novosti.dn.ua Open in urlscan Pro
168.119.67.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://novosti.dn.ua/
Effective URL:
https://novosti.dn.ua/
Submission: On September 08 via api (September 8th 2022, 3:05:13 am UTC) from GB — Scanned from GB

Summary HTTP 239 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 85 IPs in 12 countries across 88 domains to perform 239 HTTP transactions. The main IP is 168.119.67.205, located in Germany and belongs to HETZNER-AS, DE. The main domain is novosti.dn.ua. The Cisco Umbrella rank of the primary domain is 964531.
TLS certificate: Issued by R3 on September 6th 2022. Valid for: 3 months.

This is the only time novosti.dn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	168.119.67.205 168.119.67.205	24940 (HETZNER-AS) (HETZNER-AS)
8	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
15	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
4	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	23.216.77.39 23.216.77.39	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
4	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	54.229.37.204 54.229.37.204	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.132 65.9.58.132	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:f000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
13	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5 5	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
6 7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	34.197.100.236 34.197.100.236	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.17.63.11 52.17.63.11	16509 (AMAZON-02) (AMAZON-02)
1 1	23.35.228.210 23.35.228.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:206... 2600:9000:206f:8200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:206... 2600:9000:206f:2800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f17... 2a03:2880:f173:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	99.86.4.101 99.86.4.101	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:1::... 2606:4700:1::6813:854e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.228.197.239 54.228.197.239	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:ac00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.34.154.154 63.34.154.154	16509 (AMAZON-02) (AMAZON-02)
2	2a0c:5c81:505... 2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2	55081 (24SHELLS) (24SHELLS)
3 3	52.29.53.92 52.29.53.92	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	3.121.59.219 3.121.59.219	16509 (AMAZON-02) (AMAZON-02)
1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
6 7	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.193.0.23 18.193.0.23	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	2606:4700::68... 2606:4700::6813:ad6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2a0c:5c81:512... 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72	55081 (24SHELLS) (24SHELLS)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2	2a02:6ea0:c70... 2a02:6ea0:c700::20	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 6	54.175.220.103 54.175.220.103	14618 (AMAZON-AES) (AMAZON-AES)
4	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 1	174.129.134.181 174.129.134.181	14618 (AMAZON-AES) (AMAZON-AES)
3	5.178.65.253 5.178.65.253	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f608:d96:5850:6736:187e	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2a05:d018:24:... 2a05:d018:24:b002:4b1d:b4d8:d7a1:7bd5	16509 (AMAZON-02) (AMAZON-02)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	15169 (GOOGLE) (GOOGLE)
1	185.15.245.82 185.15.245.82	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	52.213.127.205 52.213.127.205	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2	108.128.241.23 108.128.241.23	16509 (AMAZON-02) (AMAZON-02)
1	157.90.211.246 157.90.211.246	24940 (HETZNER-AS) (HETZNER-AS)
1 1	3.218.193.24 3.218.193.24	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
2 4	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.31.1.81 52.31.1.81	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	34.96.71.22 34.96.71.22	15169 (GOOGLE) (GOOGLE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	212.129.3.112 212.129.3.112	12876 (Online SAS) (Online SAS)
239	85

29 168.119.67.205 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.205.67.119.168.clients.your-server.de

novosti.dn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.216.77.39 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-39.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.37.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-37-204.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.132 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-132.fra56.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:f000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

widgets.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.62 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.100.236 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-100-236.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.63.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-63-11.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:2800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:1::6813:854e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.197.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-197-239.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ac00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.154.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-154-154.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.53.92 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-53-92.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.59.219 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-59-219.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.124.210.90 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.0.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-0-23.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:ad6c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 62.149.1.122 (Ukraine) 2 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.240.210 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.175.220.103 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-220-103.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.134.181 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-134-181.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.178.65.253 (Rijswijk, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.41 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f608:d96:5850:6736:187e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:4b1d:b4d8:d7a1:7bd5 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Rogeno, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Waldshut-Tiengen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.82 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.127.205 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.241.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.193.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-193-24.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.223.37 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.1.81 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-1-81.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.129.3.112 (France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	novosti.dn.ua 1 redirects novosti.dn.ua — Cisco Umbrella Rank: 964531	941 KB
20	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2852 mwzeom.zeotap.com — Cisco Umbrella Rank: 2511	26 KB
19	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 6078 c.mgid.com — Cisco Umbrella Rank: 4484 cdn.mgid.com — Cisco Umbrella Rank: 8110 servicer.mgid.com — Cisco Umbrella Rank: 6104 s-img.mgid.com — Cisco Umbrella Rank: 4480 cm.mgid.com — Cisco Umbrella Rank: 2775	128 KB
13	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 Failed	21 KB
12	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 494 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365 eus.rubiconproject.com — Cisco Umbrella Rank: 840 token.rubiconproject.com — Cisco Umbrella Rank: 1115 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3032	23 KB
12	adtelligent.com 1 redirects s.adtelligent.com — Cisco Umbrella Rank: 5516 sync.adtelligent.com — Cisco Umbrella Rank: 6001	6 KB
10	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 7606 u-ams02.e-planning.net — Cisco Umbrella Rank: 94857 s.e-planning.net — Cisco Umbrella Rank: 10459 i.e-planning.net — Cisco Umbrella Rank: 11359	4 KB
9	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 stats.g.doubleclick.net — Cisco Umbrella Rank: 188	6 KB
8	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 29200	234 KB
7	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1950 r.casalemedia.com — Cisco Umbrella Rank: 1020 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	6 KB
7	eyeota.net 6 redirects ps.eyeota.net — Cisco Umbrella Rank: 1452	4 KB
6	amazon-adsystem.com 3 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274 s.amazon-adsystem.com — Cisco Umbrella Rank: 415	4 KB
6	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2892	10 KB
6	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 713 image8.pubmatic.com — Cisco Umbrella Rank: 928 image6.pubmatic.com — Cisco Umbrella Rank: 891	79 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	416 B
6	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3426 test.cmp.quantcast.com — Cisco Umbrella Rank: 9826 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 10749	180 KB
5	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 1142 tags.crwdcntrl.net — Cisco Umbrella Rank: 1654	17 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8291	2 KB
5	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	5 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	2 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 757	1 KB
4	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 2156 dmp.adform.net — Cisco Umbrella Rank: 5535	1 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 949	1 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 486	1 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 871 script.hotjar.com — Cisco Umbrella Rank: 1152 vars.hotjar.com — Cisco Umbrella Rank: 1247 in.hotjar.com — Cisco Umbrella Rank: 2418	69 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1117
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	197 KB
4	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 36718	84 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 741 usermatch.krxd.net — Cisco Umbrella Rank: 1847	942 B
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 420	1 KB
3	360yield.com 3 redirects ad.360yield.com — Cisco Umbrella Rank: 848	819 B
3	mathtag.com 3 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1583 sync.mathtag.com — Cisco Umbrella Rank: 743	2 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 636 cdn.id5-sync.com — Cisco Umbrella Rank: 1490	16 KB
3	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 27210	815 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1004 syndication.twitter.com — Cisco Umbrella Rank: 1252	133 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 28350	683 B
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 2044	753 B
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 7089	17 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 2282	533 B
2	adtarget.com.tr 1 redirects s.console.adtarget.com.tr — Cisco Umbrella Rank: 21954 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 18728	1 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 1389	628 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 811	687 B
2	e-volution.ai 2 redirects sync.e-volution.ai — Cisco Umbrella Rank: 3674	918 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 10910	788 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 885 idsync.rlcdn.com — Cisco Umbrella Rank: 607	196 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 872	564 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 297	2 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2143	56 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	178 KB
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 10761	535 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 652	140 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 6405	419 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 1128	263 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 118041	215 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 767	145 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 3036	361 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1694	687 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 15554	220 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2152	596 B
1	bemail.it 1 redirects bn01.er.bemail.it — Cisco Umbrella Rank: 98216	659 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 9079	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 17009	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 918	161 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 3537	312 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 12294	259 B
1	tynt.com ic.tynt.com — Cisco Umbrella Rank: 5291
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 16589	100 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 3128	621 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1620	450 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267	347 B
1	admanmedia.com cs.admanmedia.com — Cisco Umbrella Rank: 2416	20 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 838	405 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 30998	524 B
1	google.de www.google.de — Cisco Umbrella Rank: 3469	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 19	501 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480	30 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1180	1 KB
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 775	531 B
1	getsitecontrol.com widgets.getsitecontrol.com — Cisco Umbrella Rank: 33417	863 B
1	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2806	2 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	cpx.to p.cpx.to — Cisco Umbrella Rank: 11206	2 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1405	10 KB
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 30881	6 KB
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 8504	32 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	50 KB
0	yandex.ua Failed mc.yandex.ua Failed
0	habrastorage.org Failed habrastorage.org Failed
239	88

	Domain	Requested by
29	novosti.dn.ua	1 redirects novosti.dn.ua
15	mwzeom.zeotap.com	novosti.dn.ua ads.us.e-planning.net
13	www.google-analytics.com	novosti.dn.ua www.googletagmanager.com www.google-analytics.com
10	sync.adtelligent.com	1 redirects s.adtelligent.com s.console.adtarget.com.tr ads.us.e-planning.net
8	ads.themoneytizer.com	novosti.dn.ua ads.themoneytizer.com
7	ps.eyeota.net	6 redirects novosti.dn.ua
7	cm.mgid.com	jsc.mgid.com novosti.dn.ua s.adtelligent.com
7	cm.g.doubleclick.net	6 redirects r.casalemedia.com
6	a.audrte.com	2 redirects ads.us.e-planning.net a.audrte.com novosti.dn.ua
6	www.facebook.com	novosti.dn.ua connect.facebook.net
5	dsum-sec.casalemedia.com	1 redirects r.casalemedia.com
5	mc.yandex.com	2 redirects novosti.dn.ua
5	ib.adnxs.com	5 redirects
5	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com ads.us.e-planning.net
4	s.amazon-adsystem.com	2 redirects ads.us.e-planning.net r.casalemedia.com
4	pixel.tapad.com	3 redirects ads.us.e-planning.net
4	u-ams02.e-planning.net	ads.us.e-planning.net r.casalemedia.com vid.vidoomy.com
4	eus.rubiconproject.com	s.adtelligent.com ads.us.e-planning.net eus.rubiconproject.com
4	sync-tm.everesttech.net	4 redirects
4	s-img.mgid.com	novosti.dn.ua
4	cmp.quantcast.com	quantcast.mgr.consensu.org cmp.quantcast.com
4	match.adsrvr.org	novosti.dn.ua r.casalemedia.com
4	onetag-sys.com	ads.themoneytizer.com s.adtelligent.com ads.us.e-planning.net
4	connect.facebook.net	novosti.dn.ua connect.facebook.net
4	cdn.admixer.net	novosti.dn.ua cdn.admixer.net
3	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
3	dmp.adform.net	2 redirects spl.zeotap.com
3	s.e-planning.net	ads.us.e-planning.net
3	pixel.rubiconproject.com	novosti.dn.ua s.adtelligent.com
3	x.bidswitch.net	2 redirects novosti.dn.ua
3	ad.360yield.com	3 redirects
3	ads.pubmatic.com	jsc.mgid.com s.adtelligent.com
3	c.mgid.com	jsc.mgid.com novosti.dn.ua
3	gum.criteo.com	1 redirects ads.themoneytizer.com
3	c.tmyzer.com	ads.themoneytizer.com
2	token.rubiconproject.com	s.adtelligent.com eus.rubiconproject.com
2	tags.crwdcntrl.net	s.e-planning.net tags.crwdcntrl.net
2	aax-eu.amazon-adsystem.com	1 redirects ads.us.e-planning.net
2	beacon.krxd.net	spl.zeotap.com ads.us.e-planning.net
2	idsync.frontend.weborama.fr	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com spl.zeotap.com
2	secure-assets.rubiconproject.com	2 redirects
2	vid.vidoomy.com	s.adtelligent.com ads.us.e-planning.net
2	rtb.openx.net	2 redirects
2	ads.us.e-planning.net	1 redirects s.adtelligent.com
2	csync.loopme.me	2 redirects
2	mug.criteo.com	novosti.dn.ua
2	creativecdn.com	2 redirects
2	sync.mathtag.com	2 redirects
2	sync.e-volution.ai	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	ap.lijit.com	novosti.dn.ua s.adtelligent.com
2	s.adtelligent.com	cm.mgid.com s.adtelligent.com
2	cdn.mgid.com	novosti.dn.ua
2	dpm.demdex.net	2 redirects
2	id5-sync.com	novosti.dn.ua
2	mc.yandex.ru	1 redirects novosti.dn.ua
2	platform.twitter.com	novosti.dn.ua platform.twitter.com
2	pagead2.googlesyndication.com	novosti.dn.ua pagead2.googlesyndication.com
2	jsc.mgid.com	novosti.dn.ua jsc.mgid.com
1	pixel-eu.rubiconproject.com	ads.us.e-planning.net
1	js.cookieless-data.com	s.e-planning.net
1	eb2.3lift.com	ads.us.e-planning.net
1	s.company-target.com	1 redirects
1	bttrack.com	r.casalemedia.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	sync.console.adtarget.com.tr	1 redirects
1	cm.adform.net	s.console.adtarget.com.tr
1	i.e-planning.net	ads.us.e-planning.net
1	r.casalemedia.com	ads.us.e-planning.net
1	ssum.casalemedia.com	1 redirects
1	ssp.disqus.com	1 redirects
1	a4p.adpartner.pro	1 redirects
1	s.console.adtarget.com.tr	s.adtelligent.com
1	ic.tynt.com	s.adtelligent.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	cm.idealmedia.io	novosti.dn.ua
1	sync.inmobi.com	1 redirects
1	d.turn.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	cs.admanmedia.com	novosti.dn.ua
1	idsync.rlcdn.com	novosti.dn.ua
1	id.rlcdn.com	novosti.dn.ua
1	bh.contextweb.com	novosti.dn.ua
1	image8.pubmatic.com	novosti.dn.ua
1	in.hotjar.com	script.hotjar.com
1	cdn.id5-sync.com	jsc.mgid.com
1	test.cmp.quantcast.com	cmp.quantcast.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	www.google.de	novosti.dn.ua
1	www.google.com	novosti.dn.ua
1	servicer.mgid.com	jsc.mgid.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	pixel.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	static.hotjar.com	novosti.dn.ua
1	syndication.twitter.com	platform.twitter.com
1	widgets.getsitecontrol.com	novosti.dn.ua
1	quantcast.mgr.consensu.org	novosti.dn.ua
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	www.googletagmanager.com	novosti.dn.ua
0	mc.yandex.ua Failed	novosti.dn.ua
0	habrastorage.org Failed	novosti.dn.ua
239	123

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
dii.dn.ua
www.facebook.com
twitter.com
t.me
interfax.com.ua
ua.depositphotos.com
yedynkadigital.com

Subject Issuer	Validity	Valid
novosti.dn.ua R3	`2022-09-06` - `2022-12-05`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-17` - `2022-09-15`	3 months	crt.sh
c.tmyzer.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.cmp.quantcast.com R3	`2022-08-22` - `2022-11-20`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2022-03-05` - `2023-04-06`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2022-06-13` - `2023-07-12`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-07-31` - `2022-10-29`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2022-04-21` - `2023-05-23`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
ads.us.e-planning.net R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2022-07-27` - `2022-10-25`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.audrte.com Amazon	`2022-02-24` - `2023-03-24`	a year	crt.sh
*.e-planning.net R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-23` - `2023-02-03`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
dmp.theadex.com R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.cookieless-data.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-23` - `2023-03-22`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://novosti.dn.ua/
Frame ID: 626996A148BFD0B3A6DD0541DCFC930F
Requests: 147 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1662606305589
Frame ID: 96C833310F64DB3D99610247533209FA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fnovosti.dn.ua
Frame ID: 8CA9593008C953FE2B145D9816078B13
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
Frame ID: 159371106A0926218BF6513E7402CADD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: D71C6B7A0469A20778B3731DF3A33D65
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 2F0B72A448C1C70FA0C98789826BB8BF
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1662606306470628250739&consentData=&gdprApplies=0&uspString=
Frame ID: 7D35D8034E78335C973D0E7EEFF3A9CA
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=754484
Frame ID: 20FA82B26C5C5AFFC0752158819F1082
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 38E911F10E389DB9C0763C8482CA566A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0399206f-252a-44c4-8db6-989bdc6b816e
Frame ID: 790E12B439984A427BD1CCA28BD63C6E
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 71FFAC070429CA62834BDF6A2248FA7F
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 7CC1D9654841A979CF7FE1F1CCF70097
Requests: 9 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 0B93A4E89924DE3E3E9C225503A88D0F
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 81956A87B367E20D6B61F4C145805CCE
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: FC1F162C03E819366289126DC3312C2E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: C0AA871687C40557602DDF316EFDD0BD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 8D773B813556D17CA09E14918E206BB2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 1A405756CB41CCED2C73894BCB8FC7F0
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: B7C3493E531947125F5FE25F2D04A3C9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: D2205D2F4381BA63FE157859C3BED402
Requests: 4 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Frame ID: D38D394F615475DAAE0D88ADB0ED5D8A
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 208760E3B3F382B981F27DC0ABF63024
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 94E47A98C6D4486E0CD93FE3B8D00300
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&cmp=0
Frame ID: 708D9069325D69A0AC7B0CA88918F346
Requests: 25 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 19E02FABB9B1099F1E0C1739E81DBEC0
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 28A2C79339FD3BC1A806E872A068B397
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 2B0CE16866757FCC4237BBC64DEB190E
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=1cf985daa3b09e98&uid=a6f37f0123013099a595be2217fc435a
Frame ID: D0CC790B2660FC41F45F231ED00AB13F
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 318FC27213F284C5BC4632F1759E7F2C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ALy51wJbmzy90OC9
Frame ID: 14DFB3C32641DD15D36DBFA03E549925
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Донбасу

Page URL History Show full URLs

http://novosti.dn.ua/ HTTP 301
https://novosti.dn.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

239
Requests

79 %
HTTPS

29 %
IPv6

88
Domains

123
Subdomains

85
IPs

12
Countries

2596 kB
Transfer

7188 kB
Size

107
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UC1F5QtxH9qGWmsk-7rjRKoA
Title: КРИМ СЬОГОДНІ

Search URL Search Domain Scan URL

URL: https://dii.dn.ua/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/novostidnua/

Search URL Search Domain Scan URL

URL: https://twitter.com/novostidnua

Search URL Search Domain Scan URL

URL: https://t.me/novynydonbas

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/hromadskednua?sub_confirmation=1

Search URL Search Domain Scan URL

URL: http://dii.dn.ua/
Title: ДІІ

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: «Інтерфакс-Україна»

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/home.html
Title: Depositphotos

Search URL Search Domain Scan URL

URL: http://yedynkadigital.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://novosti.dn.ua/ HTTP 301
https://novosti.dn.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3Dfb64e414-a314-4f4d-7d46-a7ae6e9863cf%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=5685619251434139993&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEIJsIBlyZF2P2lsvedS9Ry4&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258

Request Chain 77

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a9292f66-bed9-4b68-53cd-c5188a427a95&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3Dfb64e414-a314-4f4d-7d46-a7ae6e9863cf%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a9292f66-bed9-4b68-53cd-c5188a427a95&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3Dfb64e414-a314-4f4d-7d46-a7ae6e9863cf%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=77591084983254548593378124467212135502&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258

Request Chain 78

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=MjjoqVWHhTjMBoLQce2WGQPj15VbPdV5%2BS41iYitP1U%3D

Request Chain 79

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3Dfb64e414-a314-4f4d-7d46-a7ae6e9863cf%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=dc5b6319-5be1-4c00-8677-a200f76d2677&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258

Request Chain 108

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9754.DI_2Ptupx3gzNjXZeTHKkMA7xwyTh3ophlUDr6hY50CatbwdgU9_M4XQVsjIcHuz.MOUTDKRxUuC3WrnwlLH50Z5KtMI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9754.6kQMj6thqci-PAT-Z6jYUhnxm4q9kONigRj-AVhqy-R1KoLupJOfZ0wVRGcYZPpkUV7JyypqPYoIXcq1FZh_ow%2C%2C.sJ9iPucw0WSThRLHCysX25OmW_I%2C

Request Chain 127

https://mc.yandex.com/watch/1658765?wmode=7&page-url=https%3A%2F%2Fnovosti.dn.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxq2kcu60%3Afp%3A512%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A776056235241%3Ahid%3A799762033%3Az%3A0%3Ai%3A20220908030506%3Aet%3A1662606306%3Ac%3A1%3Arn%3A15217766%3Arqn%3A1%3Au%3A1662606306831323325%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1662606304855%3Aco%3A0%3Ads%3A0%2C119%2C116%2C1%2C128%2C0%2C%2C483%2C38%2C%2C%2C%2C850%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1662606307%3At%3A%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%83&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/1658765/1?wmode=7&page-url=https%3A%2F%2Fnovosti.dn.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxq2kcu60%3Afp%3A512%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A776056235241%3Ahid%3A799762033%3Az%3A0%3Ai%3A20220908030506%3Aet%3A1662606306%3Ac%3A1%3Arn%3A15217766%3Arqn%3A1%3Au%3A1662606306831323325%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1662606304855%3Aco%3A0%3Ads%3A0%2C119%2C116%2C1%2C128%2C0%2C%2C483%2C38%2C%2C%2C%2C850%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1662606307%3At%3A%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%83&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 129

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=a5234b80-b300-4f14-a859-e5410e167aa7

Request Chain 131

https://x.bidswitch.net/sync?dsp_id=303&user_id=m8763KNAZo5k HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m8763KNAZo5k HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=ac12eddc-6875-4161-af95-588362815579

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTg3NjNLTkFabzVr&muidn=m8763KNAZo5k HTTP 302
https://cm.mgid.com/google?muidn=m8763KNAZo5k&google_ula={guid},5&google_gid=CAESEPOdE7rMM7l-vl1-dodKYPI&google_cver=1

Request Chain 139

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=bcce48f1-d93a-4874-8a84-25ebc4f9dde6

Request Chain 141

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m8763KNAZo5k HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=7983080018656811500&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 142

https://ps.eyeota.net/match?bid=dn2m51u&uid=m8763KNAZo5k&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=m8763KNAZo5k&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjdvcFd1bjlCd2tQVXpaWUtNVlpLcndCNWp5bm9QUV9PZzh3VGtBZDVOb0E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=dn2m51u& HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=dn2m51u&google_gid=CAESENPzeMEyCCniawvqF--WC5s&google_cver=1 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn2m51u& HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4077255625088769865&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn2m51u& HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Ddn2m51u%26 HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=dc5b6319-5be1-4c00-8677-a200f76d2677&dc_rc=3&dc_mr=5&dc_orig=dn2m51u& HTTP 302
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Ddn2m51u%26 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Ddn2m51u%26&_test=Yxlb4wAMRg2YhgBC HTTP 302
https://ps.eyeota.net/match?uid=Yxlb4wAMRg2YhgBC&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=dn2m51u&&_test=Yxlb4wAMRg2YhgBC HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 143

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=l4oKrHFZfnrEqRUBtqlH&pi=mgid&tc=1

Request Chain 144

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A

Request Chain 149

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnovosti.dn.ua%2F&domain=novosti.dn.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=SuDJNnxPTEpINzM1SUEzRlMrVURXdmZaK2cyM0FwcHgxUU14K2xOMDFVZTBsNHBqN2ZlOUVaS2hWaDBzRXJvczVBc3BDME54a2VyQlE1dkZ5eVB4S0VUTWxza01jY212MzROcFJzTzV1b0FqQ05mU3d0ODJsN3JxcVQ0eWNqdlZZQ0RzaTV4TURyQTQ0K1FZVTlkTUljeWt2ZXczNkJEYWZYSTdoYTdPbVlxYWMzTFMzVjUxQVlRcjh3Y3dyVUNjbXJnTXNVZ1hEZ2VwRzZzTlNYQTNSZDJJWmo4UE5JM2RScU1EMDlrU3hITlJlM2NrPXw&cppv=2

Request Chain 151

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0399206f-252a-44c4-8db6-989bdc6b816e

Request Chain 153

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 158

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5685619251434139993

Request Chain 159

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7b033112-f4c6-4955-9e39-405172f736be

Request Chain 160

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=a5234b80-b300-4f14-a859-e5410e167aa7

Request Chain 161

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5685619251434139993

Request Chain 162

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3e7316c6-3555-4be7-849c-1d40af99423d

Request Chain 165

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=14608d126666643e

Request Chain 167

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184-d

Request Chain 173

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1cf985daa3b09e98%26uid%3D%24UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1cf985daa3b09e98&uid=5685619251434139993

Request Chain 174

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D1cf985daa3b09e98%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=1cf985daa3b09e98&uid=ua-b904149b-8032-3453-8158-39e9aa7db345

Request Chain 176

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu

Request Chain 177

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1

Request Chain 182

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=fc80234454844c2a

Request Chain 183

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=48119619-26fa-4dbd-b730-40a16f6d8399&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361

Request Chain 188

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=c3336960-e389-47e0-baca-b7b87eb46c5f&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 190

https://bn01.er.bemail.it/zeotap.php?_bid=a9292f66-bed9-4b68-53cd-c5188a427a95&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2022090815-27179-0.219711001662642398-7a6e0212d06d74c6de66762b62872aff&zdid=533&env=mWeb

Request Chain 191

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7140839714694953107&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361

Request Chain 192

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a9292f66-bed9-4b68-53cd-c5188a427a95 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a9292f66-bed9-4b68-53cd-c5188a427a95

Request Chain 193

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a9292f66-bed9-4b68-53cd-c5188a427a95&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a9292f66-bed9-4b68-53cd-c5188a427a95&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361&bounce=1&random=3672543058 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=wOCCytjKxIEyBhFBxrdZsu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361

Request Chain 195

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a9292f66-bed9-4b68-53cd-c5188a427a95?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a9292f66-bed9-4b68-53cd-c5188a427a95?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361

Request Chain 196

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-0kvPe69E2orAFoTRa6ICCA6MEtKBkXkB2w--~A&zpartnerid=570&env=mWeb

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361&_test=Yxlb4wAFjUCB3ABN HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yxlb4wAFjUCB3ABN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&_test=Yxlb4wAFjUCB3ABN

Request Chain 200

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361

Request Chain 201

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&dcc=t

Request Chain 202

https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&dcc=t

Request Chain 204

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361

Request Chain 209

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yxlb4y1P991AMbJQZZBzTAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUiDpFarIobVQNbburL4WY&google_cver=1&gdpr=1

Request Chain 212

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yxlb4y1P991AMbJQZZBzTAAABHEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yxlb4y1P991AMbJQZZBzTAAABHEAAAIB&dcc=t

Request Chain 213

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0399206f-252a-44c4-8db6-989bdc6b816e&us_privacy=null&gdpr_consent=null&gdpr=1

Request Chain 215

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678244707&external_user_id=383fdc43-3c1c-4aa2-b1c6-0f7446662ccd

Request Chain 216

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=dc5b6319-5be1-4c00-8677-a200f76d2677&gdpr=1&gdpr_consent=

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2aiLsEHMd07ScSq-mwaLwWwOA&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2aiLsEHMd07ScSq-mwaLwWwOA&gdpr=0&gdpr_consent=&google_gid=CAESEHnExyCcIkKFr5E_cyPe3P4&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 236

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=4579680753371289089 HTTP 302
https://a.audrte.com/p

239 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
novosti.dn.ua/
Redirect Chain

http://novosti.dn.ua/
https://novosti.dn.ua/

58 KB
15 KB

237ms
116ms

Document
text/html

168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 / PHP/7.4.11
Resource Hash: e6a8e89a4879014e4d13cf0078e75633aacfd6dc3c112af51ec9ed17047be9fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 03:05:05 GMT
Keep-Alive: timeout=60
Server: nginx/1.14.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.11

Redirect headers

Content-length: 0
Location: https://novosti.dn.ua/

GET
H/1.1 200
OK styles.min.css
novosti.dn.ua/css/ 208 KB
43 KB 61ms
61ms Stylesheet
text/css 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6715af55167d4c096331bfac658a23f9507d9d0e42b93545eb7560e10115ffc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-34188"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK modernizr-2.8.3-respond-1.4.2.min.js Show response
novosti.dn.ua/js/vendor/ 20 KB
8 KB 177ms
59ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-4e8a"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK logo_white.svg
novosti.dn.ua/images/ 6 KB
7 KB 59ms
58ms Image
image/svg+xml 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/images/logo_white.svg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d177d0568ee9b877b7b6c462ea22fb27f5323644c80ce9fbe4ba31f653d5fa08

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 18 Jul 2022 12:01:04 GMT
Server: nginx/1.14.1
ETag: "62d54b80-19d8"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 6616

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 180ms
53ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: Abk73BDZ5er/qUMBAA
x-accel-expires: @1662609848
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: hGOHfWBbtzk
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 82857
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 130 KB
15 KB 227ms
106ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: afa9f49487ae84cfc5d12c429935d5210fdb547ac619139d52b52149cd1dda80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: Abk73BAz6qD/HzIBAA
x-accel-expires: @1662614338
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: Ft0kn/f0g/g
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 78367
x-77-pop: frankfurtDE

GET enmi4kmhtm3rblob9bc34-yacii.png
habrastorage.org/webt/en/mi/4k/ 0
0

GET
H/1.1 200
OK logo_ua.svg
novosti.dn.ua/images/ 6 KB
7 KB 91ms
58ms Image
image/svg+xml 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/images/logo_ua.svg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 3a7bb82b882e2e06e0ba9a3db6ff662becda452d1187fc14fb0c7f7039731704

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 18 Jul 2022 12:01:05 GMT
Server: nginx/1.14.1
ETag: "62d54b81-19db"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 6619

GET
H/1.1 200
OK 6319100511473-maxresdefault_340x190.jpeg
novosti.dn.ua/upload/news/2022/09/08/ 41 KB
42 KB 117ms
117ms Image
image/jpeg 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/upload/news/2022/09/08/6319100511473-maxresdefault_340x190.jpeg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: cd6a9d800ba7ecfdec19eca018589422def18d93f95b7c57051af4804a86f9c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Wed, 07 Sep 2022 21:42:35 GMT
Server: nginx/1.14.1
ETag: "6319104b-a5d2"
Content-Type: image/jpeg
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 42450

GET
H/1.1 200
OK 6318f2f71d11e-photo1662567371_340x190.jpeg
novosti.dn.ua/upload/news/2022/09/07/ 45 KB
46 KB 60ms
60ms Image
image/jpeg 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/upload/news/2022/09/07/6318f2f71d11e-photo1662567371_340x190.jpeg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: bcf7affa79ef6864250d521c969b968faf5543f87d4520f739c56dba671acc3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Wed, 07 Sep 2022 19:37:53 GMT
Server: nginx/1.14.1
ETag: "6318f311-b5ad"
Content-Type: image/jpeg
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 46509

GET
H/1.1 200
OK 6318f3add4ef4-63182afb5e076-305659528-500542328748093-7882260958330393626-n_340x190.jpg
novosti.dn.ua/upload/news/2022/09/07/ 44 KB
44 KB 59ms
59ms Image
image/jpeg 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/upload/news/2022/09/07/6318f3add4ef4-63182afb5e076-305659528-500542328748093-7882260958330393626-n_340x190.jpg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 30b4b20777931c060c92b024d0c527c033aa8fd1a8666a642cdbfb47744f5a89

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Wed, 07 Sep 2022 19:41:12 GMT
Server: nginx/1.14.1
ETag: "6318f3d8-ae79"
Content-Type: image/jpeg
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 44665

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 230ms
109ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=3
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: Abk73BCAHlv/qUMBAA
x-accel-expires: @1662609848
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: AeDMZCmiFao
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 82857
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 130 KB
15 KB 252ms
131ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=3
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a457edfc895c74cf54380b4ff5c5dfb6f3f8ff8d7557305027bdaccd52fc1320

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: Abk73BDk1En/9w8BAA
x-accel-expires: @1662623082
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: QW36I0eQt1U
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 69623
x-77-pop: frankfurtDE

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 255ms
135ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: Abk73BBK9jX/qEMBAA
x-accel-expires: @1662609849
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: reaJ3h0z0k8
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 82856
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 130 KB
15 KB 280ms
160ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=2
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8fe3101b13007789be64c57a624c831f5cdc007f604a27ab85b86276069739a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: Abk73BBGXzb/HzIBAA
x-accel-expires: @1662614338
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: SmKKhh8pse4
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 78367
x-77-pop: frankfurtDE

GET
H2 200 novosti.dn.ua.1319008.js Show response
jsc.mgid.com/n/o/ 2 KB
1 KB 179ms
78ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.js
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02765069869ed277f22839eb91f9c733127a9d4d2000113260d4fcabe2cfd68a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Q5S3GDENQW6W13ME
cf-polished: origSize=2320
cf-ray: 747475e1fabcf43b-LHR
last-modified: Wed, 24 Aug 2022 10:26:15 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: eh2Y3qeTaWhKz9+xHh/rKzHqbUzU3Vhi+2N/dpVH1BRpPLYjqpMZlHr/ZfWRBrhpxmphfUJtxqQ=
cf-bgj: minify
server: cloudflare
etag: W/"9e3ead098759421dbd5b76746d0a53d8"
vary: Accept-Encoding
x-amz-version-id: ao7vpI_ehVCUHnXdzI9yNVtQK9g2G4q0
cache-control: public, max-age=10800
content-type: text/javascript
expires: Thu, 08 Sep 2022 06:05:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
57 KB 189ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51ddb868df8047b8c45d265c8c508fca37427e7196bb359dd5125e504a6cad8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57424
x-xss-protection: 0
server: cafe
etag: 15950880802471916753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 03:05:05 GMT

GET
H/1.1 200
OK logo_footer.png
novosti.dn.ua/images/ 3 KB
3 KB 59ms
58ms Image
image/png 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/images/logo_footer.png
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 0d47f3cfcbdbccc8268f9ee28497b52b71346b3c146186c77ef6b5b0088a2c30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: "5f96cd08-bf8"
Content-Type: image/png
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3064

GET
H/1.1 200
OK img.jpg
novosti.dn.ua/images/ 2 KB
2 KB 58ms
58ms Image
image/jpeg 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/images/img.jpg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 83235a96798ad37eb8a59cdb2e7028f5fdd649e2ce3db252c2e669b91cdd5d95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: "5f96cd08-682"
Content-Type: image/jpeg
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1666

GET
H/1.1 200
OK jquery.js Show response
novosti.dn.ua/assets/a6216365/ 252 KB
79 KB 64ms
60ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/assets/a6216365/jquery.js?v=1614266394
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 15:19:54 GMT
Server: nginx/1.14.1
ETag: W/"6037c01a-3ee0f"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK yii.js Show response
novosti.dn.ua/assets/a1149f62/ 20 KB
6 KB 181ms
59ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/assets/a1149f62/yii.js?v=1614266394
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 11:54:15 GMT
Server: nginx/1.14.1
ETag: W/"60378fe7-51c6"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK bootstrap.min.js Show response
novosti.dn.ua/js/vendor/ 35 KB
10 KB 181ms
59ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/vendor/bootstrap.min.js?v=1603718408
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-8b11"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK jquery.bttrlazyloading.min.js Show response
novosti.dn.ua/js/vendor/ 8 KB
3 KB 59ms
59ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/vendor/jquery.bttrlazyloading.min.js?v=1603718408
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 1b61008935c6982da4227dde41c1ae74a7208fefbb9d6aa7a485c7e3c99f54b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-1e88"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK jquery-ui.min.js Show response
novosti.dn.ua/js/vendor/ 235 KB
66 KB 60ms
60ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/vendor/jquery-ui.min.js?v=1603718408
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: ea21e579ba2ae4fc6e0b8b2cdcfb4bc40abe7fd09b1372ffd8dcc7482a236289

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-3ab26"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK slideout.min.js Show response
novosti.dn.ua/js/ 7 KB
3 KB 59ms
58ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/slideout.min.js?v=1603718408
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 625fe50da014a3c61723c5f3a25f61b21ccf404f20793df88eedd0fa5267b633

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-1b0f"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK slick.min.js Show response
novosti.dn.ua/js/ 40 KB
10 KB 59ms
59ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/slick.min.js?v=1603718408
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-9e0d"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK jquery.cookie.js Show response
novosti.dn.ua/js/ 4 KB
2 KB 59ms
58ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/jquery.cookie.js?v=1603718408
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 4c3900ad528497c7f05e1bfae35d0b424d4493dc5c24578112b5469f9f413be8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-e8f"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK app.min.js Show response
novosti.dn.ua/js/ 3 KB
1 KB 59ms
58ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/app.min.js?v=1603718408
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 983549c91c293b6b54ac14eaadbdec972c87a9b84ceeba48208f700181e5bad3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: W/"5f96cd08-ca0"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK main.min.js Show response
novosti.dn.ua/js/ 6 KB
2 KB 59ms
59ms Script
application/javascript 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/js/main.min.js?v=1658145664
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 4383f92eb75f5415e723dc7508e15531b9a718e1b2bc30b5df48b2652d63291b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 12:01:05 GMT
Server: nginx/1.14.1
ETag: W/"62d54b81-185f"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Keep-Alive: timeout=60

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 275ms
53ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1012
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29220
x-tw-cdn: VZ
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
Server: ECS (frb/675D)
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
50 KB 182ms
66ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZLLRPH

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d39539a00fbe5b96560ad2bc2448d7aaf369d76253bec0b493811f87e16f35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51182
x-xss-protection: 0
expires: Thu, 08 Sep 2022 03:05:05 GMT

GET urchin.js
www.google-analytics.com/ 0
0

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 207ms
63ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-09-08T02:59:43+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Aug 2022 09:48:16 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 150ms
50ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41bd41f362f5179c4cfa7a3ce31402f9c3b253f0fddfff761d8a732b0026f028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LXZS0X1qIkbaTsBLSQ5UnA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: AhPCRNlsxQc7Qqnd2PJrAS9Rley/TZ6BBy1HIUx5Tl+XaqpQtF1o7QkvnOVe5wiozNxe9tyhh2vR+RJYki3ICA==
x-fb-trip-id: 1679558926
x-fb-content-md5: be8465579b0b89bfe8bdb042403d73a6
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 03:05:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "406e683908620338d0eecff2f698f52e"
timing-allow-origin: *
expires: Thu, 08 Sep 2022 03:08:16 GMT

GET
DATA 200
OK truncated
/ 541 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 963a358672721067643c40fb5fd58ea7a3e2d37d422563df71a2715eac2f4840

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK tg_icon.svg
novosti.dn.ua/images/ 940 B
1 KB 170ms
59ms Image
image/svg+xml 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/images/tg_icon.svg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 12834bf87c7ea4886f34ec4c3467347430875f00be6124b983d42442bc9aeb20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/css/styles.min.css?v=1603718408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: "5f96cd08-3ac"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 940

GET
H/1.1 200
OK yt_icon.svg
novosti.dn.ua/images/ 2 KB
2 KB 170ms
59ms Image
image/svg+xml 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/images/yt_icon.svg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 80653f3de946aed3719e7d60e624655f7986179788b5048fe03486281665a56c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/css/styles.min.css?v=1603718408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: "5f96cd08-6a5"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1701

GET
DATA 200
OK truncated
/ 638 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 133119cf67a229727e24591a0d3d5d3e5ac3d41ba1a29b252ddb43f13b7cdb76

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK PFDinTextCompPro-Regular.woff
novosti.dn.ua/fonts/ 169 KB
169 KB 106ms
59ms Font
application/font-woff 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/fonts/PFDinTextCompPro-Regular.woff
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 160393155f0226346f1bdcc189e3517f2972562807a2c545223164d57927c659

Request headers

Referer: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Origin: https://novosti.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: "5f96cd08-2a364"
Content-Type: application/font-woff
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 172900

GET
H/1.1 200
OK icons.woff
novosti.dn.ua/fonts/ 6 KB
6 KB 174ms
59ms Font
application/font-woff 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/fonts/icons.woff
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d8d4ca1d9b3726b5d7c2914a4402b658e1ee9fb16253e3dc2e02b0f23dba587c

Request headers

Referer: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Origin: https://novosti.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: "5f96cd08-18e8"
Content-Type: application/font-woff
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 6376

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 106ms
105ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: Abk73BBEdBT/qUMBAA
pragma: public
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
etag: W/"604b9fc7-981e"
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: jyWROvPFuLc
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 82857
x-77-pop: frankfurtDE
x-accel-expires: @1663560248

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 251ms
62ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=93522&f=1&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 08 Sep 2022 03:05:05 GMT
Server: nginx
X-IPLB-Request-ID: 52C78224:D77E_36264064:01BB_63195BE1_15200E38:18538
X-IPLB-Instance: 20687
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 94 KB
32 KB 181ms
58ms Script
application/javascript 23.216.77.39
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.39 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-39.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 32364
Expires: Thu, 08 Sep 2022 03:20:05 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 166ms
55ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 713377
strict-transport-security: max-age=31536000; preload;
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 148ms
57ms Script
application/javascript 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 747475e37ac3776e-LHR
date: Thu, 08 Sep 2022 03:05:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://novosti.dn.ua
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 228ms
55ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:13 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:53 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 52C78224:BAE8_91EFC133:01BB_63195BE1_63102454:17AA7
ETag: "6167dbf9-15ab"
X-IPLB-Instance: 29922
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame 96C8 0
0 180ms
57ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1662606305589

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://novosti.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 193ms
66ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32cf0a8fe53899cf276cb12df8c8f5f1558bfb49a803502eda8296818dafef6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: gzip
etag: "3K3nn1ChiYCKxJYFUmbsHw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 15 Sep 2022 03:05:05 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12761/ 2 KB
2 KB 243ms
57ms Script
application/javascript 54.229.37.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12761/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.37.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-37-204.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 309f9e2fb5a81f1cf516723a0dd4fb6ad24dbd7c9d919f8f5c35f3013d7aee95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1990
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 181ms
61ms Script
text/javascript 65.9.58.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-132.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 00:45:51 GMT
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 8357
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: loi4yOnjdvu2hXtYJhpk-ApByErhiR12t5YxdxHQYZMGaxDH9RK3fA==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_10/build/dist/ 634 KB
167 KB 95ms
95ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 42657f84f78e7d7a2182c9bc4cd1e6fa8db6e4fb4d52ddb276007ccbd65f343c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: Abk73BA/iUf/qUMBAA
pragma: public
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
etag: W/"63175d8e-9e930"
last-modified: Tue, 06 Sep 2022 14:47:42 GMT
server: CDN77-Turbo
x-77-nzt-ray: C+IWNYr9mzk
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 82857
x-77-pop: frankfurtDE
x-accel-expires: @1663560248

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 180ms
53ms Script
application/javascript 2600:9000:206f:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 08 Sep 2022 03:04:36 GMT
content-encoding: br
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
age: 31
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: VhkFaNUnzRkTb5QKmjkIaT03zAxJECnqohaY7MxFWld4cH2uBxzvSQ==

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 270ms
71ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=93522&f=3&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 08 Sep 2022 03:05:05 GMT
Server: nginx
X-IPLB-Request-ID: 52C78224:D788_36264064:01BB_63195BE1_151E394F:12119
X-IPLB-Instance: 38442
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK FiraSans.woff
novosti.dn.ua/fonts/ 87 KB
87 KB 80ms
59ms Font
application/font-woff 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://novosti.dn.ua/fonts/FiraSans.woff
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d8318a1053c2f8a4a2b688cefecdb52f0f01a6ebb6a36810d680678ae00a3673

Request headers

Referer: https://novosti.dn.ua/css/styles.min.css?v=1603718408
Origin: https://novosti.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Mon, 26 Oct 2020 13:20:08 GMT
Server: nginx/1.14.1
ETag: "5f96cd08-15bc8"
Content-Type: application/font-woff
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 89032

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 243ms
61ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=93522&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93522&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 08 Sep 2022 03:03:31 GMT
Server: nginx
X-IPLB-Request-ID: 52C78224:D78A_36264064:01BB_63195BE1_1523A89B:AF15
X-IPLB-Instance: 24857
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 159 KB
56 KB 375ms
182ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9f453ee3bc59908a14a3aebca4cf51eeb3ec4a05b9247e0af8d4d55e777bfd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
etag: "63186565-dfa9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57257
expires: Thu, 08 Sep 2022 04:05:06 GMT

GET
H2 200 novosti.dn.ua.1319008.es6.js Show response
jsc.mgid.com/n/o/ 265 KB
76 KB 244ms
243ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 239e4d8a5220e69c7fc071ffbd310facdba8c46b34f3e3064b7394f1fd2af19c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: T46ZVAGNSR3AHM1C
cf-polished: origSize=271715
cf-ray: 747475e2baf0f43b-LHR
last-modified: Wed, 24 Aug 2022 10:26:15 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: rM/Dm4c9fmlbVNMApfQXKeZY4PlQbn6KraYtcdEs+9uw0m0nYzZRk4j2uwrto7Rvz2wj/4RwJYk=
cf-bgj: minify
server: cloudflare
etag: W/"1197b57f5a3452e43f19dcf7eb38d291"
vary: Accept-Encoding
x-amz-version-id: 8OMwHQ1_DUrVeGQU6VcLQTGTP3lTA.Md
cache-control: public, max-age=10800
content-type: text/javascript
expires: Thu, 08 Sep 2022 06:05:05 GMT

GET
H2 200 script.js Show response
widgets.getsitecontrol.com/160532/ 52 B
863 B 302ms
184ms Script
text/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getsitecontrol.com/160532/script.js
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: br
cdn-edgestorageid: 713
x-amz-request-id: KF75JATB1HCS7K8G
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 08/20/2022 03:08:47
cdn-pullzone: 44619
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Vj8TpQPIeJdD6LdhUWlHkgjflU934IzCzF1xeWX3mQP3lgHTJ4oAzkQf5uVUyzYgUIko7uLyF0Q=
server: BunnyCDN-DE-713
access-control-allow-origin: *
last-modified: Thu, 07 Mar 2019 12:00:43 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"28e52de6da55f873c5c3b54bb062fa12"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: 217a5b1424c626eb5917fddd86dc67fa
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200 9.gif
id5-sync.com/i/12/ 43 B
1 KB 191ms
62ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1 200
OK widget_iframe.c4bdc17e77719578b594d5555bee90db.html Show response
platform.twitter.com/widgets/ Frame 8CA9 320 KB
104 KB 54ms
54ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fnovosti.dn.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://novosti.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 627706
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Sep 2022 03:05:05 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
DATA 200
OK truncated
/ 723 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d266111697d676c62a865aa2841614917d4cf03fbb512c9ea24dce8ddb25e928

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 6318e99d37ef1-zhenshini-vsu_500x500.jpeg
novosti.dn.ua/upload/article/2022/09/07/ 141 KB
142 KB 60ms
60ms Image
image/jpeg 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/upload/article/2022/09/07/6318e99d37ef1-zhenshini-vsu_500x500.jpeg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: be50b4ed8b858fb7f3c11fc63523bc3cc429510c22227b85be6b0da9b8f7b2a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Wed, 07 Sep 2022 18:58:02 GMT
Server: nginx/1.14.1
ETag: "6318e9ba-2358d"
Content-Type: image/jpeg
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 144781

GET
H/1.1 200
OK 631756c2864d8-rizhenko_500x500.jpg
novosti.dn.ua/upload/article/2022/09/06/ 54 KB
54 KB 60ms
60ms Image
image/jpeg 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/upload/article/2022/09/06/631756c2864d8-rizhenko_500x500.jpg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 79047a3aeacacc53b7ec0e4e2ca6b73d03e6f9e6d80d87f6166a903b5cacf87a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Tue, 06 Sep 2022 14:19:28 GMT
Server: nginx/1.14.1
ETag: "631756f0-d6fd"
Content-Type: image/jpeg
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 55037

GET
H/1.1 200
OK 63150de0acdef-pavlo-kirilenko_500x500.jpeg
novosti.dn.ua/upload/article/2022/09/04/ 82 KB
82 KB 59ms
59ms Image
image/jpeg 168.119.67.205
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novosti.dn.ua/upload/article/2022/09/04/63150de0acdef-pavlo-kirilenko_500x500.jpeg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.67.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.205.67.119.168.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 1a0f0121feddf291d65fca4e165541dcd861417d1ce13b5a82ec20f42b4157f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:05 GMT
Last-Modified: Sun, 04 Sep 2022 20:43:21 GMT
Server: nginx/1.14.1
ETag: "63150de9-147b7"
Content-Type: image/jpeg
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 83895

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 298 KB
85 KB 108ms
50ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=d069fd77eec5d621d8c72efd32f787f2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72da1cda28502541941d7beca3ecfb679aa0f59309e1191066a4efcf5b9c74c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://novosti.dn.ua/
Origin: https://novosti.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3lS+LfzvQ+vNSh549SKwLA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86533
x-fb-rlafr: 0
x-fb-debug: Cwb2tI3yxutRI+vGUPgXvioytdQ9dKyf/tJ45+ATWSJbSuyRv46d7Z0SGouAAh8iLvN+LJfOTSEHnHqct72+XQ==
x-fb-content-md5: 7916b7d42e27989d1224503739187575
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 03:05:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "098fe27ff306bae64b19c3396512f82c"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Sep 2023 01:02:23 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8CA9 709 B
590 B 236ms
141ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=c22bcd86392fbf7b19b7e71732e94736868f7376

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fnovosti.dn.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 97
date: Thu, 08 Sep 2022 03:05:05 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 03:05:06 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: a832fead73a4d4f06f1fc7b0ddc10330e4a45667fbcfea3d3e166686b79a70a9
content-length: 308

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZLLRPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6548
date: Thu, 08 Sep 2022 01:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 03:15:58 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 103ms
50ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: RdLowWqdiednhu6d54WWQZ8UrDTvFexWU3T4W2lpGrweK24mxxoIi5ZZZf/k59dp3GYpVWu64uuiEC5FVvzy3Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 03:05:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1100906.js Show response
static.hotjar.com/c/ 4 KB
3 KB 211ms
82ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1100906.js?sv=6

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

a277036dbc02e5c215ecc2e53ac64cad158174e27298446ced79387b3d592d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
date: Thu, 08 Sep 2022 03:05:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/b4f85ec2aca7d653eba589c5a31cbd7f
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: kFkG9hQA2bes30t94Kga0IIMz60zh6-LUEDJmn_KG6wkQISugc54ig==

GET
H2 200 / Show response
spl.zeotap.com/ 2 KB
971 B 63ms
62ms XHR
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfcfe39189deb2d73761c3c9950ef1a320602618dcd91ce4f68b3531fdd1960a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 747475e40b4d776e-LHR
date: Thu, 08 Sep 2022 03:05:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html
access-control-allow-origin: https://novosti.dn.ua
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/ 344 KB
121 KB 194ms
85ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8154183159467274&plah=novosti.dn.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48e9e1a995a56d210d3d756af67e0b554849e15d82cf985854a9785c9f40d117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124224
x-xss-protection: 0
server: cafe
etag: 9639588620238336113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 03:05:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/ Frame 1593 10 KB
5 KB 175ms
54ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novosti.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 75635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 06:04:31 GMT
etag: 8616628553774171045
expires: Wed, 21 Sep 2022 06:04:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame D71C 738 B
542 B 58ms
58ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://novosti.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Thu, 08 Sep 2022 03:05:06 GMT
etag: W/"63049f42-2e2"
expires: Thu, 24 Aug 2023 09:38:18 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-08-23T09:38:18+00:00
x-id: fr5-up-gc28

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/49044/ 23 KB
8 KB 61ms
60ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:56 GMT
server: nginx
etag: W/"63049f40-5d41"
vary: Accept-Encoding
x-cached-since: 2022-08-23T09:38:17+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Aug 2023 09:38:17 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/49044/ 75 KB
20 KB 66ms
66ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:45 GMT
server: nginx
etag: W/"63049f35-12c39"
vary: Accept-Encoding
x-cached-since: 2022-09-01T11:00:25+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 02 Sep 2023 11:00:25 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e98...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427...
https://mwzeom.zeotap.com/mw?adnxs_uid=5685619251434139993&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258

95 B
152 B

57ms
57ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=5685619251434139993&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://novosti.dn.ua
access-control-allow-credentials: true
cf-ray: 747475e65d08776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:06 GMT
X-Proxy-Origin: 82.199.130.36; 82.199.130.36; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dc9d12e2-cbed-49a9-8919-5efe999a4011
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=5685619251434139993&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf...
https://mwzeom.zeotap.com/mw?google_gid=CAESEIJsIBlyZF2P2lsvedS9Ry4&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d4...

95 B
152 B

56ms
55ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEIJsIBlyZF2P2lsvedS9Ry4&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://novosti.dn.ua
access-control-allow-credentials: true
cf-ray: 747475e70d83776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEIJsIBlyZF2P2lsvedS9Ry4&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 171ms
55ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3Dfb64e414-a314-4f4d-7d46-a7ae6e9863cf%26zdid%3D1258&gdpr=1&gdpr_consent=
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a9292f66-bed9-4b68-53cd-c5188a427a95&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a9292f66-bed9-4b68-53cd-c5188a427a95&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=77591084983254548593378124467212135502&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e...

95 B
153 B

63ms
62ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=77591084983254548593378124467212135502&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://novosti.dn.ua
access-control-allow-credentials: true
cf-ray: 747475e94f85776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-va6-2-v039-02f112f2f.edge-va6.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: og8KRGGHRjE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=77591084983254548593378124467212135502&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=MjjoqVWHhTjMBoLQce2WGQPj15VbPdV5%2BS41iYitP1U%3D

95 B
186 B

58ms
58ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=MjjoqVWHhTjMBoLQce2WGQPj15VbPdV5%2BS41iYitP1U%3D
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://novosti.dn.ua
access-control-allow-credentials: true
cf-ray: 747475e5fcbe776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=MjjoqVWHhTjMBoLQce2WGQPj15VbPdV5%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Da9...
https://mwzeom.zeotap.com/mw?cid=dc5b6319-5be1-4c00-8677-a200f76d2677&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46...

95 B
152 B

59ms
58ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=dc5b6319-5be1-4c00-8677-a200f76d2677&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://novosti.dn.ua
access-control-allow-credentials: true
cf-ray: 747475e63cf2776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: MT3 4505 5b23575 master zrh-pixel-x4 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=dc5b6319-5be1-4c00-8677-a200f76d2677&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=fb64e414-a314-4f4d-7d46-a7ae6e9863cf&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 08 Sep 2022 03:05:05 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 175ms
53ms Script
application/javascript 2600:9000:206f:8200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1a51f921893ae45dfba49e5799f1d8c21b5a1449592bfe3c04cae8d69d093a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 02:35:22 GMT
content-encoding: gzip
age: 1785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Sat, 27 Aug 2022 14:06:59 GMT
server: AmazonS3
etag: W/"552289573698eb75389ce036af4dd98e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: dsKMHsB22Hq9IvPMMy8JOo-Y628GukUwLD6B84NRqQg_nQ0oiJnhMA==

GET
BLOB 200
OK 0ffcd1ec-c78d-4ef3-9931-cf42a6b309ea
https://novosti.dn.ua/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://novosti.dn.ua/0ffcd1ec-c78d-4ef3-9931-cf42a6b309ea
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 364b61c3-c261-41b0-8951-648dd8be795c
https://novosti.dn.ua/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://novosti.dn.ua/364b61c3-c261-41b0-8951-648dd8be795c
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 180ms
58ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 23:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 23:18:49 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
43 KB 194ms
62ms Script
text/javascript 2600:9000:206f:2800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:04:55 GMT
content-encoding: br
age: 59
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
server: AmazonS3
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YG7ZBlhWpUHwpqdaeFmFDGkltUNwEQKIBD3FjwC3JtzgEHrW8LkAQg==

GET
H3 200 462901934219693 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 175ms
175ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/462901934219693?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fecea19e6f88de17cab929a8a2a97e77cafc838874059793c148d4313213544d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: yikaLFVQ2riM1UcpFp0hv+VyHCUHSRy8DVvdfluY+IIA4E2Hgkb68Eke8eiM5NTEU+OeWXm9g43tz6uB3tugAQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 03:05:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 151ms
51ms Image
image/gif 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1591450141154506&ev=fb_page_view&dl=https%3A%2F%2Fnovosti.dn.ua%2F&rl=&if=false&ts=1662606306074&sw=1600&sh=1200&at=

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 08 Sep 2022 03:05:06 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
35 B 377ms
358ms Script
text/plain 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?tcfV2=1&pv=5&cbuster=166260630615182206619&uniqId=0bcb6&consentData=&gdprApplies=0&uspString=&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnovosti.dn.ua%2F&lu=https%3A%2F%2Fnovosti.dn.ua%2F&sessionId=63195be2-09a67&pageView=1&pvid=1831b0eeb689bd2b014&site=809260&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 747475e67c41f43b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 1e808306-a26c-4612-9bb4-d12a9caca4c1
https://novosti.dn.ua/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://novosti.dn.ua/1e808306-a26c-4612-9bb4-d12a9caca4c1
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 171ms
56ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1424386-1&cid=1369973906.1662606306&jid=679044665&gjid=2119563322&_gid=1908707086.1662606306&_u=YGBAgEABAAAAAE~&z=1752813180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://novosti.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Sep 2022 03:05:06 GMT
content-type: text/plain
access-control-allow-origin: https://novosti.dn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 171ms
62ms Ping
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://novosti.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://novosti.dn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 148ms
58ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1262579670&t=pageview&_s=1&dl=https%3A%2F%2Fnovosti.dn.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=679044665&gjid=2119563322&cid=1369973906.1662606306&tid=UA-1424386-1&_gid=1908707086.1662606306&gtm=2wg8v0NZLLRPH&z=489593479

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 148ms
58ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1262579670&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnovosti.dn.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad_right_banner_view1&ea=https%3A%2F%2Fnovosti.dn.ua%2F&el=%D0%94%D0%BB%D1%8F%20%D1%87%D0%BE%D0%B3%D0%BE%20%D0%9C%D1%96%D0%BD%D0%BE%D0%B1%D0%BE%D1%80%D0%BE%D0%BD%D0%B8%20%D0%B2%D1%96%D0%B4%D1%81%D1%82%D1%80%D0%BE%D1%87%D0%B8%D0%BB%D0%BE%20%D0%BF%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D1%83%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%BE%D0%BA%20%D0%BD%D0%B0%20%D0%B2%D1%96%D0%B9%D1%81%D1%8C%D0%BA%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BE%D0%B1%D0%BB%D1%96%D0%BA%2007%20%D0%92%D0%95%D0%A0%D0%95%D0%A1%D0%9D%D0%AF%2C%2021%3A47&_u=YGDAgEABAAAAAE~&jid=&gjid=&cid=1369973906.1662606306&tid=UA-1424386-1&_gid=1908707086.1662606306&gtm=2wg8v0NZLLRPH&z=272149347

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 148ms
58ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 148ms
59ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 142ms
54ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 143ms
54ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1262579670&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnovosti.dn.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad_right_banner_view2&ea=https%3A%2F%2Fnovosti.dn.ua%2F&el=%D0%94%D0%BB%D1%8F%20%D1%87%D0%BE%D0%B3%D0%BE%20%D0%9C%D1%96%D0%BD%D0%BE%D0%B1%D0%BE%D1%80%D0%BE%D0%BD%D0%B8%20%D0%B2%D1%96%D0%B4%D1%81%D1%82%D1%80%D0%BE%D1%87%D0%B8%D0%BB%D0%BE%20%D0%BF%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D1%83%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%BE%D0%BA%20%D0%BD%D0%B0%20%D0%B2%D1%96%D0%B9%D1%81%D1%8C%D0%BA%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BE%D0%B1%D0%BB%D1%96%D0%BA%2007%20%D0%92%D0%95%D0%A0%D0%95%D0%A1%D0%9D%D0%AF%2C%2021%3A47&_u=YGDAgEABAAAAAE~&jid=&gjid=&cid=1369973906.1662606306&tid=UA-1424386-1&_gid=1908707086.1662606306&gtm=2wg8v0NZLLRPH&z=1538782884

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 144ms
56ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 146ms
58ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 146ms
58ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.448392d04fd1e15c100a.js Show response
script.hotjar.com/ 251 KB
65 KB 181ms
61ms Script
application/javascript 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.448392d04fd1e15c100a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1100906.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-101.fra6.r.cloudfront.net

Software

Resource Hash

f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58019
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
alt-svc: h3=":443"; ma=86400
content-length: 65486
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 10:57:54 GMT
etag: "dda0289b22368ab84a40f8dab68ddb9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 43gZmub-DYfgQmsOKv2cYzdD-cKidZgbAujbRtFmfKMbmNSM7ejKAQ==

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 67ms
58ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 4451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SG1V0WFRNKXC6R
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 747475e64c32f43b-LHR
expires: Fri, 09 Sep 2022 03:05:06 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 68ms
58ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 4140
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SYWNNYNESPJ6F1
x-amz-id-2: 3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 747475e64c34f43b-LHR
expires: Fri, 09 Sep 2022 03:05:06 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 2F0B 2 KB
2 KB 174ms
54ms Document
text/html 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1100906.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-65.fra53.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://novosti.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 64079
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-id: fot1O74OkjiRQh4BiznVU8bJhBPRkwE5vo7Uf5E_-047r3_ylgCpxg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 1 Show response
servicer.mgid.com/1319008/ 4 KB
2 KB 91ms
82ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1319008/1?tcfV2=1&pv=5&cbuster=1662606306282164826728&uniqId=0bcb6&consentData=&gdprApplies=0&uspString=&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=297&h=1137&cols=1&ref=&cxurl=https%3A%2F%2Fnovosti.dn.ua%2F&lu=https%3A%2F%2Fnovosti.dn.ua%2F&sessionId=63195be2-09a67&pageView=1&pvid=1831b0eeb689bd2b014&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94bc387d707747ae148743eb21db4bfecaafe795c6f0d5a8cf49f99f0a7baaac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 747475e6ac55f43b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
53ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 52ms
51ms Image
image/gif 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=462901934219693&ev=PageView&dl=https%3A%2F%2Fnovosti.dn.ua%2F&rl=&if=false&ts=1662606306318&sw=1600&sh=1200&v=2.9.79&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1662606306315.1510684871&it=1662606306062&coo=false&rqm=GET

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 08 Sep 2022 03:05:06 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9754.DI_2Ptupx3gzNjXZeTHKkMA7xwyTh3ophlUDr6hY50CatbwdgU9_M4XQVsjIcHuz.MOUTDKRxUuC3WrnwlLH50Z5KtMI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9754.6kQMj6thqci-PAT-Z6jYUhnxm4q9kONigRj-AVhqy-R1KoLupJOfZ0wVRGcYZPpkUV7JyypqPYoIXcq1FZh_ow%2C%2C.sJ9iPucw0WSThRLHCysX25OmW_I%2C

75 B
75 B

95ms
94ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9754.6kQMj6thqci-PAT-Z6jYUhnxm4q9kONigRj-AVhqy-R1KoLupJOfZ0wVRGcYZPpkUV7JyypqPYoIXcq1FZh_ow%2C%2C.sJ9iPucw0WSThRLHCysX25OmW_I%2C

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9754.6kQMj6thqci-PAT-Z6jYUhnxm4q9kONigRj-AVhqy-R1KoLupJOfZ0wVRGcYZPpkUV7JyypqPYoIXcq1FZh_ow%2C%2C.sJ9iPucw0WSThRLHCysX25OmW_I%2C
date: Thu, 08 Sep 2022 03:05:06 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sync_cookie_image_check
mc.yandex.ua/ 0
0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 95ms
92ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
etag: "63186565-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 08 Sep 2022 04:05:06 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 179ms
64ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1424386-1&cid=1369973906.1662606306&jid=679044665&_u=YGBAgEABAAAAAE~&z=7613741

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 179ms
65ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1424386-1&cid=1369973906.1662606306&jid=679044665&_u=YGBAgEABAAAAAE~&z=7613741

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMjUzMDgvM2EyOGNmZGUyNzdjODdlM...
s-img.mgid.com/g/12350568/492x277/-/ 16 KB
16 KB 316ms
217ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12350568/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMjUzMDgvM2EyOGNmZGUyNzdjODdlMWI4M2ExMGUxYWJhZmY2NmYucG5n.webp?v=1662606306-r5adyTTw3B7d9yOh1JAG8TMqUaFu8hbZ0lfBRJNHOBA
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9405d90d85be75896f4808e8ac6d770a613e63e50d77bb241856fd30da1e9c1a

Request headers

Referer: https://novosti.dn.ua/
Origin: https://novosti.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 14:59:28 GMT
x-mg-request-uuid: 5a05407f-68f5-47ea-9c7f-d5d134f11789
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 747475e7db37742b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16356
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMzU2MDQ1LzUzY2ZlNGYyZjI4Yzk5YjZkNWMyMjlhNzBiYzE4YTJhLmpwZWc.webp
s-img.mgid.com/g/3608460/492x277/112x0x807x454/ 6 KB
6 KB 142ms
56ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3608460/492x277/112x0x807x454/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMzU2MDQ1LzUzY2ZlNGYyZjI4Yzk5YjZkNWMyMjlhNzBiYzE4YTJhLmpwZWc.webp?v=1662606306-ZgSdjfj-Kpc1OCHPQVanxw8MfWwMwGpmdThGHkiHw6M
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7ec40b071e717bab542d1dacbd9e3a062f15df879f4423dbbde96d52602961

Request headers

Referer: https://novosti.dn.ua/
Origin: https://novosti.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Aug 2022 07:00:13 GMT
x-mg-request-uuid: 6c61461e-c2fc-4276-8b79-32696fe8f4fe
age: 484394
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 747475e7db36742b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6092
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNTYwNDUvOTRjO...
s-img.mgid.com/g/12799695/492x277/-/ 13 KB
13 KB 140ms
54ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12799695/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNTYwNDUvOTRjOTNmMjU2YjRhOTMyZDM1NTgzZmQwYzk4Mjc1NGMuanBlZw.webp?v=1662606306-5dhgNGtFSIpxHfdR7EUGFZ4UUBEvtyWikEcN9jMqPSw
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba409d35f382b9b7939a3b8ce75293f0e7814185b6958dd76d4f3f57af36970f

Request headers

Referer: https://novosti.dn.ua/
Origin: https://novosti.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 08:09:19 GMT
x-mg-request-uuid: 85cde470-7011-4936-832a-f530c2e03d39
age: 1271524
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 747475e7db35742b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13284
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8zNjY5MDQvMGE1O...
s-img.mgid.com/g/13457470/492x277/-/ 7 KB
7 KB 143ms
57ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13457470/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8zNjY5MDQvMGE1ODAyOTBjYjE4MjM4OGExOTMwYjEyYTZkMzc0NzcuanBlZw.webp?v=1662606306-gEsbzSb3oPDMzRL1redpdZafQ8qjP2A3_BNiJZSKjKc
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e94ec9a52338c5f9a1bf319b6e4a7e2add224d824a9edb5de7f670248ccd7d

Request headers

Referer: https://novosti.dn.ua/
Origin: https://novosti.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Jul 2022 08:46:49 GMT
x-mg-request-uuid: a1acd62e-31a7-46e8-b4a6-3440c986d6a2
age: 843435
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 747475e7db38742b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7238
server: cloudflare

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
524 B 227ms
57ms XHR
application/x-javascript 54.228.197.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.197.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-197-239.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://novosti.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Sep 2022 03:05:06 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://novosti.dn.ua
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 177ms
54ms XHR
application/json 2600:9000:2057:ac00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd0564106c40c0d22e2b8fd12f552d0beb6bc1f44d0e9e1a744ff86a811d1ebb

Request headers

Accept: application/json, text/plain, */*
Referer: https://novosti.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:00:55 GMT
content-encoding: gzip
age: 252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 01 Sep 2022 19:55:38 GMT
server: AmazonS3
etag: W/"6956b949229e4f70c6801a6ba073ae1e"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 7JVvY2BjkVZ63YlCse_n1XAdPqJrPXIl
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA6-C1
content-type: application/json
x-amz-cf-id: Suvn7eu3gz6zwYEdKQ6a04P0vGuO_RomhNV10MQCWvlrBhgou6xFZw==

GET
H2 200 i.js Show response
cm.mgid.com/ 3 KB
1 KB 224ms
216ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1662606306463579680573&consentData=&gdprApplies=0&uspString=
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1062171d292ac1459c93d64d20dbed6680be2b4330dfe18084bd8b09855839bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 747475e79cb7f43b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 i-noref.js Show response
cm.mgid.com/ Frame 7D35 0
35 B 220ms
219ms Script
text/plain 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1662606306470628250739&consentData=&gdprApplies=0&uspString=
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 747475e79cbaf43b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 209 KB
67 KB 171ms
54ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=45374
accept-ranges: bytes
content-type: application/javascript
content-length: 68097
expires: Thu, 08 Sep 2022 15:41:20 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 154ms
56ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/o/novosti.dn.ua.1319008.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 2072
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 747475e8af89dc63-LHR
x-amz-request-id: 4VP5JN1X5NK1K6K5
x-amz-id-2: 1BkchKiIN0fic2yydXeyYZk/zposYPQbtGqQMmFY/XZST3zSkEzkzdQTvABBihB4IsjgsAheQDw=

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1100906/ 146 B
321 B 202ms
58ms XHR
application/json 63.34.154.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1100906/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.154.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-154-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer: https://novosti.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/42/ 230 KB
56 KB 64ms
64ms Script
text/javascript 2600:9000:206f:2800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 21:52:42 GMT
content-encoding: br
age: 18745
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
server: AmazonS3
etag: W/"24932b3e61742029985961c24d35dbb7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: CjTD0Y8iz2iv1eacTiG48J5TCDHdsKNjlINnF1XvQ0Rk3kXCezs9JA==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 344 KB
42 KB 176ms
62ms XHR
application/json 2600:9000:206f:2800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 318a7d79cfb6e344178edb59d37bd784b530d4cd6369719dacfdb2c6671b3437

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:00:37 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 270
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 08 Sep 2022 03:00:34 GMT
server: AmazonS3
etag: W/"e3b01197d3c5fa12af2d7fb54c4ebbc9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: T5Qba9s3K_QSLuLY6mTn04Oki12AlLTETjcaCE-1e0MJR9q0JbfIgQ==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 152 KB
36 KB 231ms
118ms XHR
application/json 2600:9000:206f:2800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07972f12994eb405d291a4584d3cec9262e657f789053b67de1b1d71d6f09c62

Request headers

Accept: application/json, text/plain, */*
Referer: https://novosti.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:03:37 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 90
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 08 Sep 2022 03:03:35 GMT
server: AmazonS3
etag: W/"b6c05a3bfd48e979d8c08b0310b92d76"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: CoTFJluOOn15lpKB4x_T3J2K6khFYCo1iUo4Fq32rR0lwQgehZn6Ew==

GET
H2

200

1 Show response
mc.yandex.com/watch/1658765/
Redirect Chain

https://mc.yandex.com/watch/1658765?wmode=7&page-url=https%3A%2F%2Fnovosti.dn.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxq2kcu60%3Afp%3A512%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.com/watch/1658765/1?wmode=7&page-url=https%3A%2F%2Fnovosti.dn.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxq2kcu60%3Afp%3A512%3Afu%3A0%3Aen%3Autf-8%3Al...

420 B
501 B

97ms
96ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1658765/1?wmode=7&page-url=https%3A%2F%2Fnovosti.dn.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxq2kcu60%3Afp%3A512%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A776056235241%3Ahid%3A799762033%3Az%3A0%3Ai%3A20220908030506%3Aet%3A1662606306%3Ac%3A1%3Arn%3A15217766%3Arqn%3A1%3Au%3A1662606306831323325%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1662606304855%3Aco%3A0%3Ads%3A0%2C119%2C116%2C1%2C128%2C0%2C%2C483%2C38%2C%2C%2C%2C850%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1662606307%3At%3A%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%83&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2a17613f539f2e7dc3518e833176c3d1318cc506aa8317034bcf2325be89e651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 08-Sep-2022 03:05:06 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://novosti.dn.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 03:05:06 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
last-modified: Thu, 08-Sep-2022 03:05:06 GMT
location: /watch/1658765/1?wmode=7&page-url=https%3A%2F%2Fnovosti.dn.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxq2kcu60%3Afp%3A512%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A776056235241%3Ahid%3A799762033%3Az%3A0%3Ai%3A20220908030506%3Aet%3A1662606306%3Ac%3A1%3Arn%3A15217766%3Arqn%3A1%3Au%3A1662606306831323325%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1662606304855%3Aco%3A0%3Ads%3A0%2C119%2C116%2C1%2C128%2C0%2C%2C483%2C38%2C%2C%2C%2C850%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1662606307%3At%3A%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%83&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://novosti.dn.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 08-Sep-2022 03:05:06 GMT

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 20FA 3 KB
1 KB 247ms
43ms Document
text/html 2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=754484
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1662606306463579680573&consentData=&gdprApplies=0&uspString=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 062cf718dc491df31c28bff06e9856b9d3c28b03cbbeee003e0688b72155b413

Request headers

Referer: https://novosti.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://novosti.dn.ua
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1205
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=a5234b80-b300-4f14-a859-e5410e167aa7

43 B
396 B

160ms
160ms

Image
image/gif

2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=a5234b80-b300-4f14-a859-e5410e167aa7
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H3
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 747475eacb9f8867-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=a5234b80-b300-4f14-a859-e5410e167aa7
date: Thu, 08 Sep 2022 03:05:06 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 215ms
53ms Image
text/plain 198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
content-length: 0

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=m8763KNAZo5k
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m8763KNAZo5k
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=ac12eddc-6875-4161-af95-588362815579

49 B
405 B

357ms
116ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=ac12eddc-6875-4161-af95-588362815579

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-GB
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-dd6bdcf45-rkmtd
expires: -1

Redirect headers

Location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=ac12eddc-6875-4161-af95-588362815579
Date: Thu, 08 Sep 2022 03:05:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ 95 B
153 B 98ms
64ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=m8763KNAZo5k&zpartnerid=1532&zdid=1532
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://novosti.dn.ua
access-control-allow-credentials: true
cf-ray: 747475e94f7d776e-LHR
access-control-allow-headers: *
content-length: 95

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTg3NjNLTkFabzVr&muidn=m8763KNAZo5k
https://cm.mgid.com/google?muidn=m8763KNAZo5k&google_ula={guid},5&google_gid=CAESEPOdE7rMM7l-vl1-dodKYPI&google_cver=1

0
157 B

131ms
131ms

Image
text/plain

2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=m8763KNAZo5k&google_ula={guid},5&google_gid=CAESEPOdE7rMM7l-vl1-dodKYPI&google_cver=1
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H3
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 747475ea4b308867-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=m8763KNAZo5k&google_ula={guid},5&google_gid=CAESEPOdE7rMM7l-vl1-dodKYPI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ 43 B
220 B 266ms
59ms Image
image/gif 3.121.59.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=mgid
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.59.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-59-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
282 B 178ms
49ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Sep 2022 03:05:06 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 451 712056.gif
id.rlcdn.com/ 0
98 B 213ms
62ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/712056.gif?
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 451 712107.gif
idsync.rlcdn.com/ 0
98 B 202ms
62ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/712107.gif?partner_uid=m8763KNAZo5k&
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 228ms
55ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=mgid
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=bcce48f1-d93a-4874-8a84-25ebc4f9dde6

43 B
427 B

166ms
166ms

Image
image/gif

2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=bcce48f1-d93a-4874-8a84-25ebc4f9dde6
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H3
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 747475f018608867-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=bcce48f1-d93a-4874-8a84-25ebc4f9dde6
date: Thu, 08 Sep 2022 03:05:07 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1 400
Bad Request e4e1f5fe20753b6b614cda48b7e3c9f7.gif
cs.admanmedia.com/ 20 B
20 B 349ms
112ms Image
text/plain 88.214.206.247
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.214.206.247 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS: buycheapfags.com
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m8763KNAZo5k
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=7983080018656811500&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

63ms
63ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:07 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ps.eyeota.net/match?bid=dn2m51u&uid=m8763KNAZo5k&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=m8763KNAZo5k&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjdvcFd1bjlCd2tQVXpaWUtNVlpLcndCNWp5bm9QUV9PZzh3VGtBZDVOb0E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=dn2m51u&google_gid=CAESENPzeMEyCCniawvqF--WC5s&google_cver=1
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn2m51u&
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4077255625088769865&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn2m51u&
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Ddn2m51u%26
https://ps.eyeota.net/match?bid=7vi0rg0&uid=dc5b6319-5be1-4c00-8677-a200f76d2677&dc_rc=3&dc_mr=5&dc_orig=dn2m51u&
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Ddn2m51u%26
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Ddn2m51u%26&_test=Yxlb4w...
https://ps.eyeota.net/match?uid=Yxlb4wAMRg2YhgBC&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=dn2m51u&&_test=Yxlb4wAMRg2YhgBC
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

55ms
55ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Thu, 08 Sep 2022 03:05:08 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=l4oKrHFZfnrEqRUBtqlH&pi=mgid&tc=1

43 B
397 B

141ms
140ms

Image
image/gif

2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=l4oKrHFZfnrEqRUBtqlH&pi=mgid&tc=1
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H3
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 747475ebbc6f8867-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=l4oKrHFZfnrEqRUBtqlH&pi=mgid&tc=1
pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT, Thu, 08 Sep 2022 03:05:07 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200

0.gif
id5-sync.com/i/495/
Redirect Chain

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A

43 B
1 KB

61ms
60ms

Image
image/gif

141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

HTTP/1.1

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Thu, 08 Sep 2022 03:05:07 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept
content-length: 161
x-content-type-options: nosniff

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 74ms
55ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
100 B 172ms
71ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=m8763KNAZo5k
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 747475eb6b4edd17-LHR
content-length: 0
content-type: image/gif

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 186ms
59ms XHR
text/plain 18.193.0.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22novosti.dn.ua%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1662606306824%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-bbmuo1krj2x6ujdtighb%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.0.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-0-23.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://novosti.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Sep 2022 03:05:07 GMT
content-length: 2
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 164ms
55ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnovosti.dn.ua%2F&domain=novosti.dn.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://novosti.dn.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://novosti.dn.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 08 Sep 2022 03:05:06 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 576799
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnovosti.dn.ua%2F&domain=novosti.dn.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=SuDJNnxPTEpINzM1SUEzRlMrVURXdmZaK2cyM0FwcHgxUU14K2xOMDFVZTBsNHBqN2ZlOUVaS2hWaDBzRXJvczVBc3BDME54a2VyQlE1dkZ5eVB4S0VUTWxza01jY212MzROcFJzTzV1b0FqQ05mU3d0ODJsN3JxcVQ0eW...

345 B
636 B

153ms
50ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=SuDJNnxPTEpINzM1SUEzRlMrVURXdmZaK2cyM0FwcHgxUU14K2xOMDFVZTBsNHBqN2ZlOUVaS2hWaDBzRXJvczVBc3BDME54a2VyQlE1dkZ5eVB4S0VUTWxza01jY212MzROcFJzTzV1b0FqQ05mU3d0ODJsN3JxcVQ0eWNqdlZZQ0RzaTV4TURyQTQ0K1FZVTlkTUljeWt2ZXczNkJEYWZYSTdoYTdPbVlxYWMzTFMzVjUxQVlRcjh3Y3dyVUNjbXJnTXNVZ1hEZ2VwRzZzTlNYQTNSZDJJWmo4UE5JM2RScU1EMDlrU3hITlJlM2NrPXw&cppv=2

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5ced0e7e87be3d8ba2646d6bb22f39009cb85ef53f3c2889c10b6561721f7350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1200639
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=SuDJNnxPTEpINzM1SUEzRlMrVURXdmZaK2cyM0FwcHgxUU14K2xOMDFVZTBsNHBqN2ZlOUVaS2hWaDBzRXJvczVBc3BDME54a2VyQlE1dkZ5eVB4S0VUTWxza01jY212MzROcFJzTzV1b0FqQ05mU3d0ODJsN3JxcVQ0eWNqdlZZQ0RzaTV4TURyQTQ0K1FZVTlkTUljeWt2ZXczNkJEYWZYSTdoYTdPbVlxYWMzTFMzVjUxQVlRcjh3Y3dyVUNjbXJnTXNVZ1hEZ2VwRzZzTlNYQTNSZDJJWmo4UE5JM2RScU1EMDlrU3hITlJlM2NrPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://novosti.dn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 449638
content-length: 0
expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 38E9 0
18 B 101ms
49ms Document
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: novosti.dn.ua
URL: https://novosti.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://novosti.dn.ua
Referer: https://novosti.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://novosti.dn.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 03:05:07 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 790E
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0399206f-252a-44c4-8db6-989bdc6b816e

0
404 B

246ms
190ms

Document
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0399206f-252a-44c4-8db6-989bdc6b816e
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 08 Sep 2022 03:05:06 GMT
Etag: 14608d126666643e
Server: Adtelligent

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 747475eb4f4f7333-LHR
content-length: 0
date: Thu, 08 Sep 2022 03:05:07 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0399206f-252a-44c4-8db6-989bdc6b816e
server: cloudflare

GET
H2 204 d
ic.tynt.com/r/ Frame 71FF 0
0 395ms
128ms Document
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Thu, 08 Sep 2022 03:05:07 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 7CC1
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

2 KB
1 KB

53ms
53ms

Document
text/html

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 803609c6a99f60d98637a71a7435e5d3c2432b0152e43b400d30208c8954a78c

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 08 Sep 2022 03:05:07 GMT
expires: Thu, 08 Sep 2022 03:05:07 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-742

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Thu, 08 Sep 2022 03:05:07 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-742

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 0B93 1 KB
1004 B 255ms
46ms Document
text/html 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 699
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 204 /
onetag-sys.com/usync/ Frame 8195 0
0 58ms
58ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame FC1F 1 KB
1 KB 47ms
43ms Document
text/html 2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer: https://s.adtelligent.com/sync.html?aid=754484
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 783
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C0AA 15 KB
6 KB 59ms
56ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=38516
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 08 Sep 2022 03:05:07 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 08 Sep 2022 13:47:03 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 20FA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5685619251434139993

0
387 B

364ms
197ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5685619251434139993
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: 14608d126666643e
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:07 GMT
X-Proxy-Origin: 82.199.130.36; 82.199.130.36; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 50fc528a-a528-4709-b14e-93eeb004887e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5685619251434139993
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 20FA
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7b033112-f4c6-4955-9e39-405172f736be

0
404 B

209ms
189ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7b033112-f4c6-4955-9e39-405172f736be
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: 14608d126666643e
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7b033112-f4c6-4955-9e39-405172f736be
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: p8nh4k8q834pdiqajdfddqfglo3p5u20

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 20FA
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=a5234b80-b300-4f14-a859-e5410e167aa7

0
404 B

397ms
189ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=a5234b80-b300-4f14-a859-e5410e167aa7
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: 14608d126666643e
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=a5234b80-b300-4f14-a859-e5410e167aa7
date: Thu, 08 Sep 2022 03:05:07 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 20FA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5685619251434139993

0
387 B

367ms
189ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5685619251434139993
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: 14608d126666643e
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:07 GMT
X-Proxy-Origin: 82.199.130.36; 82.199.130.36; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: faa03652-b6ac-4efa-b199-3429ba65bf7e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5685619251434139993
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 20FA
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3e7316c6-3555-4be7-849c-1d40af99423d

0
404 B

251ms
189ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3e7316c6-3555-4be7-849c-1d40af99423d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: 14608d126666643e
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3e7316c6-3555-4be7-849c-1d40af99423d
date: Thu, 08 Sep 2022 03:05:07 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 20FA 0
282 B 51ms
49ms Image
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Sep 2022 03:05:07 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 200 sync
vid.vidoomy.com/ Frame 20FA 0
0 179ms
53ms Image
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

m
cm.mgid.com/ Frame 20FA
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=14608d126666643e

43 B
412 B

131ms
130ms

Image
image/gif

2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=14608d126666643e
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H3
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 747475ec9d4c8867-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=14608d126666643e
Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: 14608d126666643e
Content-Length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8D77 15 KB
6 KB 57ms
57ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=38516
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 08 Sep 2022 03:05:07 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 08 Sep 2022 13:47:03 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1A40
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
https://eus.rubiconproject.com/usync.html?p=17184-d

281 B
573 B

174ms
59ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 03:05:07 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Sep 2022 03:05:07 GMT
location: https://eus.rubiconproject.com/usync.html?p=17184-d
server: AkamaiGHost

GET
H2 204 /
onetag-sys.com/usync/ Frame B7C3 0
0 58ms
57ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame FC1F 43 B
320 B 244ms
79ms Image
image/gif 62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: 14608d126666643e
Content-Length: 43
Content-Type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C0AA 0
42 B 194ms
57ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88102467&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
content-length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 179ms
58ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 08 Sep 2022 03:05:07 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 593828
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame 7CC1 5 KB
2 KB 535ms
133ms Script
text/plain 54.175.220.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-220-103.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ffcdfc06b1ad3f5048d570a300f1c13e0627f8afb7e4000db2a5cebcd635bbdd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:07 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1681

GET
H2

200

um
u-ams02.e-planning.net/ Frame 7CC1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1cf985daa3b09e98%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1cf985daa3b09e98&uid=5685619251434139993

42 B
104 B

161ms
50ms

Image
image/gif

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1cf985daa3b09e98&uid=5685619251434139993
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:07 GMT
X-Proxy-Origin: 82.199.130.36; 82.199.130.36; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d4cbc12b-f694-40d7-80fb-65055eb1bad3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1cf985daa3b09e98&uid=5685619251434139993
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

um
u-ams02.e-planning.net/ Frame 7CC1
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D1cf985daa3b09e98%26uid%3D%24UID&partner=eplanning
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=1cf985daa3b09e98&uid=ua-b904149b-8032-3453-8158-39e9aa7db345

0
0

51ms
50ms

Image
text/html

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=1cf985daa3b09e98&uid=ua-b904149b-8032-3453-8158-39e9aa7db345
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=1cf985daa3b09e98&uid=ua-b904149b-8032-3453-8158-39e9aa7db345
pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 200 dtscout20220831.js Show response
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 7CC1 478 B
515 B 169ms
51ms Script
application/x-javascript 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.253 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:06 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 19:37:37 GMT
server: openresty
etag: W/"630fb881-1de"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 07 Sep 2027 03:05:06 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D220
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu

281 B
573 B

161ms
54ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 03:05:07 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Sep 2022 03:05:07 GMT
location: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server: AkamaiGHost

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame D38D
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1

2 KB
2 KB

220ms
111ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4afe72356320d0b23e3586ee60c9ed4ce4fe46232f30e362e1be4fa1e5a8f954

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 747475ee0ccadc25-LHR
content-encoding: br
content-type: text/html
date: Thu, 08 Sep 2022 03:05:07 GMT
dropped-udsids: 45|39|230|241|24|156|18|3
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUzRsdeD7%2BoNouGdxtbluLa7krmisFDcz7wMsAqpjeulNTojii3li0VXVzljHV9EG2Chs80DhVa8pXJUeRfxpIQIF%2FayoSDiBcw562G2zqAez5emsjGtLovdr%2FnQxXj%2Fqq3C"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 747475eccb897525-LHR
content-type: text/html; charset=iso-8859-1
date: Thu, 08 Sep 2022 03:05:07 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9U0Bu85f%2BBRvCvVSP%2BRQSyotychgKTxSWJrZrd4kDy%2BA%2B3shssfmNsJCnpSrDxrbZdL3COM61tyt9UYuAtZDxpTKYp1ioorzcenxD%2FTNvkDtRDJUfKVw8Zyem5xInzgndC6rzdC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 2087 1 KB
1003 B 206ms
58ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 136949
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Thu, 08 Sep 2022 03:05:07 GMT
etag: W/"61ddbb71-5f5"
expires: Tue, 18 May 2027 11:39:16 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 7990fd79c563d679dd45ed42ee750956
x-cf-tsc: 1653097306
x-cf1: 29080:fA.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2: H
x-cf3: H
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 94E4 0
0 58ms
57ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 708D 6 KB
2 KB 63ms
63ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 736626425ea92c187a771d922c2dfc35826f814d78d0d5c75e128d1c58645e3f

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 747475ec2a0e776e-LHR
content-encoding: br
content-type: text/html
date: Thu, 08 Sep 2022 03:05:07 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 cookie Show response
cm.adform.net/ Frame 19E0 43 B
106 B 232ms
74ms Document
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Thu, 08 Sep 2022 03:05:07 GMT
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 0B93
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=fc80234454844c2a

0
384 B

79ms
78ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=fc80234454844c2a
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: 14608d126666643e
Content-Length: 0

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=fc80234454844c2a
Date: Thu, 08 Sep 2022 03:05:06 GMT
Server: Adtelligent
Etag: fc80234454844c2a
Content-Length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=48119619-26fa-4dbd-b730-40a16f6d8399&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe...

95 B
152 B

57ms
56ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=48119619-26fa-4dbd-b730-40a16f6d8399&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475ee7c8e776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=48119619-26fa-4dbd-b730-40a16f6d8399&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 708D 0
331 B 260ms
74ms Image
text/plain 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 708D 0
161 B 166ms
54ms Image
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662606307.411556,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-lhr7382-LHR

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 708D 0
411 B 930ms
130ms Image
text/html 2600:1f18:6593:f608:d96:5850:6736:187e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f608:d96:5850:6736:187e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:08 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 708D 0
163 B 60ms
57ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da9292f66-bed9-4b68-53cd-c5188a427a95%26reqId%3D632be0a4-0f3f-4cfe-74e5-3995fb84704e%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=136...
https://mwzeom.zeotap.com/mw?cid=c3336960-e389-47e0-baca-b7b87eb46c5f&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
152 B

55ms
54ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c3336960-e389-47e0-baca-b7b87eb46c5f&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475eeaca2776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=c3336960-e389-47e0-baca-b7b87eb46c5f&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 204 /
loadeu.exelator.com/load/ Frame 708D 0
324 B 199ms
55ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=a9292f66-bed9-4b68-53cd-c5188a427a95&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-...
https://mwzeom.zeotap.com/mw?cid=BE1-2022090815-27179-0.219711001662642398-7a6e0212d06d74c6de66762b62872aff&zdid=533&env=mWeb

95 B
152 B

55ms
55ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2022090815-27179-0.219711001662642398-7a6e0212d06d74c6de66762b62872aff&zdid=533&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475ee7c7e776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2022090815-27179-0.219711001662642398-7a6e0212d06d74c6de66762b62872aff&zdid=533&env=mWeb
Date: Thu, 08 Sep 2022 13:06:38 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7140839714694953107&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-...

95 B
152 B

57ms
56ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7140839714694953107&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475eddbc2776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7140839714694953107&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Date: Thu, 08 Sep 2022 03:05:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 708D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a9292f66-bed9-4b68-53cd-c5188a427a95
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a9292f66-bed9-4b68-53cd-c5188a427a95

95 B
113 B

117ms
63ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a9292f66-bed9-4b68-53cd-c5188a427a95

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a9292f66-bed9-4b68-53cd-c5188a427a95
date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a9292f66-bed9-4b68-53cd-c5188a427a95&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a9292f66-bed9-4b68-53cd-c5188a427a95&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=wOCCytjKxIEyBhFBxrdZsu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4c...

95 B
152 B

54ms
54ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=wOCCytjKxIEyBhFBxrdZsu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475eeecf1776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:06 GMT
via: 1.1 google
last-modified: Thu, 08 Sep 2022 03:05:07 GMT
server: Weborama Collect Frontend
location: https://mwzeom.zeotap.com/mw?webouuid=wOCCytjKxIEyBhFBxrdZsu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 202 2.gif
dmp.theadex.com/d/949/i/ Frame 708D 0
220 B 219ms
66ms Image
text/plain 185.15.245.82
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a9292f66-bed9-4b68-53cd-c5188a427a95&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a9292f66-bed9-4b68-53cd-c5188a427a95?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a9292f66-bed9-4b68-53cd-c5188a427a95?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e...

95 B
153 B

60ms
60ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475ef4dbb776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
expires: 0
cache-control: no-cache
x-server: 10.45.17.6
content-length: 0
x-consent: absent

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-0kvPe69E2orAFoTRa6ICCA6MEtKBkXkB2w--~A&zpartnerid=570&env=mWeb

95 B
152 B

56ms
56ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-0kvPe69E2orAFoTRa6ICCA6MEtKBkXkB2w--~A&zpartnerid=570&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475ef6e09776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-0kvPe69E2orAFoTRa6ICCA6MEtKBkXkB2w--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 708D 0
338 B 172ms
54ms Image
text/plain 108.128.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.241.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1662606307
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 708D 95 B
361 B 185ms
61ms Image
image/png 157.90.211.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.211.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yxlb4wAFjUCB3ABN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-399...

95 B
152 B

55ms
55ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yxlb4wAFjUCB3ABN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&_test=Yxlb4wAFjUCB3ABN
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475f0ef27776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1662606308.936976,VS0,VE0
x-served-by: cache-hhn4082-HHN
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yxlb4wAFjUCB3ABN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&_test=Yxlb4wAFjUCB3ABN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 708D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84...

0
337 B

56ms
56ms

Image
text/plain

108.128.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 108.128.241.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1662606308
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
date: Thu, 08 Sep 2022 03:05:07 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 708D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53c...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53c...

43 B
568 B

58ms
57ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&dcc=t

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:07 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 0EFN6H4YG1BYR0FZ3ZHN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:07 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: D71J29TK29GHMJ100PAK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 708D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188...
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188...

43 B
605 B

141ms
141ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&dcc=t

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DZ3BKVSH81DX6J1S1E12
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5QEEX60P63X8EAWJ925T
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=a9292f66-bed9-4b68-53cd-c5188a427a95&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 708D 0
145 B 411ms
288ms Image
text/plain 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=a9292f66-bed9-4b68-53cd-c5188a427a95&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:08 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 708D
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da92...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361

95 B
152 B

55ms
55ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 747475f09ee2776e-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
date: Thu, 08 Sep 2022 03:05:07 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 708D 557 B
450 B 59ms
58ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81f80380180e41c056f038f76854f0899547a79b9d1bbc4eb9d0fd695eab2e3e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 747475ecaa6a776e-LHR
date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H2 204 cmp
spl.zeotap.com/ Frame 708D 0
0 63ms
63ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
cf-cache-status: DYNAMIC
cf-ray: 747475ed0ac3776e-LHR
date: Thu, 08 Sep 2022 03:05:07 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A40 31 KB
10 KB 54ms
53ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23177
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Thu, 08 Sep 2022 09:31:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D220 31 KB
10 KB 54ms
54ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23177
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Thu, 08 Sep 2022 09:31:24 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame D38D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yxlb4y1P991AMbJQZZBzTAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUiDpFarIobVQNbburL4WY&google_cver=1&gdpr=1

43 B
880 B

127ms
79ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUiDpFarIobVQNbburL4WY&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 747475f0a8d78897-LHR
pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEDWQz7ys2O4K6wmE3pVOEEEYyGgl%2FRuQsdYorPp47xcdlT5ToBtXw1b1ryIiyJ6eMJTkD68BdjMPqBHOePqubnJMPjBpqd%2B%2FOrNBLMf23YaUAbjfAO5eTUfEncTneyO4yGjMne8mtDLVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUiDpFarIobVQNbburL4WY&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D38D 70 B
264 B 54ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D38D 170 B
188 B 64ms
64ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yxlb4y1P991AMbJQZZBzTAAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D38D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yxlb4y1P991AMbJQZZBzTAAABHEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yxlb4y1P991AMbJQZZBzTAAABHEAAAIB&dcc=t

43 B
605 B

141ms
140ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yxlb4y1P991AMbJQZZBzTAAABHEAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N4ZR48BEWDG6KS5X8DNZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XQ2SND10HR2HH222BX8G
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yxlb4y1P991AMbJQZZBzTAAABHEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D38D
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0399206f-252a-44c4-8db6-989bdc6b816e&us_privacy=null&gdpr_consent=null&gdpr=1

43 B
331 B

79ms
78ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0399206f-252a-44c4-8db6-989bdc6b816e&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mec2wMxDRsE03CoNAgyDp04zmaeoQSrYgHaxhWQEaetdlTNYAELJtOMDoGigmbAdbbqtcyw6qJRH9MzZfMu9lIv7XQsIA649CPe52KqIupkJAgB%2Bp0%2FPMbhydDzj8g17Iw9RELVcVL3FmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 747475ef8ac872fc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0399206f-252a-44c4-8db6-989bdc6b816e&us_privacy=null&gdpr_consent=null&gdpr=1
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 747475ef1f9ddce3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame D38D 35 B
263 B 371ms
123ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: Track001-iad
pragma: no-cache
date: Thu, 08 Sep 2022 03:05:04 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-type: image/gif
content-length: 35
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame D38D
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678244707&external_user_id=383fdc43-3c1c-4aa2-b1c6-0f7446662ccd

43 B
850 B

107ms
80ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678244707&external_user_id=383fdc43-3c1c-4aa2-b1c6-0f7446662ccd
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 747475f0a8d88897-LHR
pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PUX7BkKquAuG%2BGLTtB1NZcxrsd%2FcJJ8eeZkKweMncS5nPiq0B3PFBfPwN0HY5eyd874KrZ2G%2Fz%2FgJJhY0%2B16TjZ%2FgNJxGaTZYZzGcu4%2BAQcMW0zpz6gY2Lf0weAeFujGvH1vviAxDlZsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Thu, 08 Sep 2022 03:05:07 GMT
via: 1.1 google
access-control-allow-origin: *.casalemedia.com
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678244707&external_user_id=383fdc43-3c1c-4aa2-b1c6-0f7446662ccd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame D38D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=dc5b6319-5be1-4c00-8677-a200f76d2677&gdpr=1&gdpr_consent=

43 B
421 B

90ms
90ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=dc5b6319-5be1-4c00-8677-a200f76d2677&gdpr=1&gdpr_consent=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 747475efeafb72fc-LHR
pragma: no-cache
date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3KnY0JmTa7WPbsKTGDpTZHo85DqhlhOXEQuVDsf5%2BzVBEgp8w%2BvAw6TO4PDpp5mKY%2F80dkk7iRLgMJMxiHkYM%2F%2Bdsh3EOSGN6QNqDL9WKfXnjOIU6u7QuleZTc4RREgaMhZiU3P8X4mIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Thu, 08 Sep 2022 03:05:07 GMT
Server: MT3 4505 5b23575 master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=dc5b6319-5be1-4c00-8677-a200f76d2677&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 08 Sep 2022 03:05:06 GMT

GET
H2 200 um
u-ams02.e-planning.net/ Frame D38D 42 B
103 B 53ms
50ms Image
image/gif 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=1cf985daa3b09e98&uid=Yxlb4y1P991AMbJQZZBzTAAA%261137
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1cf985daa3b09e98%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
server: openresty
content-type: image/gif

GET
H2 200 lotame20220804.html Show response
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 28A2 627 B
543 B 50ms
49ms Document
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.253 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=157680000
content-encoding: gzip
content-type: text/html
date: Thu, 08 Sep 2022 03:05:06 GMT
etag: W/"62ec189b-273"
expires: Tue, 07 Sep 2027 03:05:06 GMT
last-modified: Thu, 04 Aug 2022 19:06:03 GMT
server: openresty

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 2B0C 636 B
577 B 50ms
49ms Document
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.253 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=157680000
content-encoding: gzip
content-type: text/html
date: Thu, 08 Sep 2022 03:05:06 GMT
etag: W/"601b131c-27c"
expires: Tue, 07 Sep 2027 03:05:06 GMT
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
server: openresty

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame D0CC 49 KB
17 KB 100ms
100ms Document
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D1cf985daa3b09e98%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html
date: Thu, 08 Sep 2022 03:05:07 GMT
etag: W/"61c991db-c5bc"
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: AdRmOI064deh
x-77-nzt-ray: UEn6HMQlLHg
x-77-pop: frankfurtDE
x-accel-expires: @1663643107
x-cache: MISS

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 318F 37 B
140 B 169ms
57ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 08 Sep 2022 03:05:07 GMT

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 14DF 0
384 B 190ms
189ms Document
text/plain 62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ALy51wJbmzy90OC9
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 08 Sep 2022 03:05:07 GMT
Etag: 14608d126666643e
Server: Adtelligent

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 28A2 49 KB
15 KB 181ms
62ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 21:24:33 GMT
content-encoding: gzip
etag: W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified: Wed, 03 Aug 2022 18:30:08 GMT
server: AmazonS3
age: 82258
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: LozWRVrQTgUTeU0QyYPmgXP105MyXRbZXkAUUDAOxDiR2_ENiVdcSQ==

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ Frame 2B0C 0
535 B 206ms
67ms Script
text/plain 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1662606307802

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 , France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 03:05:07 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H3 200 c
c.mgid.com/ 43 B
214 B 146ms
145ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=298|269|12|_u00S3LDbZV81j53fznXitzJCvQjQ9owa_DD1pfTvfzrxeNPuUSJoVmKSChrCYAkxSzp5I5K4iJ67Kysz_P-zw**&fw=1&extjs=66044&v=298|251|12|_u00S3LDbZV81j53fznXivMQRUA7IWNftHRKSnukWTUqSdLC0v83BCFoVo3x5lUhQf4muCBvjlNBdvH0C1UtyQ**&cid=1319008&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=0a6d6531-2f23-11ed-9a34-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=1831b0eeb689bd2b014&muid=m8763KNAZo5k&cbuster=1662606307836386013430&consentData=&gdprApplies=1&uspString=1---
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:07 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 7dffc9e5-011a-43be-b0e2-bd77ea674090
content-type: image/gif
cf-ray: 747475f018638867-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

GET
H3 200 c
c.mgid.com/ 43 B
215 B 133ms
132ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=298|251|12|_u00S3LDbZV81j53fznXil7ZBTtHk2TXL5CIOp-tbfDbvnkRCF9t-_ygv01ao9jjYQsa0CftlriFQxrggjO9Fw**&extjs=66044&cid=1319008&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=0a6d6531-2f23-11ed-9a34-e43d1a2a53a0&tt=Direct&iv=11&pageImp=0&pvid=1831b0eeb689bd2b014&muid=m8763KNAZo5k&cbuster=1662606307937569675515&consentData=&gdprApplies=1&uspString=1---
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:05:08 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6678d742-17f0-4582-8742-754bc37c6b69
content-type: image/gif
cf-ray: 747475f0b8d88867-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1A40 284 B
536 B 239ms
55ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D220 284 B
536 B 221ms
55ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 28A2 155 B
642 B 162ms
53ms XHR
application/json 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer: https://s.e-planning.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Sep 2022 04:21:07 GMT
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
age: 81842
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 155
last-modified: Wed, 03 Aug 2022 18:30:08 GMT
server: AmazonS3
etag: "1a1722e9cedbdc8af0dcd3345e46c73a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: QMq_qdhnVw05kO-iKQfHaRSHljc2ABf8DGSAYrkBqDJk3yUos2DS9A==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 28A2 20 B
307 B 62ms
62ms XHR
application/json 52.213.127.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer: https://s.e-planning.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 03:05:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://s.e-planning.net
expires: 0
cache-control: no-cache
x-server: 10.45.9.50
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 20
x-consent: absent

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 1A40 0
239 B 56ms
56ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D220 0
239 B 261ms
57ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame 7CC1 368 B
881 B 137ms
136ms XHR
text/plain 54.175.220.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?arlocation=82.199.130.36&p=M1353665098&artime=2022-09-08T03:05:08.360Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-220-103.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 5f27494418d160d0ab3d20bd8eeb256861628a93ad101cd5cd73819a2183de3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:08 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://ads.us.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 264

GET
H/1.1

200

p
a.audrte.com/ Frame 7CC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2aiLsEHMd07ScSq-mwaLwWwOA&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2aiLsEHMd07ScSq-mwaLwWwOA&gdpr=0&gdpr_consent=&google_gid=CAESEHnExyCcIkKFr5E_cyPe3P4&google_cver=1
https://a.audrte.com/p

68 B
617 B

277ms
133ms

Image
image/png

54.175.220.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Server: 54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-220-103.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:08 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 08 Sep 2022 03:05:08 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame 7CC1 1 KB
1 KB 62ms
61ms Image
application/javascript 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=2aiLsEHMd07ScSq-mwaLwWwOA&gdpr=0&gdpr_consent=
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:08 GMT
Content-Type: application/javascript
Content-Length: 1098
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200

p
a.audrte.com/ Frame 7CC1
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=4579680753371289089
https://a.audrte.com/p

68 B
617 B

189ms
132ms

Image
image/png

54.175.220.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: novosti.dn.ua
URL: https://novosti.dn.ua/
Protocol: HTTP/1.1
Server: 54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-220-103.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 03:05:08 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 08 Sep 2022 03:05:08 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 90ms
90ms Fetch
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1591450141154506&input_token&origin=1&redirect_uri=https%3A%2F%2Fnovosti.dn.ua%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=d069fd77eec5d621d8c72efd32f787f2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 9y4pbDx5tjFdmcRvuG8cyFgpNg4aKl76m3t5EH31hfK9JeSyizPJQ8gyXAmQyQj/fWTb8wekqDfdVvyT4jiWtw==
fb-s: unknown
date: Thu, 08 Sep 2022 03:05:08 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://novosti.dn.ua
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 86ms
86ms Fetch
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1591450141154506&input_token&origin=1&redirect_uri=https%3A%2F%2Fnovosti.dn.ua%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=d069fd77eec5d621d8c72efd32f787f2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: HDiQgeMjObGm/upJCtrGIE/A9x/Rmw63GCjd0jq1dyZCofEPli7wmU9PeY6j3qlUz+dn68O8oK9h9Ir8aevhcg==
fb-s: unknown
date: Thu, 08 Sep 2022 03:05:08 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://novosti.dn.ua
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 69ms
69ms Fetch
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1591450141154506&input_token&origin=1&redirect_uri=https%3A%2F%2Fnovosti.dn.ua%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=d069fd77eec5d621d8c72efd32f787f2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://novosti.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 3M5z0Oon+CzpHTzCvPZ8ROn+AzD5vM9pXiF4ngwrQeNpoX4Ipj5YywDIgs8dqn4w8xAc4ov+JGn30VPCpurnnw==
fb-s: unknown
date: Thu, 08 Sep 2022 03:05:08 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://novosti.dn.ua
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 um Show response
u-ams02.e-planning.net/ Frame D0CC 42 B
103 B 50ms
50ms Document
image/gif 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=1cf985daa3b09e98&uid=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D1cf985daa3b09e98%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-type: image/gif
date: Thu, 08 Sep 2022 03:05:09 GMT
server: openresty

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: habrastorage.org
URL: https://habrastorage.org/webt/en/mi/4k/enmi4kmhtm3rblob9bc34-yacii.png

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/urchin.js

Domain: mc.yandex.ua
URL: https://mc.yandex.ua/sync_cookie_image_check

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

107 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
novosti.dn.ua/	1969-12-31 23:59:59	Name: _frontendCSRF Value: ca53123d4a07e54247f96bd7acefdbc2e6cabc02deca8e5a9d93c0644e9d5a65a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_frontendCSRF%22%3Bi%3A1%3Bs%3A32%3A%22aY4ZoGAn4nG8034anBtpI2IH2AFL4bfS%22%3B%7D
.mgid.com/	1970-01-20 05:50:08	Name: __cf_bm Value: EORd_5sF6nTou1g5E08t_edjFrOhoC8vr78S5PP.OaI-1662606305-0-ATRK7/ZLrG4S8sUEl2r1n4itKYNK/bDYfHgrNe94bnP+ZGFZNyEPv9DYjOffo0c/RRIaOG3tNpYBnNl1+u2crv4=
.zeotap.com/	1970-01-20 14:35:42	Name: zc Value: a9292f66-bed9-4b68-53cd-c5188a427a95
novosti.dn.ua/	1969-12-31 23:59:59	Name: Value: store.test
.id5-sync.com/	1970-01-20 05:50:06	Name: cf Value:
.id5-sync.com/	1970-01-20 05:50:06	Name: cip Value:
.id5-sync.com/	1970-01-20 05:50:06	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:50:06	Name: car Value:
.id5-sync.com/	1970-01-20 05:50:06	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:50:06	Name: callback Value:
.novosti.dn.ua/	1970-01-20 15:26:06	Name: _ga Value: GA1.3.1369973906.1662606306
.novosti.dn.ua/	1970-01-20 05:51:32	Name: _gid Value: GA1.3.1908707086.1662606306
.novosti.dn.ua/	1970-01-20 05:50:06	Name: _dc_gtm_UA-1424386-1 Value: 1
.adnxs.com/	1970-01-20 07:59:42	Name: uuid2 Value: 5685619251434139993
.agkn.com/	1970-01-20 14:35:42	Name: ab Value: 0001%3AorNs%2F3oAHiMryX%2BrYsfEFl1Gty3%2BSGV6
.mathtag.com/	1970-01-20 15:16:01	Name: uuid Value: dc5b6319-5be1-4c00-8677-a200f76d2677
.novosti.dn.ua/	1970-01-20 07:59:42	Name: _fbp Value: fb.2.1662606306315.1510684871
.novosti.dn.ua/	1970-01-20 14:35:42	Name: _ym_uid Value: 1662606306831323325
.novosti.dn.ua/	1970-01-20 14:35:42	Name: _ym_d Value: 1662606306
novosti.dn.ua/	1970-01-20 15:14:35	Name: qcSxc Value: 1662606306364
.doubleclick.net/	1970-01-20 15:11:42	Name: IDE Value: AHWqTUnqRoXlomrN21ZkWi9m8ZJPgOhwV14-jk7ciGnsvFPkU-HOooF4oMBHhCQuaHE
.mgid.com/	1970-01-20 15:26:06	Name: muidn Value: m8763KNAZo5k
novosti.dn.ua/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1319008%22%3A%7B%22page%22%3A1%2C%22time%22%3A1662606306414%7D%7D
.mc.yandex.com/	1970-01-20 05:50:06	Name: sync_cookie_csrf Value: 2965342394fake
.novosti.dn.ua/	1970-01-20 05:51:18	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 05:50:06	Name: sync_cookie_csrf Value: 2392639711fake
.demdex.net/	1970-01-20 10:09:18	Name: demdex Value: 77591084983254548593378124467212135502
.novosti.dn.ua/	1970-01-20 14:35:42	Name: _hjSessionUser_1100906 Value: eyJpZCI6Ijg4ZTFmODJmLTM4NDctNWNjZi04MDNjLWVkNDE0ZThmYTExOCIsImNyZWF0ZWQiOjE2NjI2MDYzMDY1NzcsImV4aXN0aW5nIjpmYWxzZX0=
.novosti.dn.ua/	1970-01-20 05:50:08	Name: _hjFirstSeen Value: 1
novosti.dn.ua/	1970-01-20 05:50:06	Name: _hjIncludedInSessionSample Value: 1
.novosti.dn.ua/	1970-01-20 05:50:08	Name: _hjSession_1100906 Value: eyJpZCI6IjY4YmQxN2Q1LWJkODItNGMzMi04MmNhLTYzM2JkOTZiYTllYiIsImNyZWF0ZWQiOjE2NjI2MDYzMDY1OTksImluU2FtcGxlIjp0cnVlfQ==
novosti.dn.ua/	1970-01-20 05:50:06	Name: _hjIncludedInPageviewSample Value: 1
.novosti.dn.ua/	1970-01-20 05:50:08	Name: _hjAbsoluteSessionInProgress Value: 0
.dpm.demdex.net/	1970-01-20 10:09:18	Name: dpm Value: 77591084983254548593378124467212135502
.yandex.com/	1970-01-20 14:35:42	Name: yandexuid Value: 4798148841662606306
.yandex.com/	1970-01-20 14:35:42	Name: yuidss Value: 4798148841662606306
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 893550731662606306
.yandex.com/	1970-01-20 15:26:06	Name: i Value: dNgya5yx2qFuCwcpChW8V00w3hBTwFIaLGcxOLWPnp1yqHGs2ZiTDTwq4MA0/b4IHNtYgvb1M6wLimcDwIfNpTeWt8Y=
.yandex.com/	1970-01-20 14:35:42	Name: ymex Value: 1694142306.yrts.1662606306#1694142306.yrtsi.1662606306
novosti.dn.ua/	1970-01-20 06:33:18	Name: _pbjs_userid_consent_data Value: 3524755945110770
.360yield.com/	1970-01-20 07:59:42	Name: tuuid Value: a5234b80-b300-4f14-a859-e5410e167aa7
.360yield.com/	1970-01-20 07:59:42	Name: tuuid_lu Value: 1662606306
.novosti.dn.ua/	1970-01-20 05:50:08	Name: _ym_visorc Value: w
.bidswitch.net/	1970-01-20 14:35:42	Name: tuuid Value: ac12eddc-6875-4161-af95-588362815579
.bidswitch.net/	1970-01-20 14:35:42	Name: c Value: 1662606306
.bidswitch.net/	1970-01-20 14:35:42	Name: tuuid_lu Value: 1662606307
.e-volution.ai/	1970-01-20 06:10:15	Name: v_usr Value: 736745cb-b672-4104-96fa-d8fc3f422638
.creativecdn.com/	1970-01-20 14:35:42	Name: u Value: l4oKrHFZfnrEqRUBtqlH
.creativecdn.com/	1970-01-20 14:35:42	Name: ts Value: 1662606307
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.csync.loopme.me/	1970-01-20 08:01:08	Name: viewer_token Value: 0399206f-252a-44c4-8db6-989bdc6b816e
.openx.net/	1970-01-20 14:35:42	Name: i Value: 91718184-e4de-454b-af63-48ac978bc7ce\|1662606307
.eyeota.net/	1970-01-20 14:35:42	Name: mako_uid Value: 1831b0eef3d-32880000010f46b1
.eyeota.net/	1970-01-20 05:50:06	Name: SERVERID Value: 18097~DM
.e-planning.net/	1970-01-20 15:26:06	Name: E Value: ALy51wJbmzy90OC9
a4p.adpartner.pro/	1970-01-20 07:16:30	Name: apuid Value: 3e7316c6-3555-4be7-849c-1d40af99423d
.zeotap.com/	1970-01-20 05:51:32	Name: zsc Value: %A5%1F%10%CC%A9%97q%FAG%03hns%FE%8F%A5qa%90%12%DCK%B0%AC%94H%D8%28hp%23%80o%FD%FD%83%2F%5B%D7%40%E8%D8I%F0%94%0B%8F%16%C4%87q%7C%5D%D2l%80%97%BF%FA%CF%95%81%80%89%C4%29%8B%DB.Exf%0B%0C%BC%0A%C9%8D%904%BC%EFL%FA%D20%DE%8C%0F%BF3%DB98%08%80%EC%E6%40%2F%3E%EA%D1%7BH%C3%D8%B4%B1%94%BF%C1%C0K%0E%E7%92%D3v%E6%80%A0%88%1C%1E%CF%9F%A7%09X%B5%28%8D%B2%A0ro%D3%C1%2F9%96%C6%03.%C1o%CA%93Y%2A%C4%C3%E8%DE%609%E0gxn%DEPH%02_%18%BD%26%90%F2%ED7%95n%28
.adtelligent.com/	1970-01-20 07:19:23	Name: vmuid Value: 14608d126666643e
.smartadserver.com/	1970-01-20 15:20:20	Name: pid Value: 7983080018656811500
.adtelligent.com/	1970-01-20 07:19:23	Name: a319130 Value: 0399206f-252a-44c4-8db6-989bdc6b816e
.casalemedia.com/	1970-01-20 14:35:42	Name: CMID Value: Yxlb4y1P991AMbJQZZBzTAAA
.casalemedia.com/	1970-01-20 07:59:42	Name: CMPS Value: 1108
.mfadsrvr.com/	1970-01-20 15:26:06	Name: tuuid Value: bcce48f1-d93a-4874-8a84-25ebc4f9dde6
.mfadsrvr.com/	1970-01-20 15:26:06	Name: c Value: 1662606307
.mfadsrvr.com/	1970-01-20 15:26:06	Name: tuuid_lu Value: 1662606307
.adtelligent.com/	1970-01-20 07:19:23	Name: a297253 Value: 5685619251434139993
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 068f9e2e424a0395
novosti.dn.ua/	1970-01-20 15:11:42	Name: cto_bidid Value: O7zdgF9ISmxmTEJta1RxSHYxdEZCQlBNazVkeU00cEZoJTJCMmw4JTJGZ3V1WkRhTG5ReEsydyUyRjd6d21xVWZObDRtNGVCRmloQk1qakJaVXkxMkJ4V0tTZEk2M1psUSUzRCUzRA
novosti.dn.ua/	1970-01-20 15:11:42	Name: cto_bundle Value: MBAEh19RcEVLS2l4eEFrOHRSaEZmQXVUdDRTNWl0Yng4RUpKUmhtR2Voa2FEeWxaclpXY2RZUWFRVkdxeEpTYVV5dVRvWkl0STFMekdYUlkyTkFIdFNlWSUyQlVGTmpZeE56d0ljS0I3NnRySWpBRTdrRUNYaGFKV20lMkZ3QzF0UmlLZ0JMVkU
.adtelligent.com/	1970-01-20 07:19:23	Name: a289656 Value: a5234b80-b300-4f14-a859-e5410e167aa7
.tapad.com/	1970-01-20 07:16:30	Name: TapAd_TS Value: 1662606307425
.adtelligent.com/	1970-01-20 07:19:23	Name: a584890 Value: 5685619251434139993
.adtelligent.com/	1970-01-20 07:19:23	Name: a307558 Value: 3e7316c6-3555-4be7-849c-1d40af99423d
.weborama.fr/	1970-01-20 15:16:01	Name: AFFICHE_W Value: H3Fbr3ku3AUf79
.adfarm1.adition.com/	1970-01-20 07:59:42	Name: UserID1 Value: 7140839714694953107
.adtelligent.com/	1970-01-20 07:19:23	Name: a309255 Value: 7b033112-f4c6-4955-9e39-405172f736be
.console.adtarget.com.tr/	1970-01-20 07:19:23	Name: vmuid Value: fc80234454844c2a
.tidaltv.com/	1970-01-20 14:35:42	Name: tidal_ttid Value: c3336960-e389-47e0-baca-b7b87eb46c5f
.turn.com/	1970-01-20 10:09:18	Name: uid Value: 4077255625088769865
.tapad.com/	1970-01-20 07:16:30	Name: TapAd_3WAY_SYNCS Value:
.tapad.com/	1970-01-20 07:16:30	Name: TapAd_DID Value: 04a09d54-020a-4a66-88ea-8e0edd9717cc
.tidaltv.com/	1970-01-20 14:35:42	Name: sync-his Value: "H4sIAAAAAAAAADM0NjI2sTK0MAIAhjHFWAkAAAA="
.casalemedia.com/	1970-01-20 07:59:42	Name: CMPRO Value: 1137
.casalemedia.com/	1970-01-20 14:35:42	Name: CMRUM3 Value: 2d63195be305a0&1863195be305a0&9c63195be305a00&0363195be305a0&f163195be305a0&1263195be305a0&e663195be32760&2763195be30b40
.casalemedia.com/	1970-01-20 05:51:32	Name: CMST Value: Yxlb42MZW+MA
.adtelligent.com/	1970-01-20 07:19:23	Name: a318342 Value: fc80234454844c2a
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.theadex.com/	1970-01-20 07:59:42	Name: axd Value: 4304958899293124418
.theadex.com/	1970-01-20 06:00:11	Name: tis_yAL Value: yALeAq4z
.krxd.net/	1970-01-20 10:09:18	Name: _kuid_ Value: PEOBXAnx
.yahoo.com/	1970-01-20 14:36:03	Name: A3 Value: d=AQABBONbGWMCEABRFMHNCOWwBVmvGLXILi4&S=AQAAAhiGA7YVSfcysNfKEmplkQI
.disqus.com/	1970-01-20 14:35:42	Name: zeta-ssp-user-id Value: ua-b904149b-8032-3453-8158-39e9aa7db345
.richaudience.com/	1970-01-20 07:59:42	Name: avcid-zeo-uid Value: a9292f66-bed9-4b68-53cd-c5188a427a95
.mfadsrvr.com/	1970-01-20 15:26:06	Name: ssh Value: !mgid,1662606307
.company-target.com/	1970-01-20 15:26:06	Name: tuuid Value: 383fdc43-3c1c-4aa2-b1c6-0f7446662ccd
.company-target.com/	1970-01-20 15:26:06	Name: tuuid_lu Value: 1662606307
.adtelligent.com/	1970-01-20 07:19:23	Name: a307971 Value: ALy51wJbmzy90OC9
cm.mgid.com/	1970-01-20 06:33:18	Name: mg_sync Value: {"265689":1662606306,"287839":1662606307,"363887":1662606306,"433146":1662606306,"501037":1662606307,"516418":1662606306,"549534":1662606306,"617666":1662606307,"709071":1662606306,"720798":1662606306}
.casalemedia.com/	1970-01-20 07:59:42	Name: CMTS Value: 5129
.everesttech.net/	1970-01-20 14:35:42	Name: everest_g_v2 Value: g_surferid~Yxlb4wAMRg2YhgBC
.fwmrm.net/	1970-01-20 10:09:18	Name: _uid Value: "e36e2_7140839718983453226"
.adform.net/	1970-01-20 06:33:18	Name: C Value: 1
.adform.net/	1970-01-20 07:16:30	Name: uid Value: 4579680753371289089
.audrte.com/	1970-01-20 06:11:42	Name: arcki2_ddp Value: CAESEHnExyCcIkKFr5E_cyPe3P4!20210804!1662606308644
.audrte.com/	1970-01-20 06:11:42	Name: arcki2_adform Value: 4579680753371289089!20210804!1662606308788
.audrte.com/	1970-01-20 06:00:11	Name: arcki2_TTT Value: 1662606308789!2aiLsEHMd07ScSq-mwaLwWwOA!H4sIAAAAAAAAACWWS25kNwxFF6OxAEmkRGqYQQZBkAyC3oCoz/6X0Oc5BmyXXa8k8vJ+6LXUKbpybbGyFm15nfN4Vfs9qm7lpu3jxWia174nizwekth5qsh6bam0lt6We/2+3GqtWaW37Guv3KePqVui1plqlPa67tx0RdZbT573laxnPKn79Xgz7cO7+0m+ujTLLCu7r5arR0wK6SVqqk9bb2dkDqLwGDN746EYMdv1ocZ1bc/3ShnZbvQsvd68aniOuuaIXt7entrt2+dueV8O0bid9z1y8Rl++rvxehouL17RbN08g4DRfTyebOO5h55Tk1a/LmfnMe1mueXlWbTkeGNXjVZFWzL3dq1Ydl5l7YA9W9+ZN+c7LapcumvHopWdzSvdDdXM0ZFfO2e3vc28p9XXHmPWXLaAg9Ci39az7rXbGsukSVoXwE0sb76yNMqZtVuOom8WeXyNZHZN1ur5gEtWnY3CV8k+6qmLKwAl3VnLaQ8WLNGsxuNeOW6Vuk7QkvtMa1vYYGyrfZXoA8zYFC5iQwz+tJtujyWzej5inHTvgnT75aKi1mGOtJfszNcm15kcHiox8gouvnX4jTOY7EkwYpwOjr5gnnxU8lYLfRZZw5u1uiCdPVlx8v0IAgsiR7uUWE+3N4r5OdC3g5lKhvYNFlB97F7ynSW0O5SMnixE3GD2XAJpP3rG/Dg+ztzqTc57qT2f43L+mDSuDaH42zc7hLHjUuRaGiDd7aPvY2w6C5LqCgSP+hZDOT1S1P4N/PCQIMkLc6dPuqOwPg0tMeA9AnGYwBIGrKdRncXM9x29Cm2LwnHxK0dabiMii1bAXGB/zjpmqzHlzVjkUOTITR533gIE6IhX20o1qaCaRGX0h6Q2PPyuOzkkLi2M5ncuZPxSpdYqXWDB4fN+bp59ACYGMt8YVvdI/LGQ18xbFrpr90fBJ/uOOWyNgb5S6xCrDVyHT33MfNkPMoxRhgf9i0nS0vuFM/nKG591jRxeEfxd44pDhLvTwkN246ExncIjQHyVyGu8cpbqJ/c0pOp+jkaW6+dKwew6hY1+Xy0DOe7U7V4gqblZOV93mz5FoMKZXOJw2FKhQOiMPJTupeMq7h89lRv0wfe+UrndlkHvN43uTD/EZHISvz5rkXWTzwd/YMHG1rJWw1hVK1rdH6FK372nUzbSZ6L1NNy3UD3Git3NvSFTLKW7hhvpV3OvQ0AUBQckznvshSR9+9Nkt9V5d8ljoAGBjpTj2Pr2NpiNnVoSF9sd4Pxs4k/v4alglJcX5dooslsSvBNeRZ4xQHwsEsPHyvamy2oq+GuCw+HcnMM23YWsL1ZaHlUNHqOJoolYwUSa5wYw/5s9rnRzXbW5iXesJZExozxq7ndhrAtSoYua+xMiwWovbUEVeEsGYD0NyXRk6vMwZSkngKX61vQUuB0NDLyM2R3GMlAoQNvBoycUSXp0Xf1sZJ7P6YBo6cCMXbr3x897E65WtEKQU4SaDJNbg2YvUbT3qvbeTg78NkAPR2B267Po41C+YAuoTNqogHnJRzSEK8FMAXskjb8srBArmKXQnT+arcJ1X6gaNUWBzdC176djAG+yd9F8/SIfqhBJdL/ps9UGZmA/FyfhYmOWyrA+920/Mq+GpOK6wgU9nsLmHK93TBL/ke3EynYhygZDJfAxC1yFheBsyYZD0BPJOIGZUdY70Q5pgWGUReQTikCLFxyc0Oe1/Oq11wf2i6T++vefP/77+89fdI/7Ij6CKc3WJh66UUcw0LbQYb0sC3tCdRhx1Hiol+LYJ98feHB6rXUBZ3rDbGpoQWdWVjxc5HxG+rh+/pgSbyCIgRo9kTwPlkAIgg5nFGRNPuQa+9Zm63mwdpTAo1bNcIWT+sdp4+JteNE8HPVqGuXWdy7qYin6Iv4QSM/YlxjBYSWrhqwnCd2J44U7MdD6XUdc7nfJoceHbKNY4kG+MT//mVWlZgPB5vVCPJj9WGB45FPXaLt/WYGLvAlYe9yqnYPI3M4qh2EgRjjOQKEzu8vI565GvSwWbF5rb2SM3+GmE/7YhK5YDR78mRHDqT1Fj29rYb37Uk17K18qQfFJUN8lcmUkZrD5R8n2LUB6WAnXYXYFw2I76XG0ps6igJ8hjPHjtjh8KPkGqxrWyuo5D9exVRKZkHTykH2bmUJxfI0Eg0PkUmo/hllpzFmA9GD+pAC7KFRiBXzksgIBW0SwfJJypNr+dl1l621vtph1xS6dRa/gFWS6IRmowknTy81lABf/C9P3Gwj5/zhaCwAA
.audrte.com/	1970-01-20 06:11:42	Name: arcki2 Value: 2aiLsEHMd07ScSq-mwaLwWwOA!20210804!1662606308985

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://novosti.dn.ua/ Message: Mixed Content: The page at 'https://novosti.dn.ua/' was loaded over HTTPS, but requested an insecure script 'http://www.google-analytics.com/urchin.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://mc.yandex.ua/sync_cookie_image_check Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9754.6kQMj6thqci-PAT-Z6jYUhnxm4q9kONigRj-AVhqy-R1KoLupJOfZ0wVRGcYZPpkUV7JyypqPYoIXcq1FZh_ow%2C%2C.sJ9iPucw0WSThRLHCysX25OmW_I%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://idsync.rlcdn.com/712107.gif?partner_uid=m8763KNAZo5k& Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/712056.gif? Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=1cf985daa3b09e98&uid=ua-b904149b-8032-3453-8158-39e9aa7db345 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=a9292f66-bed9-4b68-53cd-c5188a427a95&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a9292f66-bed9-4b68-53cd-c5188a427a95&reqId=632be0a4-0f3f-4cfe-74e5-3995fb84704e&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.themoneytizer.com
ads.us.e-planning.net
adtrack.adleadevent.com
ajax.googleapis.com
ap.lijit.com
audit-tcfv2.cmp.quantcast.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
bttrack.com
c.mgid.com
c.tmyzer.com
cdn.admixer.net
cdn.id5-sync.com
cdn.mgid.com
ced.sascdn.com
cm.adform.net
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cmp.quantcast.com
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.turn.com
d2zur9cc2gf1tx.cloudfront.net
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
habrastorage.org
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
in.hotjar.com
js.cookieless-data.com
jsc.mgid.com
loadeu.exelator.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mc.yandex.ua
mug.criteo.com
mwzeom.zeotap.com
novosti.dn.ua
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
ps.eyeota.net
quantcast.mgr.consensu.org
r.casalemedia.com
rtb-usw.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.company-target.com
s.console.adtarget.com.tr
s.e-planning.net
script.hotjar.com
secure-assets.rubiconproject.com
secure.quantserve.com
servicer.mgid.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum.casalemedia.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.e-volution.ai
sync.inmobi.com
sync.mathtag.com
sync.richaudience.com
sync.tidaltv.com
syndication.twitter.com
tag.leadplace.fr
tags.bluekai.com
tags.crwdcntrl.net
test.cmp.quantcast.com
token.rubiconproject.com
trc.taboola.com
u-ams02.e-planning.net
usermatch.krxd.net
vars.hotjar.com
vid.vidoomy.com
widgets.getsitecontrol.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
habrastorage.org
mc.yandex.ua
www.google-analytics.com
104.16.199.73
104.18.18.126
104.18.19.126
104.244.42.200
108.128.241.23
109.206.161.21
13.248.245.213
141.95.33.111
143.204.215.65
145.239.193.51
15.197.193.217
151.1.205.165
151.101.2.49
157.90.211.246
168.119.67.205
172.217.18.2
174.129.134.181
178.250.2.146
18.193.0.23
185.15.245.82
185.184.8.90
185.29.134.244
185.59.220.194
185.64.190.78
185.86.139.93
192.132.33.46
198.148.27.140
198.47.127.18
20.127.253.7
2001:678:cb4:bbbb::13
205.234.175.175
212.129.3.112
212.82.100.182
216.52.2.30
23.205.235.133
23.216.77.39
23.35.228.210
23.35.236.201
23.75.240.210
2600:1f18:6593:f608:d96:5850:6736:187e
2600:9000:2057:ac00:3:a4cd:8380:93a1
2600:9000:206f:2800:9:46dc:4700:93a1
2600:9000:206f:8200:6:44e3:f8c0:93a1
2600:9000:206f:f000:9:46dc:4700:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:3556
2606:4700:10::ac43:db6
2606:4700:1::6813:844e
2606:4700:1::6813:854e
2606:4700::6813:ad6c
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a00:1450:400c:c07::9a
2a02:2638:1::13
2a02:6b8::1:119
2a02:6ea0:c700::10
2a02:6ea0:c700::20
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:600::300
2a05:d018:24:b002:4b1d:b4d8:d7a1:7bd5
2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72
3.121.59.219
3.124.210.90
3.218.193.24
34.111.131.239
34.197.100.236
34.96.71.22
35.212.212.222
35.227.248.159
35.227.252.103
35.244.174.68
37.157.4.29
37.157.4.41
37.252.173.62
46.249.52.248
46.249.52.249
5.178.65.253
51.38.120.206
51.83.220.94
52.17.63.11
52.213.127.205
52.29.53.92
52.31.1.81
52.46.151.131
52.94.223.37
54.175.220.103
54.228.197.239
54.229.37.204
54.38.64.100
54.78.254.47
62.149.1.122
63.34.154.154
65.9.58.132
65.9.66.91
65.9.66.97
67.202.105.34
69.173.144.139
69.192.160.219
85.114.159.93
88.214.206.247
99.86.4.101
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
02765069869ed277f22839eb91f9c733127a9d4d2000113260d4fcabe2cfd68a
062cf718dc491df31c28bff06e9856b9d3c28b03cbbeee003e0688b72155b413
07972f12994eb405d291a4584d3cec9262e657f789053b67de1b1d71d6f09c62
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d39539a00fbe5b96560ad2bc2448d7aaf369d76253bec0b493811f87e16f35d
0d47f3cfcbdbccc8268f9ee28497b52b71346b3c146186c77ef6b5b0088a2c30
1062171d292ac1459c93d64d20dbed6680be2b4330dfe18084bd8b09855839bc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12834bf87c7ea4886f34ec4c3467347430875f00be6124b983d42442bc9aeb20
133119cf67a229727e24591a0d3d5d3e5ac3d41ba1a29b252ddb43f13b7cdb76
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9
160393155f0226346f1bdcc189e3517f2972562807a2c545223164d57927c659
18e94ec9a52338c5f9a1bf319b6e4a7e2add224d824a9edb5de7f670248ccd7d
1a0f0121feddf291d65fca4e165541dcd861417d1ce13b5a82ec20f42b4157f2
1b61008935c6982da4227dde41c1ae74a7208fefbb9d6aa7a485c7e3c99f54b7
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
239e4d8a5220e69c7fc071ffbd310facdba8c46b34f3e3064b7394f1fd2af19c
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
2a17613f539f2e7dc3518e833176c3d1318cc506aa8317034bcf2325be89e651
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
309f9e2fb5a81f1cf516723a0dd4fb6ad24dbd7c9d919f8f5c35f3013d7aee95
30b4b20777931c060c92b024d0c527c033aa8fd1a8666a642cdbfb47744f5a89
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
318a7d79cfb6e344178edb59d37bd784b530d4cd6369719dacfdb2c6671b3437
32cf0a8fe53899cf276cb12df8c8f5f1558bfb49a803502eda8296818dafef6f
3a7bb82b882e2e06e0ba9a3db6ff662becda452d1187fc14fb0c7f7039731704
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
41bd41f362f5179c4cfa7a3ce31402f9c3b253f0fddfff761d8a732b0026f028
42657f84f78e7d7a2182c9bc4cd1e6fa8db6e4fb4d52ddb276007ccbd65f343c
4383f92eb75f5415e723dc7508e15531b9a718e1b2bc30b5df48b2652d63291b
48e9e1a995a56d210d3d756af67e0b554849e15d82cf985854a9785c9f40d117
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4afe72356320d0b23e3586ee60c9ed4ce4fe46232f30e362e1be4fa1e5a8f954
4c3900ad528497c7f05e1bfae35d0b424d4493dc5c24578112b5469f9f413be8
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350
51ddb868df8047b8c45d265c8c508fca37427e7196bb359dd5125e504a6cad8b
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5ced0e7e87be3d8ba2646d6bb22f39009cb85ef53f3c2889c10b6561721f7350
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
5f27494418d160d0ab3d20bd8eeb256861628a93ad101cd5cd73819a2183de3c
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
625fe50da014a3c61723c5f3a25f61b21ccf404f20793df88eedd0fa5267b633
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
72da1cda28502541941d7beca3ecfb679aa0f59309e1191066a4efcf5b9c74c4
736626425ea92c187a771d922c2dfc35826f814d78d0d5c75e128d1c58645e3f
79047a3aeacacc53b7ec0e4e2ca6b73d03e6f9e6d80d87f6166a903b5cacf87a
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
803609c6a99f60d98637a71a7435e5d3c2432b0152e43b400d30208c8954a78c
80653f3de946aed3719e7d60e624655f7986179788b5048fe03486281665a56c
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
81f80380180e41c056f038f76854f0899547a79b9d1bbc4eb9d0fd695eab2e3e
83235a96798ad37eb8a59cdb2e7028f5fdd649e2ce3db252c2e669b91cdd5d95
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
8f7ec40b071e717bab542d1dacbd9e3a062f15df879f4423dbbde96d52602961
8fe3101b13007789be64c57a624c831f5cdc007f604a27ab85b86276069739a5
9405d90d85be75896f4808e8ac6d770a613e63e50d77bb241856fd30da1e9c1a
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
94bc387d707747ae148743eb21db4bfecaafe795c6f0d5a8cf49f99f0a7baaac
963a358672721067643c40fb5fd58ea7a3e2d37d422563df71a2715eac2f4840
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
983549c91c293b6b54ac14eaadbdec972c87a9b84ceeba48208f700181e5bad3
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9f453ee3bc59908a14a3aebca4cf51eeb3ec4a05b9247e0af8d4d55e777bfd05
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a277036dbc02e5c215ecc2e53ac64cad158174e27298446ced79387b3d592d73
a457edfc895c74cf54380b4ff5c5dfb6f3f8ff8d7557305027bdaccd52fc1320
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
afa9f49487ae84cfc5d12c429935d5210fdb547ac619139d52b52149cd1dda80
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
ba409d35f382b9b7939a3b8ce75293f0e7814185b6958dd76d4f3f57af36970f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bcf7affa79ef6864250d521c969b968faf5543f87d4520f739c56dba671acc3c
be50b4ed8b858fb7f3c11fc63523bc3cc429510c22227b85be6b0da9b8f7b2a0
c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c
c1a51f921893ae45dfba49e5799f1d8c21b5a1449592bfe3c04cae8d69d093a8
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
cd0564106c40c0d22e2b8fd12f552d0beb6bc1f44d0e9e1a744ff86a811d1ebb
cd6a9d800ba7ecfdec19eca018589422def18d93f95b7c57051af4804a86f9c1
cfcfe39189deb2d73761c3c9950ef1a320602618dcd91ce4f68b3531fdd1960a
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d177d0568ee9b877b7b6c462ea22fb27f5323644c80ce9fbe4ba31f653d5fa08
d266111697d676c62a865aa2841614917d4cf03fbb512c9ea24dce8ddb25e928
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
d6715af55167d4c096331bfac658a23f9507d9d0e42b93545eb7560e10115ffc
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d8318a1053c2f8a4a2b688cefecdb52f0f01a6ebb6a36810d680678ae00a3673
d8d4ca1d9b3726b5d7c2914a4402b658e1ee9fb16253e3dc2e02b0f23dba587c
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a
e6a8e89a4879014e4d13cf0078e75633aacfd6dc3c112af51ec9ed17047be9fb
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
ea21e579ba2ae4fc6e0b8b2cdcfb4bc40abe7fd09b1372ffd8dcc7482a236289
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fecea19e6f88de17cab929a8a2a97e77cafc838874059793c148d4313213544d
ffcdfc06b1ad3f5048d570a300f1c13e0627f8afb7e4000db2a5cebcd635bbdd

novosti.dn.ua Open in urlscan Pro 168.119.67.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

239 Requests

79 %HTTPS

29 %IPv6

88 Domains

123 Subdomains

85 IPs

12 Countries

2596 kBTransfer

7188 kBSize

107 Cookies

10 Outgoing links

Page URL History

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

novosti.dn.ua Open in urlscan Pro
168.119.67.205 Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

79 %
HTTPS

29 %
IPv6

88
Domains

123
Subdomains

85
IPs

12
Countries

2596 kB
Transfer

7188 kB
Size

107
Cookies

239 HTTP transactions
3 data transactions