-T1BvvmKhmbH5SAHKwSv2bQ
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjhiMTZmYWE2OTBlNTcwMzkyZWNlMWU5Y2IyYmY5ODY&google_redir={xENCODEDURL}&id5id=ID5-ZHMOcqS2KxVehjVLOER-T1BvvmKhmbH5SAHKwSv2bQ
cache-control
no-cache
x-server
10.45.6.178
content-length
0
expires
0
tpid=YIDAPgAAXWXJlQAC&_test=YIDAPgAAXWXJlQAC
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 1F7C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YIDAPgAAXWXJlQAC
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YIDAPgAAXWXJlQAC&_test=YIDAPgAAXWXJlQAC
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YIDAPgAAXWXJlQAC&_test=YIDAPgAAXWXJlQAC
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.83
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619050558.204696,VS0,VE0
x-served-by
cache-hhn4064-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YIDAPgAAXWXJlQAC&_test=YIDAPgAAXWXJlQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tpid=no-consent
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 1F7C
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=575102829/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.45
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
p
a.audrte.com/ Frame 2445
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=&google_tc=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=&google_gid=CAESEObsCLHQPjmslfJ1bEq-pm4&google_cver=1
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:58 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 22 Apr 2021 00:15:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 2445
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7345545461322590395
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESEObsCLHQPjmslfJ1bEq-pm4&google_cver=1
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=04bnM47EyTJR12Ohb-R-hVpqQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:58 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 22 Apr 2021 00:15:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
ps.eyeota.net/pixel/bounce/ Frame 2445
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 00:15:58 GMT
Content-Type
application/javascript
Content-Length
1218
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=
Date
Thu, 22 Apr 2021 00:15:58 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15844a7041fb43bd8b1b2881ef0128a76ace84cae85ed83d510fb0d3d8972822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 00:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6663
x-xss-protection
0
syncframe
gum.criteo.com/ Frame D7BC 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.ukr.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.ukr.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
3382
date
Thu, 22 Apr 2021 00:15:58 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 22 Apr 2021 00:15:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7A81 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 21 Apr 2021 19:45:41 GMT
expires
Thu, 21 Apr 2022 19:45:41 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16218
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 7A81 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 07:09:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
61597
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 21 Apr 2022 07:09:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=334067520153073&bg=!ExClEFTNAAZUuIlwVLg7ACkAdvg8WlljP5hELGvXvjMDAa_y8yiJ5Db_JRXa8VFVIBELEWZWvg9qZwIAAABlUgAAAAxoAQcKAKyksi5PSXFsXb2QbB5VYUkaZi4ab53NSIzRFIm_sZW4lxYvlaI8JA_JkjaPa88X1EotPNBmRujltgQ57i6ddOGALfHtu22Xp4jXg_uEaPKQLoAZDCU4EWBgks_FD5khaGEwMrsGoMKFF8McyhxPaZ_AUBlwbh8IAhuvbyvPR1Mtdqu8gxluBt0eZV_OEN1DozmA8E_YhzJuxgFWv6bfz7li-DzAudP2LdLGsQa-mQHbIETzVCSCcrBw6gPWrHXt3tMXCKw16HUau622eDkY5ZNUIPe7H9p6vLzXL0P1zCjl31hpcVX_PoxRHFHDTYSFH7VDKjkBEs-yD6Q4A3fe46Lr-78_s2UToflHe1mZ6TzMWP_cg7RhByALzYy_zPNBlXe5ycdpTyWlkmP1q6lJkGVF_249iAP8ul5IjeMf4FijK-ouVztEEPF9Tfbt4SyrXV_zhZwqdgDx8RsAepgJc0gsfarbWeDhlKo4CBEEi8Bq8ptvZ_MTAoWoRnlFpmnPvDHf-voC27edvBR74dsEDyv-uDDfbMLkudi8_Fzs1lBQNxS5UAS2OROXQqgBCjcCKIjTOKoP-6undB5Cj1tBvbh4FVA8GeiSwN6jK5xVz5Uf1mZzXPuLKTj_0n9hMc7R1nOKARL5MK7bHTWIU4PK3V2jIo2dCZTnquwFDmcaInpFiWckhYSUWponfBJKbVBPDgfdaVQSrAvxnKbNjzfIYqBm6f1iK2cjE0YLUKRb6O3AW_JQY7zRWfOCYDOyccqVdJ0u1JVUNqBzwjM6_fARM_FyHu6SuLjFyzJNPKTLLWTdLFTV4bYgg6jEmUJvbNTknfHJY9rhPM59YaJFEiD4gHRV8uylMSarFBzLNg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 00:15:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pinformer.sinoptik.ua
URL
https://pinformer.sinoptik.ua/pinformer4.php
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=IM8fHXx4blNUVEZERkdWUitlNE9SRHF3M2w1b1lVQkVnMjRNUks5REpMM0wzU1RydjBvSmJGUnhWWE9vbkNuMHNkdXJBZ0pkbmJ3OWFZUlFpQ0xVeFQ2MmUxRGlMNm5LOW93cCtBOER1emdpK21YclVDZzNiam4rSTh3WFEzZTcwekhBRTAvZG4rS0xIN25rWWcrTHFuSlBzR3hCZTlUREhyZWpqdnNpUTlBcXR4S2dicEhoenJuaEJWaGh1YXcrQjNFVndrTGFSM1RUUk5ZSGJlT0pUNjB5ckRoY1ZQOEtIdWorMmhtOFd0Uk5MZENVPXw&cppv=2
Domain
prebid-eu.creativecdn.com
URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu

Verdicts & Comments Add Verdict or Comment

323 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer undefined| src undefined| dst boolean| is_desktop object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| GetCookie function| SetCookie function| DeleteCookie function| getCookieVal function| LocalCache function| ajaxCash function| $ function| jQuery function| _ object| ifvisible function| MailWidget object| Core object| Bookmarks string| zakl_domain string| zakl_domain_back boolean| zakl_css boolean| brandsActiv string| fschema object| chc string| magicHash object| LoginErrors string| fr_text_nonew string| fr_text_new1 string| fr_text_new2 object| globalCommercialData undefined| adUkrNet number| adEcbrStart number| adEcbrDone undefined| rootLeft undefined| rootRight undefined| rootFuel object| ant string| basesearchurl function| isElementInView function| checkElementViewability function| fixSidebar function| setReload_branding function| ellipsizeTextBox object| portalCache object| App object| Lazyload object| Synchronization function| checkAttr object| Services object| Currency object| Fuel function| onCaptcaConfirm function| SHA1 function| transliterate function| ToPlural object| User object| News object| Holydays object| Clicks number| bc_a string| bc_g function| parse_20 object| arrForScrollRefresh function| setReload_300x250 function| onGeoData object| DateFormat object| Columns function| getBase64 function| aGo function| ecbrStart function| collectCommercialData function| go_search function| timeDiff function| zakl_addClass function| zakl_removeClass function| zakl_toggleClass function| zakl_ifClass function| zakl_setDisplay function| zakl_setDisplayById function| zakl_clearSelects function| zakl_restoreSelects function| zakl_setMask function| zakl_removeMask function| zakl_GetCookie function| zakl_SetCookie function| updateCookiesTime function| zakl_DeleteCookie function| zakl_getPageSize function| zakl_$ function| zakl_isEmpty function| zakl_displayMyBookmarks function| zakl_HideBookMarks function| slidePanel function| zakl_DontHideBook function| zakl_treeControl function| zakl_checkBook function| setSubFolderData function| zakl_OpenEditFolder function| zakl_OpenFolder function| zakl_ShowFolders function| zakl_HideFolders function| zakl_DontHideFolders function| zakl_HideFoldersNow function| zakl_showContextMenu function| zakl_HideContextMenu function| zakl_displayFolderMenu function| zakl_displayItemMenu function| zakl_getMousePos function| zakl_windowAddFolder function| zakl_windowAddFolderToImport function| zakl_closeWindowAddFolder function| zakl_windowWizzard function| zakl_closeWizzard function| zakl_wizzardLogin function| zakl_GetItemById function| zakl_WindowEditBookmark function| zakl_WindowEditFolder function| zakl_closeWindowEditFolder function| zakl_closeWindowEditBook function| createImportIframe function| checkItemsForExport function| zakl_setShadow function| zakl_removeShadow function| zakl_windowModalSubMenu function| zakl_windowModal function| zakl_windowSubModal function| zakl_CloseModal function| closeAddBook function| zakl_SelectFolder function| zakl_AddFolder function| zakl_AddFolderFromImport function| zakl_EditFolder function| zakl_AddBookmark function| zakl_EditBookmark function| StdRefreshTree function| StdRefreshTreeAddBook function| StdRefreshTreeAfterAddFolder function| StdRefreshTreeAfterAddFolderFromImport function| zakl_ReportStatus function| zakl_CloseStatus function| zakl_MakeAGetString function| zakl_AddToQuery function| zakl_UpdateFoldersQ function| zakl_UpdateBooksQ function| zakl_UpdateChilds function| zakl_UpdateSelectedItems function| BackAfterDelete function| getParentIdByElementId function| zakl_isUrl function| ReturnTreeBody function| ImportResults function| zakl_saveDataAddBook function| zakl_window_top function| zakl_escapeAjaxParam function| zakl_display function| zakl_loadingStart function| zakl_loadingStop function| zakl_getTitleForURL function| zakl_RefreshTitle function| zakl_clearTitleValue function| zakl_movemouse function| zakl_resetHash function| zakl_selectmouse function| zakl_attachZakl function| loginFocus function| moreRefreshTree undefined| zakl_cmodal undefined| zakl_csubmodal boolean| zakl_returnAddBook boolean| zakl_logged number| zakl_globalTreeId number| zakl_globalTreeSelectedId boolean| zakl_TEST_LOGIN boolean| zakl_DEBUG_ENABLED boolean| zakl_selectPreviousDir number| zakl_pageMinWidth string| zakl_domain_ajax string| zakl_importDoc number| zakl_loadDelay number| zakl_loadDelayAttached boolean| isIE6 string| zakl_homeDir boolean| goto_step object| zakl_BrowserDetect object| zakl_browser undefined| zint undefined| booktime boolean| zakl_importFolder undefined| zakl_response boolean| zakl_autoopen number| zakl_parentEl object| zakl_treeItems object| zakl_tree undefined| hfolders boolean| isImportWizzard undefined| zakl_currentEditItemData string| gsubmodal boolean| isOrganizeWindow number| cfolder undefined| zakl_hmirror string| selectedf string| selectedb string| zakl_addBookHttp string| zakl_addBookSiteName string| zakl_addBookHttpWizzard string| zakl_addBookSiteNameWizzard boolean| zakl_displayModal boolean| nn6 boolean| zakl_isdrag undefined| zakl_x undefined| zakl_y undefined| zakl_tx undefined| zakl_ty undefined| zakl_dobj boolean| zakl_attached string| zakl_html string| zakl_html_main string| zakl_backURL object| googletag object| vmpbjs object| vpb object| __advShowDeferred object| useragent object| topSlot undefined| topSlot2 object| topSlot3 object| topSlot4 object| topSlot5 object| brandSlot function| gosmart object| widget function| __reCaptchaLoad object| gaplugins object| gaGlobal object| gaData function| setIframeHeightCO function| handleDocHeightMsg undefined| bgURL1280 undefined| bgURL1366 undefined| bgURL1600 undefined| back_color_1280 undefined| back_color_1366 undefined| back_color_1600 boolean| brand_exist string| brand_href number| crash function| brandsActivion function| brandsParameters function| setbrandsActivion function| vmpbjsChunk object| _pbjsGlobals string| a object| d object| n string| fr number| tz object| s object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| Criteo number| wd number| size function| go object| regionsList object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIaDhgB6SgAAAXfAHf"
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: f8b16faa690e570392ece1e9cb2bf986
.adform.net/ Name: uid
Value: 7345545461322590395
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLNIMjRLS0w0szRINTU3MLY0Sk1ONUy1TE4ySkqztDBjAIKEhgN2X%2F%2F%2F%2F88P4kAAAMjWDy8%3D"
.adform.net/ Name: C
Value: 1

12 Console Messages

Source Level URL
Text
console-api warning URL: https://player.adtelligent.com/prebidlink/449736/hb_300016_4947.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api error URL: https://player.adtelligent.com/prebidlink/449736/wrapper_hb_300016_4947.js(Line 1)
Message:
localStorage unavailable
console-api log URL: https://www.ukr.net/dat/covid19.html(Line 456)
Message:
reload covid widget
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js(Line 6)
Message:
[GPT] Invalid object passed to setSafeFrameConfig({"sandbox":false}), for sandbox: false}.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js(Line 6)
Message:
[GPT] Invalid arguments: Slot.setSafeFrameConfig([object Object]).
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent=|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=04bnM47EyTJR12Ohb-R-hVpqQ&gdpr=0&gdpr_consent="}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32f638432e3e0eac818b3455a1272c69.safeframe.googlesyndication.com
a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.ukr.net
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
afl.rozetka.com.ua
ap.lijit.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
cdn.admatic.com.tr
cdn.ampproject.org
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
counter.ukr.net
creativecdn.com
cs.admanmedia.com
cs03.trafmag.com
csync.loopme.me
d.adroll.com
d.turn.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
go.rcvlink.com
gum.criteo.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
kinoafisha.ua
loadeu.exelator.com
mail.ukr.net
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
p.rfihub.com
pagead2.googlesyndication.com
pinformer.sinoptik.ua
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.sitescout.com
pixel.tapad.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
ps.eyeota.net
recreativ.ru
rtb.adxpremium.services
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
st11.rcvlink.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.tidaltv.com
t.trafmag.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trafmag.com
trc.taboola.com
u-ams02.e-planning.net
ukr.net
ups.analytics.yahoo.com
upst.fwdcdn.com
usermatch.krxd.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ukr.net
zakladki.ukr.net
mug.criteo.com
pinformer.sinoptik.ua
prebid-eu.creativecdn.com
secure-assets.rubiconproject.com
104.111.237.88
104.117.222.11
104.19.133.78
116.202.161.117
116.202.85.171
136.243.128.165
136.243.84.74
142.250.186.162
142.250.186.66
143.204.245.29
146.0.227.110
151.1.205.165
151.101.114.49
151.101.13.44
154.57.158.51
172.217.18.98
173.231.181.122
178.162.133.149
178.250.0.157
178.250.0.163
178.250.0.165
18.156.0.31
18.158.173.146
18.198.69.109
184.30.20.207
185.184.8.30
185.29.132.144
185.29.133.199
185.33.221.52
185.64.190.78
188.42.196.115
193.0.160.129
193.200.64.15
193.200.65.2
193.200.65.5
194.213.62.34
195.191.235.71
195.214.195.101
2001:678:cb4:bbbb::13
212.42.75.249
212.42.75.253
212.42.76.247
212.42.76.248
212.42.76.252
212.42.83.135
212.82.100.182
213.174.135.1
213.19.147.45
213.19.162.51
216.52.2.48
23.218.208.200
23.218.208.246
23.45.110.176
2606:4700:10::6816:1857
2606:4700:20::ac43:47f1
2606:4700::6810:bf3
2606:4700:e0::ac40:6308
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c06::9a
2a00:f48:2000:1023::3
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:12::1370
2a05:d018:24:b001:cff3:ca6f:14e6:5ad7
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5142::2
3.120.52.200
3.127.178.105
3.221.146.169
34.247.242.33
34.250.160.147
34.98.67.61
35.186.253.211
35.201.81.244
35.227.248.159
35.244.159.8
37.157.3.28
37.157.4.23
37.157.4.29
37.252.173.113
46.249.52.249
5.135.83.158
5.178.65.253
51.158.28.83
51.89.21.21
52.208.103.128
52.21.63.28
52.4.128.233
52.48.137.92
52.48.18.249
52.94.232.32
52.95.124.165
54.165.137.101
54.170.10.95
54.195.19.148
54.229.253.85
62.149.0.72
66.155.71.25
67.202.110.34
85.114.159.118
88.214.206.142
89.163.159.107
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
048abc184d47b80d42b3bbfee60e02bbfa7726cc2f049791a7edd6278d12322b
061769e5c7eb97935122a0492b7b2365f8a8538ec018a37e31e030f2192750ab
0630f2682661b9c3a9661a774eb39a7f4d0ca5fcf50ef8deec0d2725c15ebc74
07d3b253e202af1cbbf728e53b09d684206d64240685841a864e80a527101707
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d41211151488d96a3556cea1831ffd45f37bacee7f8db92c57dbb4e4d37bad3
0e9914554b80aba1f7ab23fa72b263a779d29fe29aa5d36e826fb60d8cfb9314
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe
11481310946de201a8555e07f21794ab57a2d42087ae0c44ce4617b42f22e2ce
11a5cdba25ad7586072ad1875715ce91b174f500cd041f5d79471d59e447fb7b
137e2b463ce1179a5530ce1a99b6ce209f483d9b51ac8ef8e77a00605ed9e054
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15844a7041fb43bd8b1b2881ef0128a76ace84cae85ed83d510fb0d3d8972822
181b08682ff61bf8ea254a88bc15b9d760386a808e46b20a8c7472eca0e541db
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1aec2bdc267370ccba729825eb4699cba852cb311f4469dfaa209683c7e48e39
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1f4cf1f4c8b40b3d2218191af77dbd94aa9059cd545a02f36966e7845cb2e044
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
338f69fe1de47efce159b38aef5d8ccb729ff5f40e6fb8eb6e5b7ad5f214dfcc
340e0e0fb94958dd17432fbe30211cfe3b2f2f8d582e4656fb013377ada6a708
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
35872bfa300b14854d843dc333781d1610f3f4988376330eff0734404f39bfe0
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3c159b1315a9f367b885345a2e5164047a5eda2d036117f5a52b72127233a1d5
3ce9d8e2e9732482f80d6cde2142feecb61569c4a35588c1c58e6d4ad4ea5330
3d6538c9180003374f0f79f5468faf229326953fe35d6d142a20bc0f3996b898
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42a26641deff15b5d2852d331c17bcef213d4ef8b04964a145c7ac62a6bd1e6e
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
47bfec901a77fb4b8bf0d08da97fb6fa95263ddea82fa2e1c688d672a6184c6f
484aafb52acf99918dec093b6c3033f2363bad4c6f35dabceab7d6462971fad5
48a704261cb0d92d91ce87329283f740a9d2523f4f3ef5cd3940a77242e19c32
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49f18021166fa8c8626f72727b5b77a772081649ce3154788b00ba4791250a61
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
528cda079b4743d154dba29ca5608946877e132a95c35602cfcc307b2f5303c5
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
58693a49773a094a56c6e585b179f92ab57ccbbfe1e0c7524cf53b7736144297
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5ae48f0f8c6ff93351d7b74212241993317b94f07eebc3000a82824c8f2ac02e
5c1205b80ad28624967b8e1f154ccef5a65979b3ab5d709bd5109f9ff4758df5
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a2a30567ebb12a8d345d65a0b81185660e1263584a6bcac041f2a63a868272d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d22c03d0444c9836c52ee77100d534c017ea408c6806057c349691e23b615fd
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6e74d7dbb84774e89bbb01d3ec2490647e716e7b59a3815772ef5113dbe03ead
73087fb55a57ea60e0e60fe3d51625eca18d5091d50c1ebb1bcf4f90f7accf81
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7531b79597ad63a3dd3be39269ff6160ea1a8b979db54b4955f2dbada7c31a5a
75f62120b95e617215684e9aef305a9c4db72d7f2326b69e9e4ee78a4c07a353
7631c31daea159ed292225eb55dadbf86807371c6c4c14b3bda879f561b757eb
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
78a950d5468e108a83fd66bc5394400365b46f9645c742b24133c53100f558be
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7a5c086aa75b66a13f248828a85bf6f46730f29d98f0343b042d75f42df90f58
7d34a60e92b3e10b42d6a5b806e093143240110dee1937656d6e63eab7450afc
7dbd8c7566195ada3f3e2a2f33b832358d0526e1384d0217ec96264eb17da819
7ef94bf64859083c25bdd7a2d317afc825ac1d2a3e3721239d79dee9a71376cd
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8685f7ed6d8d551c84697fcef01c8a5f8cf25b50ba1d07fdc798bd1efb0eb6ca
898c0927ddec0a0284ddbda0e47f02d12e1fcbc43125a50456f76062e99a4c70
89a3b5a8d71ec59776930e967da98d383d99888e53f0f2f5821c91641cef9bea
8a09bceb764c3d3dfb656dacf491137ee904cb2186a6deedb99436788e209655
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8c164e5c615f542b4b3f9d1db91a16cf781ee0197a296ee4fb067d3568f097b2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8ce7d47265b5038ff7ced03530b14492db839337cb6c33aa1737a9fc1f2902
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
91b13dca8d574a13acc7ea213346e85759447f8feb96e68eaf7a6c7420584282
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
9648ae642d57cdca0a0fa125e7edc4822c286d689e4b200e401c822b4eeff0a2
99c90b05e153e5395c31d5758488ea658ee15ed95f6bbe550279e44c9ee8939d
9b1da6318dd5ed659a5e3ae4ff0979534f8384148447d174790f5899f391405a
9b8c4b860d14e6858d77f4de18b232de5f7d43ae99691db07e92416e91f0aa1b
9d15cfa791353ad869a5b2a5b1b68deb6ab691d290ff9fdbe033d2ff5e41e7ca
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08fcb2215e39ea6a679a5382c6b83278db218e7ceb0487ad67f7de1976c89b0
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76ff77dbdea1a277fd62f03b21028a13d63485131c8611abba545b11afbe78b
a8fa73b24973972446ee111e924106308ee4968cfa0f1d962d465e6aa9bc7e40
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ae331ea9e94daabf20845849890420c9fbb6e920f84ea6fa0b53d15b264c177c
aee8a7d33ee42bc9d1de82b2de008bfb5899ebe7a618564abba187110af2a4f8
af0cb902656b4fde470988b5fafcfb29703d1e18469371fca027bbcb6fbd7724
b04d41740bc71428f2ebe8420ccdc7f3231e39786ef39a790786d1e0ac6bb824
b08f507be9178208cdb6c60463bb0a2355ee7bd9943fc6efbe357d87ed0f2676
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b2ce8b01fadfaf4444a51c10a39a5a7bd3598cd4d40a4d58bf8c40b056ed64cc
b3376802e873cdb0ed98931ff5b98efa64db01aefd2f2a2cd1337ce724391e83
b4b187482938659b396dbc0481a05877f23745bd288fe9d20276832ff9b6ecc6
b6a6c3c3bc3994b99e6fe926a48ffbf8162b2e0196aaf6fc0481f792f78d2e39
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48
bb0b08877833dc33e7b1a9e9a3eccf7a8016f0f43c2ef0e86be55c9bed1dce20
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
be689eef89eb30083900794c6823077617878d22bfc8e0619fd4f5ab0d435950
bf62cad5e502d4a66197ca9edf1dc114d1fe6b6934d376b9b0e611ec93d14123
bfc9fbc4575f67c1903d4ff0b0d8889b7a66b72676dd61cec9abec0019a2fe50
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c351a44a457cc7b9d2bbb93f4efe90462ab9050cf7ee4b2fff1e94893004a413
c35f5b8b56d55e7cece8df68b398eb091a17d494357e7eb07e71b87a33b4ed04
c581cfab3bce30352233131a4cbc18385b63982e86a0d9c97172ea12b188b282
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6e062ccfb4e7bf2e4020e000a457da3cee98015550fb029221d9797d9e19858
c84c85f88daa7bc793ebdcbc973bba8567be4f7b1de75b2a3d3d932d52519f8b
ca4191751a31b0e2ff64a304011aaa03dca08ceac0df78bd496ef0fb302ff550
cba522390b1c9e02f762cfb76673612b1db16b7093a47998d4944a6752f2fe2f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4f8ce4e9d310e448f37a9868c601fe20a9a8b2bf098bce26c59881f92c5a08
d29aa02e0a656bb1cc442404d5dd9523eae3549e25aa751647c59c2dd2c3fea0
d32420f85cf50a4ecef5c6868b93457af472761c4d76b0ee58010ce62649bb1a
d655bd2944fd8fc65e336ea15c21660344ac271e195dfab3cc8ec39bd8829b11
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
d807044f0298d95066f8f5d8e2305186fc1fd3b0ad81a76e1abfd60eb26ee4fe
d99418fe22b8ab533f1fff72e6fc429b4351cb2bea43d3a1624ab7644c726b5d
dc009431cb1d53be3fd737d4ba4bb368c70aa1f7ec5e1b09caa8ea8bc7489e10
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5b1578774e803e4bc0b3f3e44d4b14b26b6856f4cb0b9a23c957130e45e370
de624a0a9b0ce2f2a5a44c44f80210ed7c42095f089a6109d0b29d6eecc2b074
e006e0c56c865c83ef02bb7a878f62886d56a972ce1e4f975f0455e8fd44734f
e2ea26c7f8e218a2abe5906009ed800b759f79b0428e0508a0ad08a003f40ae1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a6ae70abaadb5abee3317bfe13b653baaca295c18df5d1324d4b86494a79c5
f3352012cfa03559709cc1820c6ef16f21c2a556cca03750e0c7201ba7b8e307
f5e4aefc2e3e452791806dcc3ecbb25fd1d09f836f2939cfb1bd66ec0eb12ad2
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5