urlscan.io logo urlscan.io
SecurityTrails logo

mail.i.ua Open in urlscan Pro
104.18.2.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mbox2.i.ua/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543
Effective URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Submission: On December 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 12 countries across 79 domains to perform 251 HTTP transactions. The main IP is 104.18.2.81, located in and belongs to CLOUDFLARENET, US. The main domain is mail.i.ua.
TLS certificate: Issued by R3 on December 11th 2023. Valid for: 3 months.
This is the only time mail.i.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 56 104.18.2.81 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a03:90c0:41:... 199524 (GCORE)
1 91.198.36.26 43405 (DIGITAL-V...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 6 51.83.200.186 16276 (OVH)
5 78.159.118.240 28753 (LEASEWEB-...)
3 185.187.81.40 43332 (IDSTRATEG...)
3 45.133.44.4 39572 (ADVANCEDH...)
4 81.17.55.122 60781 (LEASEWEB-...)
11 2606:4700:1::... 13335 (CLOUDFLAR...)
3 5.79.65.76 60781 (LEASEWEB-...)
10 136.243.84.74 24940 (HETZNER-AS)
1 146.59.30.108 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a0c:5c87:523... 55081 (24SHELLS)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 193.3.178.3 399668 (E-PLANNING-)
1 67.202.105.23 32748 (STEADFAST)
1 1 2.18.160.23 16625 (AKAMAI-AS)
8 185.83.71.234 55081 (24SHELLS)
2 2 51.83.220.94 16276 (OVH)
2 216.52.2.16 32475 (SINGLEHOP...)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 2 34.202.194.6 14618 (AMAZON-AES)
8 9 185.89.210.122 29990 (ASN-APPNEX)
1 1 8.2.110.161 46636 (NATCOWEB)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2001:4860:480... 15169 (GOOGLE)
1 8.2.110.26 46636 (NATCOWEB)
1 193.3.178.1 399668 (E-PLANNING-)
1 1 54.90.9.38 14618 (AMAZON-AES)
1 54.93.159.64 16509 (AMAZON-02)
1 69.166.1.35 27630 (AS-XFERNET)
1 35.227.252.103 396982 (GOOGLE-CL...)
2 5 54.93.159.119 16509 (AMAZON-02)
3 23.35.236.201 16625 (AKAMAI-AS)
2 2 104.64.126.246 16625 (AKAMAI-AS)
4 2.19.217.60 16625 (AKAMAI-AS)
1 6 104.18.36.155 13335 (CLOUDFLAR...)
1 51.89.9.254 16276 (OVH)
13 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 142.250.185.98 15169 (GOOGLE)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
2 3 37.157.4.29 198622 (ADFORM)
3 15.197.193.217 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 52.31.22.181 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.82 24961 (MYLOC-AS ...)
1 1 54.170.64.73 16509 (AMAZON-02)
2 2 3.71.149.231 16509 (AMAZON-02)
1 1 52.214.242.160 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 108.128.254.201 16509 (AMAZON-02)
1 168.119.72.236 24940 (HETZNER-AS)
2 2 151.101.66.49 54113 (FASTLY)
1 1 52.204.248.204 14618 (AMAZON-AES)
1 2 67.220.226.232 16509 (AMAZON-02)
1 2.19.217.66 16625 (AKAMAI-AS)
1 1 52.50.56.243 16509 (AMAZON-02)
3 69.173.144.165 26667 (RUBICONPR...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 65.9.66.104 16509 (AMAZON-02)
1 198.47.127.19 3257 (GTT-BACKB...)
2 54.194.188.15 16509 (AMAZON-02)
1 76.223.111.18 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 3.233.244.31 14618 (AMAZON-AES)
2 2 13.32.27.113 16509 (AMAZON-02)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
1 2 52.46.128.147 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.208.249.213 19527 (GOOGLE-2)
4 2a00:1450:400... 15169 (GOOGLE)
7 52.210.15.1 16509 (AMAZON-02)
1 1 35.210.239.72 19527 (GOOGLE-2)
1 35.244.159.8 15169 (GOOGLE)
1 1 54.166.150.36 14618 (AMAZON-AES)
1 1 54.162.68.92 14618 (AMAZON-AES)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 50.31.142.159 23352 (SERVERCEN...)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 124.146.153.168 2514 (INFOSPHER...)
4 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 162.19.138.119 16276 (OVH)
1 162.19.138.116 16276 (OVH)
251 71
56    104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)
mbox2.i.ua
mail.i.ua
i3.i.ua
i.i.ua
r.i.ua
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    51.83.200.186 (France)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-83-200.eu
kpmediagaua.hit.gemius.pl
5    78.159.118.240 (Sankt Augustin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
3    185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
loadercdn.net
3    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
4    81.17.55.122 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
11    2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
3    5.79.65.76 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
z.cdn.adtarget.market
10    136.243.84.74 (Mehlingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
go.rcvlink.com
st11.rcvlink.com
1    146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu
ls.hit.gemius.pl
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
sghb.adtelligent.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
736d068f792bbbd2cd3286c2b65ddd4c.safeframe.googlesyndication.com
7    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams03.e-planning.net
sync.e-planning.net
1    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
8    185.83.71.234 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
2    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
2    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
2    34.202.194.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-194-6.compute-1.amazonaws.com
cookies.nextmillmedia.com
9    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    8.2.110.161 (Greenfield, United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
1    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    8.2.110.26 (Greenfield, United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    193.3.178.1 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    54.90.9.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-9-38.compute-1.amazonaws.com
ssp.disqus.com
1    54.93.159.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-159-64.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    54.93.159.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-159-119.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
13    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    52.31.22.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-22-181.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.82 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    54.170.64.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-64-73.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    52.214.242.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-242-160.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    108.128.254.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-254-201.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.204.248.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-248-204.compute-1.amazonaws.com
usermatch.krxd.net
2    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2.19.217.66 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-66.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.50.56.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-56-243.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    54.194.188.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-188-15.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    3.233.244.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-244-31.compute-1.amazonaws.com
i.liadm.com
2    13.32.27.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net
live.rezync.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2a05:d018:d29:3601:357b:9971:3f66:201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
4    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    54.166.150.36 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-150-36.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.162.68.92 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-68-92.compute-1.amazonaws.com
sync.ipredictive.com
1    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    50.31.142.159 (Reed Crossing, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    124.146.153.168 (Kakegawa, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    2606:4700:1::6813:834c (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
Apex Domain
Subdomains		 Transfer
56 i.ua
mbox2.i.ua
mail.i.ua
i3.i.ua
i.i.ua — Cisco Umbrella Rank: 869312
r.i.ua — Cisco Umbrella Rank: 264670
256 KB
16 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9066
cm-x.mgid.com — Cisco Umbrella Rank: 6820
c.mgid.com — Cisco Umbrella Rank: 7275
cdn.mgid.com — Cisco Umbrella Rank: 11503
servicer.mgid.com — Cisco Umbrella Rank: 9134
s-img.mgid.com — Cisco Umbrella Rank: 9069
cm.mgid.com — Cisco Umbrella Rank: 1303
243 KB
15 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7472
sghb.adtelligent.com — Cisco Umbrella Rank: 16454
sync.adtelligent.com — Cisco Umbrella Rank: 6860
196 KB
13 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2888
mwzeom.zeotap.com — Cisco Umbrella Rank: 3215
4 KB
10 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 43372
st11.rcvlink.com — Cisco Umbrella Rank: 53646
38 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
736d068f792bbbd2cd3286c2b65ddd4c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
287 KB
9 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
3 KB
9 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
token.rubiconproject.com — Cisco Umbrella Rank: 461
29 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
6 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
185 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2234
s.e-planning.net — Cisco Umbrella Rank: 4907
u-ams03.e-planning.net — Cisco Umbrella Rank: 30386
sync.e-planning.net — Cisco Umbrella Rank: 4044
3 KB
7 gemius.pl
kpmediagaua.hit.gemius.pl
ls.hit.gemius.pl — Cisco Umbrella Rank: 15551
44 KB
6 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
4 KB
6 gstatic.com
csi.gstatic.com
fonts.gstatic.com
51 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
1 KB
5 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 294122
z.cdn.umh.ua — Cisco Umbrella Rank: 317982
11 KB
5 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 63408
147 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
2 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
3 KB
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793 Failed
75 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
357 B
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
67 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 699
usermatch.krxd.net — Cisco Umbrella Rank: 1751
943 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
445 B
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 2870
c1.adform.net — Cisco Umbrella Rank: 560
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
3 adtarget.market
z.cdn.adtarget.market — Cisco Umbrella Rank: 113508
290 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
912 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
19 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25773
907 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 491
531 B
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2362
189 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
554 B
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10154
696 B
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 467629
25 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 56807
3 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
269 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
692 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
540 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
286 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4714
238 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
373 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3764
444 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
98 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
1 KB
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
140 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
693 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 35983
215 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1727
60 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1226
204 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
527 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 24530
84 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7695
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12465
460 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 648
203 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
401 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
35 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1557
298 B
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3200
119 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2232
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 23934
349 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1215
384 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 904
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 743967
169 B
1 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 550804
4 KB
0 bemail.it Failed
bn01.er.bemail.it Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
251 79
Domain Requested by
49 i3.i.ua mail.i.ua
i3.i.ua
11 mwzeom.zeotap.com spl.zeotap.com
8 ib.adnxs.com 7 redirects spl.zeotap.com
8 sync.adtelligent.com player.adtelligent.com
mail.i.ua
ads.us.e-planning.net
7 usersync.gumgum.com rtb.gumgum.com
7 go.rcvlink.com z.cdn.umh.ua
go.rcvlink.com
mail.i.ua
6 kpmediagaua.hit.gemius.pl 1 redirects mail.i.ua
kpmediagaua.hit.gemius.pl
5 s-img.mgid.com mail.i.ua
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 x.bidswitch.net 2 redirects ads.us.e-planning.net
spl.zeotap.com
rtb.gumgum.com
5 cdn.admixer.net mail.i.ua
cdn.admixer.net
5 pagead2.googlesyndication.com mail.i.ua
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 creativecdn.com 4 redirects
4 tpc.googlesyndication.com mail.i.ua
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 eus.rubiconproject.com ads.us.e-planning.net
rtb.gumgum.com
eus.rubiconproject.com
4 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 sghb.adtelligent.com player.adtelligent.com
4 ssbsync.smartadserver.com z.cdn.umh.ua
rtb.gumgum.com
4 z.cdn.umh.ua cdn.umh.ua
4 securepubads.g.doubleclick.net mail.i.ua
securepubads.g.doubleclick.net
4 mail.i.ua 1 redirects mail.i.ua
3 dsum-sec.casalemedia.com ssum.casalemedia.com
3 match.adsrvr.org spl.zeotap.com
ssum.casalemedia.com
rtb.gumgum.com
3 cm.g.doubleclick.net 1 redirects spl.zeotap.com
rtb.gumgum.com
3 fonts.googleapis.com client
securepubads.g.doubleclick.net
3 ads.pubmatic.com ads.us.e-planning.net
rtb.gumgum.com
jsc.mgid.com
3 st11.rcvlink.com mail.i.ua
3 z.cdn.adtarget.market mail.i.ua
3 jsc.mgid.com z.cdn.umh.ua
jsc.mgid.com
3 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
2 token.rubiconproject.com eus.rubiconproject.com
2 cdn.id5-sync.com jsc.mgid.com
2 cm.mgid.com jsc.mgid.com
2 c1.adform.net 2 redirects
2 pr-bh.ybp.yahoo.com ssum.casalemedia.com
rtb.gumgum.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 servicer.mgid.com jsc.mgid.com
2 cdn.mgid.com mail.i.ua
2 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 csi.gstatic.com pagead2.googlesyndication.com
cdn.ampproject.org
2 cookies.nextmillmedia.com 1 redirects mail.i.ua
2 ap.lijit.com mail.i.ua
2 a4p.adpartner.pro 2 redirects
2 ads.us.e-planning.net 1 redirects player.adtelligent.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 s.zmctrack.net mail.i.ua
2 player.adtcdn.com mail.i.ua
1 id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 tg.socdm.com 1 redirects
1 sync.e-planning.net rtb.gumgum.com
1 bh.contextweb.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 us-u.openx.net rtb.gumgum.com
1 u.ipw.metadsp.co.uk 1 redirects
1 secure.adnxs.com 1 redirects
1 trace.mediago.io 1 redirects
1 cm.ctnsnet.com 1 redirects
1 idsync.rlcdn.com ssum.casalemedia.com
1 p.rfihub.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 eb2.3lift.com ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 cms.quantserve.com 1 redirects
1 pixel.rubiconproject.com spl.zeotap.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 c.mgid.com mail.i.ua
1 onetag-sys.com ads.us.e-planning.net
1 rtb.openx.net ads.us.e-planning.net
1 sync.go.sonobi.com ads.us.e-planning.net
1 match.sharethrough.com ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 sync.admanmedia.com ads.us.e-planning.net
1 vid.vidoomy.com mail.i.ua
1 cm-x.mgid.com 1 redirects
1 t.trafmag.com mail.i.ua
1 hbx.media.net 1 redirects
1 ssc-cms.33across.com player.adtelligent.com
1 736d068f792bbbd2cd3286c2b65ddd4c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 loadercdn.net mail.i.ua
1 ls.hit.gemius.pl kpmediagaua.hit.gemius.pl
1 cdn.umh.ua mail.i.ua
1 r.i.ua mail.i.ua
1 i.i.ua mail.i.ua
1 i.holder.com.ua mail.i.ua
1 mbox2.i.ua 1 redirects
0 bn01.er.bemail.it Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
251 119
Subject Issuer Validity Valid
i.ua
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2023-06-06 -
2024-06-05		 a year crt.sh
holder.com.ua
R3		 2023-12-01 -
2024-02-29		 3 months crt.sh
adtcdn.com
GTS CA 1P5		 2023-11-10 -
2024-02-08		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2023-09-14 -
2024-09-25		 a year crt.sh
cdn.umh.ua
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2023-04-18 -
2024-04-25		 a year crt.sh
player.adtelligent.com
R3		 2023-11-15 -
2024-02-13		 3 months crt.sh
ingress-haproxy-public-l4.ingress-haproxy-public-l4
kubernetes-ingress-ca		 2023-10-11 -
2024-10-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
adtarget.market
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.rcvlink.com
Thawte TLS RSA CA G1		 2023-09-19 -
2024-10-02		 a year crt.sh
sghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-23 -
2024-02-21		 3 months crt.sh
loadercdn.net
R3		 2023-11-08 -
2024-02-06		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-13 -
2024-06-13		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.v.fwmrm.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-13 -
2024-12-13		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-10-21 -
2024-01-19		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh

This page contains 34 frames:

Primary Page: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Frame ID: BF4DE9C92855C5DE0D257ECE4ADAFB6A
Requests: 115 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 47EA8DF890E0D9BC91A1BC4788AD66BC
Requests: 1 HTTP requests in this frame

Frame: https://mail.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 3900BD78D9A1BAF51FF09CD120D40F75
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Frame ID: D0F47DD4DDB0DF91CB6DA8002D2F7309
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Frame ID: 7C2364DF7DDDCAF2DC8A865F13626ECC
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: F01E2038023BED38C34D8F068C0112B0
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Frame ID: 1F4BA145F4D6546C645A04A854B5D8F3
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: C6DEA064644BA8F409A33739C83B1A7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 99AD29D89772B5C29A46BA34FEF9EBBB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/65416/c.html?b=65416
Frame ID: AB9A01F3090AB345726187DA02EC5679
Requests: 1 HTTP requests in this frame

Frame: https://736d068f792bbbd2cd3286c2b65ddd4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3EDBCC561001564380DA27E8D101E519
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1702371944&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702371944334&bpp=2&bdt=425&idt=274&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7625872996380&rume=1&frm=20&pv=2&ga_vid=1723165925.1702371945&ga_sid=1702371945&ga_hid=605160339&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079924%2C31080103%2C42531705%2C95320870%2C95320885%2C31061691%2C31061693&oid=2&pvsid=3149432591697351&tmod=1526671711&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=286
Frame ID: 4377B8EEC848D15693323BF6628AC403
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 2B80665FA4F62A612AC9CE06D1A76065
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 500732DAC98CB81338495E3406AAC91C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: 332D07D0631BA48A55B98942F785AF2A
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: 2FF73C82AF0ABE2ECA24B3110E05429A
Requests: 8 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: C5DF58F98C9F370ECF6373DE75B8C670
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dbac73b088ae07ba7%26uid%3D
Frame ID: D83319D4DB5CC6CFA9BA9CF44354F740
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: CEB4BFEF5EB7FCA21E407C0B0F7882F2
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Frame ID: 2CBBA2F8609CCDDEA04392E04A34186F
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 831BB8481CF0DDA1803907E1BE6ADB0E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 447AE4A98338B9D1736387F8C6E942A1
Requests: 33 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Frame ID: 5D30B0DBF361548C7016238A4D255AB2
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 75F46E134191A2B8CFEEEACFACDA4E5E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ACnc%2fHO7a3%2fYdedR&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=484122&a=307971&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: 57C5F385B148F244AC0D916090F0F545
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 7FE873A9B2D469136C0257FC53F85B49
Requests: 18 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=2718736404924873562&gdpr=&gdpr_consent=
Frame ID: 3D6059F5B1CFB90E3209AFD495C1C7E4
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZGQ5Mjg1Ni0yNWY5LTQxMDgtOTU3YS04NWY4Mzg4NTQ5NDI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 9F8E40881744C913D5BC313517168962
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9BE418642BEB54435F3DD4EA602081F7
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 3F4A60398E36305FFC62D140AAD5F718
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZXgiacCo8X8AAE6HkmsAAAAA
Frame ID: E4F68A07DFC27969F5E4EC21937BCC1F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=gumgum&tc=1
Frame ID: 9A3C3D60B68229448C57FAFFF35577BA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: F4D9E2366D4FC1AB16C0AD229FC6FFA4
Requests: 3 HTTP requests in this frame

Frame: https://jsc.mgid.com/i/u/i.ua.1552127.es6.js
Frame ID: 4BC77E4A71F005CC95333127A116E99D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Пошта - електронна пошта з доменами @i.ua, @ua.fm і @email.ua, створіть e-mail адресу 

Page URL History Show full URLs

  1. https://mbox2.i.ua/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543 HTTP 302
    https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=17023... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

251
Requests

80 %
HTTPS

22 %
IPv6

79
Domains

119
Subdomains

71
IPs

12
Countries

1802 kB
Transfer

5041 kB
Size

87
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mbox2.i.ua/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543 HTTP 302
    https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://mail.i.ua/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://mail.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Request Chain 66
  • https://kpmediagaua.hit.gemius.pl/_1702371944623/rexdot.js?l=100&sendf=24&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=IXV2C99reInKFSODxceOI.kQkNIJlr51cCivywBaUoH.577MmwSNammP_DRD0vDR7FAERvw4ArGWjGghAVvoQHMhMU9_/owJgoQv_y59SQ/&fpdata=-TURNEDOFF&ltime=308&fr=1&ref=&inner=_ver%3D346%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6578226812baea7c&brts=1702371944 HTTP 301
  • https://kpmediagaua.hit.gemius.pl/__/_1702371944623/rexdot.js?l=100&sendf=24&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=IXV2C99reInKFSODxceOI.kQkNIJlr51cCivywBaUoH.577MmwSNammP_DRD0vDR7FAERvw4ArGWjGghAVvoQHMhMU9_/owJgoQv_y59SQ/&fpdata=-TURNEDOFF&ltime=308&fr=1&ref=&inner=_ver%3D346%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6578226812baea7c&brts=1702371944
Request Chain 69
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Request Chain 71
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D750708%26a%3D754412%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 72
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1885%26sp%3D804476%26pb%3D283366%26c%3D628863%26a%3D307558%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f3ad8a9a-d963-4e3b-b18d-d9a87c1f52ab&traffic_source=snippet&session=369CBC6FE53C1885&sp=804476&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 77
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D603469%26a%3D307558%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3af77f91-9e39-4784-b9a6-41bf8a74eb91&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=603469&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 78
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D736651%26a%3D751004%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D751004%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D369CBC6FE53C1887%2526sp%253D852559%2526pb%253D753264%2526c%253D736651%2526a%253D751004%2526gdpr%253D0%2526gdpr_source%253D%2526gdpr_consent%253D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=5914369837483185201&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=736651&a=751004&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 79
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D746141%26a%3D753378%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=d6cdb8a9-c0b0-4aef-ad68-4bb2b89fc7d2&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=746141&a=753378&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 80
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D529070%26a%3D297253%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D369CBC6FE53C1887%2526sp%253D852559%2526pb%253D753264%2526c%253D529070%2526a%253D297253%2526gdpr%253D0%2526gdpr_source%253D%2526gdpr_consent%253D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=870914631770431160&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=529070&a=297253&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 82
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D635609%26a%3D584890%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D369CBC6FE53C1887%2526sp%253D852559%2526pb%253D753264%2526c%253D635609%2526a%253D584890%2526gdpr%253D0%2526gdpr_source%253D%2526gdpr_consent%253D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3154478265322083504&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=635609&a=584890&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 95
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dbac73b088ae07ba7%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=bac73b088ae07ba7&uid=3154478265322083504
Request Chain 96
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dbac73b088ae07ba7%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=bac73b088ae07ba7&uid=ua-355a5eeb-4c73-3c99-9ec4-d0ae0ca938b0
Request Chain 100
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Dbac73b088ae07ba7 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=bac73b088ae07ba7
Request Chain 103
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 104
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Request Chain 142
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ca9bebc4-7b9d-4e23-a191-80c4780b9e71&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 149
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=18203127235902352132411845926958709191&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 152
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7311631829403236501&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 153
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d
Request Chain 154
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361&bounce=1&random=290420790 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=AjK8qOhdv6RzJihi7fp3RO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 156
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 157
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-NUFV0TdE2ookhTW6AAkf4.WMCpQXdx7u3w--~A&zpartnerid=570&env=mWeb
Request Chain 158
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TByC8a22WB6MWL1vOW6xcFsv%2BS41iYitP1U%3D
Request Chain 162
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361&_test=ZXgiaQAGWNoY9QBU HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZXgiaQAGWNoY9QBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 163
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 164
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361&dcc=t
Request Chain 166
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 170
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=eisxv34sML5hKDe-eCkrv3onZ7VhLjOyenpMjJ_t&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDILmpsI-PPKUH9HdU_Zb18&google_cver=1
Request Chain 197
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e496cea0d7684d78ad05e15cd4265ff9 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e496cea0-d768-4d78-ad05-e15cd4265ff9 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b440e6ba-99da-46db-9c1c-3339f14a79ac%3A1702371945.9327953&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db440e6ba-99da-46db-9c1c-3339f14a79ac%253A1702371945.9327953%26_%3D1702371945.9349144&cb=1702371945.9349477 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631274117568&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db440e6ba-99da-46db-9c1c-3339f14a79ac%253A1702371945.9327953%26_%3D1702371945.9349144 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b440e6ba-99da-46db-9c1c-3339f14a79ac%3A1702371945.9327953&_=1702371945.9349144
Request Chain 198
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 200
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&tc=1
Request Chain 201
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3c2a87f61367405ea8ae1e331d97f141&expiration=1704963945
Request Chain 202
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7253670a12lg89600lq24avxb
Request Chain 208
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5914369837483185201
Request Chain 209
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6dd92856-25f9-4108-957a-85f838854942&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_6dd92856-25f9-4108-957a-85f838854942&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=4640bf22-7547-447b-8a7d-04a3fdedb8e2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=4640bf22-7547-447b-8a7d-04a3fdedb8e2
Request Chain 211
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6607cc4c-99b7-5afc-7a38-762df91a68d8$ip$84.19.175.183
Request Chain 213
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=8c24ebae-ba21-413b-8aa3-50fbe25b214a
Request Chain 215
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6dd92856-25f9-4108-957a-85f838854942&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 216
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=XGyLhKG9cJhi&ev=1&pid=558355
Request Chain 219
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=2718736404924873562&gdpr=&gdpr_consent=
Request Chain 223
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXgiacCo8X8AAE6HkmsAAAAA
Request Chain 224
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=gumgum&tc=1
Request Chain 225
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum

251 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mail.i.ua/
Redirect Chain
  • https://mbox2.i.ua/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543
  • https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a22e14df0f1c54ab4414eb691343cbeb487bc4c5d7d191875cf145fe792f485d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8344cea8696835f9-FRA
content-encoding
br
content-type
text/html; charset=windows-1251
date
Tue, 12 Dec 2023 09:05:43 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8344cea7687f35f9-FRA
content-type
text/html; charset=windows-1251
date
Tue, 12 Dec 2023 09:05:43 GMT
location
https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
server
cloudflare
mail.y2016369a.css
i3.i.ua/css/i2/blue/ 		229 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bcb06d6faa4ca062642d7b2e98970ef0343614d2ec8364f52d2a78d42b3732b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Jul 2023 19:25:40 GMT
server
cloudflare
age
1215287
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
8344cea99ad035f9-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 07:30:56 GMT
util.ya033ba43.js
i3.i.ua/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3.i.ua/js/util.ya033ba43.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Jan 2023 10:58:10 GMT
server
cloudflare
age
961165
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
max-age=31536000
cf-ray
8344cea99ad435f9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Nov 2024 06:06:18 GMT
JSHttpRequest.y989b751f.js
i3.i.ua/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3.i.ua/js/JSHttpRequest.y989b751f.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2017 10:11:42 GMT
server
cloudflare
age
3559059
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
max-age=31536000
cf-ray
8344cea99ad535f9-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Oct 2024 04:28:04 GMT
global.y18bbae35.js
i3.i.ua/js/i/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3.i.ua/js/i/global.y18bbae35.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 May 2018 09:28:34 GMT
server
cloudflare
age
1063351
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
max-age=31536000
cf-ray
8344cea99ad635f9-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Nov 2024 01:43:12 GMT
autoload.y718797e6.js
i3.i.ua/js/i/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3.i.ua/js/i/autoload.y718797e6.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ce5e5fc944426f117531e92e0f3b86daa5fd4d4a9230a8019fdb5c1e2d1dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Jan 2023 10:58:07 GMT
server
cloudflare
age
976597
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
max-age=31536000
cf-ray
8344cea99ad235f9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Nov 2024 01:49:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64af276432829f203bda40c6c6171b897c06655253b5ec8ae74286fe56e1cd3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51794
x-xss-protection
0
server
cafe
etag
9727260763629437683
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:05:44 GMT
loader2.js
cdn.admixer.net/scripts3/ 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
65c61c40760fe63a744db98c844aa1b532f1618d417577ec9655bed857bda223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc35
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 13:31:01 GMT
server
nginx
traceparent
00-987b8729662b42f33f5afb2b509c10b7-6ec28035bcf2b437-01
etag
W/"65688e95-2c664"
x-cached-since
2023-12-12T08:57:00+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
cross-origin-resource-policy
cross-origin
x-id-fe
fr5-hw-edge-gc35
expires
Thu, 30 Nov 2023 13:43:08 GMT
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Wed, 11 Dec 2024 09:05:44 GMT
button_registration_ua.png
i3.i.ua/v2/mail/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/mail/button_registration_ua.png
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f991511863788a5cd9a942e983ab90e740cb9773c85d7643217493337c4c9e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:43 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Nov 2010 14:03:24 GMT
server
cloudflare
age
3544919
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344cea9aadd35f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
3383
expires
Thu, 31 Oct 2024 08:23:44 GMT
3_1_2.png
i.i.ua/r/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_1_2.png
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2006 16:33:08 GMT
server
cloudflare
age
2873156
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa2b6b35f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
2196
expires
Fri, 08 Nov 2024 02:59:48 GMT
hb_738585_17250.js
player.adtcdn.com/prebidlink/472881/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/472881/hb_738585_17250.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22fac23ccb614270d216693c693b77fa55c1f70697adadb977fec87ba172002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 17:21:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
291
etag
W/"656f5c32-603"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRDYBxJOI%2BVBBKvbxxacZ%2F3sNtpxQjk8o2maUk8tgSiwsjcC9UWs4brzfnILgd63JkndXuGzzoTqc4T%2BMgx94qltCKQXAE4%2FNZyG6BFvhc73RlweDFWt1EGm83A2jbFv1JTD2UAbc5gSe9KHmDU72Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
8344ceaa5c1c1917-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Dec 2023 09:15:53 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc2cb56fff3c10eb3f947a10bdc834285f0f6dc683f32a59093a903ab1e91b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29222
x-xss-protection
0
server
cafe
etag
474 / 19703 / 31080021 / config-hash: 11999804698944333348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:05:44 GMT
wrapper_hb_738585_17250.js
player.adtcdn.com/prebidlink/472881/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/472881/wrapper_hb_738585_17250.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fba677b115f54d9fd24bdcbdc9a135364921fe7e7b7620794d795d17654345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 17:21:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
291
etag
W/"656f5c32-9fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPbnYNRYpipPGPJU4Nlo9tLP4jqKFiQHX1Im2Jpu3N%2FYsBfYR5ivmB%2FRuk0MaBPsiQeTlryGNvvN8iJxUL98qx6DLBETCmB3NgRFnexfMcv2zJTplLjswW8c04UPuIDSYxuzqxX49YkNSfIr9s%2BNLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
8344ceaa5c1e1917-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Dec 2023 09:15:53 GMT
xgemius.js
kpmediagaua.hit.gemius.pl/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kpmediagaua.hit.gemius.pl/xgemius.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
3acde6ea47287711d6135843bc3c6e4f381e3cf6d12bba8f1651e2b606910854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 12:57:59 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
19517
expires
Tue, 12 Dec 2023 21:05:44 GMT
s
r.i.ua/ 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.i.ua/s?u100&p0&n0.6527174327794598&c1&d24&w1600&h1200&rmail.i.ua/%3F_url%3D/%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
no-cache, must-revalidate
cf-ray
8344ceaa2b6935f9-FRA
alt-svc
h3=":443"; ma=86400
expires
0
e.js
cdn.umh.ua/libs/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Sankt Augustin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
257ae897eb8307e45ebba08e4b65969625e876e20d3b99c9593f3e5bab3f7db0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block;
last-modified
Fri, 14 Oct 2022 11:29:20 GMT
server
nginx
etag
W/"63494810-2c5c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
X-PINGOTHER
expires
Wed, 13 Dec 2023 09:05:44 GMT
iua_logo.svg
i3.i.ua/v2/header2014/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/iua_logo.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d0602272ae1a1a50d071170b1d810f3a09925fe2e530a739663a7f12e3f98d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Aug 2014 12:51:49 GMT
server
cloudflare
age
1226460
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaa0b3a35f9-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 04:24:44 GMT
xtree_blue.png
i3.i.ua/v2/header2014/skin/winter/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/skin/winter/xtree_blue.png
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2303b7255401bd9397eebdcea376f70c725253d0b1e3c8c31a6f15390da253be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2011 10:50:06 GMT
server
cloudflare
age
990149
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b3c35f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
11941
expires
Fri, 29 Nov 2024 22:03:15 GMT
brandingleft_blue_day.png
i3.i.ua/v2/header2014/skin/winter/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/skin/winter/brandingleft_blue_day.png
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf40dbd9ac7bcfdc3b5715a31add6d9515a6ca9ea83242481f6ee496acaaa849

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2011 14:44:20 GMT
server
cloudflare
age
990149
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b3d35f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
14317
expires
Fri, 29 Nov 2024 22:03:15 GMT
brandingright_blue_day.png
i3.i.ua/v2/header2014/skin/winter/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/skin/winter/brandingright_blue_day.png
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337214d0914d6318337c9e59df0710b824942ace8c800f4bd85e1dbd47e34bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2011 14:44:20 GMT
server
cloudflare
age
957005
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b3e35f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
24602
expires
Sat, 30 Nov 2024 07:15:39 GMT
blue_day.png
i3.i.ua/v2/header2014/skin/winter/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/skin/winter/blue_day.png
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71604723f65bd247f578d1a2b876aff61ef3f5f3e05aed4cd07bb182b4811014

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2011 14:46:02 GMT
server
cloudflare
age
990149
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4035f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
3487
expires
Fri, 29 Nov 2024 22:03:15 GMT
branding_blue_day.png
i3.i.ua/v2/header2014/skin/winter/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/skin/winter/branding_blue_day.png
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f3c184c1810a331ad2a0ca125b30f2de1af11405d1849e9f1237a2a1205c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2011 14:36:24 GMT
server
cloudflare
age
990149
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4235f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
14953
expires
Fri, 29 Nov 2024 22:03:15 GMT
brandingbg_blue_day.png
i3.i.ua/v2/header2014/skin/winter/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/skin/winter/brandingbg_blue_day.png
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fececa76e51743397de4d63925b41e27f67fc31fab7d1bd0f0f016d74eac7b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2011 14:33:18 GMT
server
cloudflare
age
990149
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4435f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
30469
expires
Fri, 29 Nov 2024 22:03:15 GMT
shadow_bottom_bg.png
i3.i.ua/v2/bg/ 		118 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/bg/shadow_bottom_bg.png?r
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41478a8574c785058d0145576d696cd83de38a293b6f20d553bc5f69c78501e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2010 09:49:50 GMT
server
cloudflare
age
2956199
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4535f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
118
expires
Thu, 07 Nov 2024 03:55:45 GMT
corners_border_blue_shadow.png
i3.i.ua/v2/gamma/ 		562 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/gamma/corners_border_blue_shadow.png?r
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce8ab21f20c49ac4f5f581cbf8dde59b5c314ed7c97c6fbb1a1e21e6b63541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2010 09:04:04 GMT
server
cloudflare
age
1133741
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4635f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
562
expires
Thu, 28 Nov 2024 06:10:02 GMT
top_gradient_bg_blue.png
i3.i.ua/v2/gamma/ 		155 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/gamma/top_gradient_bg_blue.png?r
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0754399a6b65b8ec41171e4462edad8a3105cb0e624aceb45d64b05d718b8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Dec 2010 12:45:48 GMT
server
cloudflare
age
3629313
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4935f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
155
expires
Wed, 30 Oct 2024 08:57:11 GMT
mail_main_screen_ua_1.png
i3.i.ua/v2/mail/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/mail/mail_main_screen_ua_1.png?1
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1d11f1337506016b8a8aebd681ea681a2d3814d95d91706b362a9e835a23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Jul 2012 08:32:40 GMT
server
cloudflare
age
2929664
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4a35f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
30388
expires
Thu, 07 Nov 2024 11:18:00 GMT
search_letter_ua.png
i3.i.ua/v2/mail/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/mail/search_letter_ua.png?1
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e192c46bc94d4b82876ea77dfa89178ddc94448838f4b778ef8094d40dbbed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2011 14:17:19 GMT
server
cloudflare
age
1041322
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4c35f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
3903
expires
Fri, 29 Nov 2024 07:50:21 GMT
mail_main_screen_ua_2.png
i3.i.ua/v2/mail/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/mail/mail_main_screen_ua_2.png?1
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a82d67fbd8c8f33b22a6695fdc31b2ea98f68bcd5f11638dadb39bead51b01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2011 13:56:15 GMT
server
cloudflare
age
964337
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa0b4d35f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
1580
expires
Sat, 30 Nov 2024 05:13:27 GMT
numbers_letter_ua.png
i3.i.ua/v2/mail/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/mail/numbers_letter_ua.png?1
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
244d49b6e5b41166e0dc0ce3727e4dbed9b9783efa6d77891c96eda2c545c7c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2011 14:16:46 GMT
server
cloudflare
age
1149016
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8344ceaa2b6635f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
3577
expires
Thu, 28 Nov 2024 01:55:27 GMT
i_radio.svg
i3.i.ua/v2/header2014/sections/ 		2 KB
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_radio.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4af9cf7fd74a43e7640f0d828823068c6d6dfe7688ca8a122cc1cf6fd6ca03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Sep 2014 11:06:56 GMT
server
cloudflare
age
1223154
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaa2b6735f9-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 05:19:50 GMT
z
s.zmctrack.net/ Frame 47EA 		55 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
177476a3a84722cd966c2d2a2c91762e9d28857739500da230cb7ecfc03d1399

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
24461
expires
Thu, 01 Jan 1970 00:00:01 GMT
main.js
mail.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 3900
Redirect Chain
  • https://mail.i.ua/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://mail.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ecc58418e617c747f0ebc35e7ef6e70044d1e9719bb2cd0b78070844e03648
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8344ceaa7bac35f9-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 12 Dec 2023 09:05:44 GMT
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8344ceaa4b7f35f9-FRA
alt-svc
h3=":443"; ma=86400
hbp_master_738585_17250.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 		452 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_738585_17250.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/472881/hb_738585_17250.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
4888da081350832551211e0cf8535bce5ca4663a313cc3df2476a3486728e840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 13 Dec 2023 09:05:44 GMT
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 19:52:12 GMT
server
nginx
etag
W/"6542ac6c-70faa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_738585_17250.js
player.adtelligent.com/prebidlink/1OKLR/ 		139 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/1OKLR/hbw_master_738585_17250.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/472881/wrapper_hb_738585_17250.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0fa18d19a86844b255321cd7be5ab5617cc97821b19721d8e884c8b99b7d7d4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 13 Dec 2023 09:05:44 GMT
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2023 17:21:54 GMT
server
nginx
etag
W/"656f5c32-22d8a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
load
z.cdn.umh.ua/ 		0
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1486955458&div=zone_1486955458&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Sankt Augustin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
cache-control
no-cache, must-revalidate
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1455178522&div=zone_1455178522&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Sankt Augustin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
8b5bd8933f666a7f33af4f9f738d5218de828b4f13f670bef8fea71e25a398bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-length
1005
expires
-1
load
z.cdn.umh.ua/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1737613027&div=zone_1737613027&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Sankt Augustin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
1529458c37bff2e35cc59227716069b4b31d902505b7a4c0688d27821538b49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-length
1566
expires
-1
load
z.cdn.umh.ua/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1703792907&div=zone_1703792907&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Sankt Augustin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
51bea6ed07028434e168fbec1f0f86c448049b241e5923bcf5fd7f824dfb313f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
1642
expires
-1
8344cea8696835f9
mail.i.ua/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3900 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mail.i.ua/cdn-cgi/challenge-platform/h/b/jsd/r/8344cea8696835f9
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
server
cloudflare
cf-ray
8344ceabffb3380a-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
sync
ssbsync.smartadserver.com/api/ Frame D0F4 		9 B
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1455178522&div=zone_1455178522&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.122 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
9
content-type
text/plain; charset=utf-8
date
Tue, 12 Dec 2023 09:05:44 GMT
i.ua.971124.js
jsc.mgid.com/i/u/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/i/u/i.ua.971124.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1455178522&div=zone_1455178522&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eb3d8130e2d91cd2fe730fe82b5038a4c136ff6a8ee579d41ff9961d6d1a002
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
x-amz-version-id
xTKsAkl9yjiwcdhBFdW6xpSAcos6XbYZ
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
PCB4XEQW4JW7CB2V
age
2351
cf-polished
origSize=3743
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
V9i986VM/InO0vuSHeOPCRdgVXrsX8OA2dt8G4PPZrz5ZH4lu4Hwk6gnG0p4TKh1HKH9es5YpmgqQTxPXagrCQz1vvhbbn5S
cf-bgj
minify
last-modified
Tue, 28 Nov 2023 09:18:09 GMT
server
cloudflare
etag
W/"8f3d870e02c02801f241b06e8121f31a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8344ceac5e7e18cd-FRA
expires
Tue, 12 Dec 2023 12:05:44 GMT
smc
z.cdn.adtarget.market/ 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.cdn.adtarget.market/smc?s=18956&u=85d54f28689b6437
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:04:31 GMT
server
nginx
smc
z.cdn.adtarget.market/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.cdn.adtarget.market/smc?s=158&u=85d54f28689b6437
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:04:31 GMT
server
nginx
smc
z.cdn.adtarget.market/ 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.cdn.adtarget.market/smc?s=201&u=85d54f28689b6437
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
5.79.65.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:04:31 GMT
server
nginx
content-length
0
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sync
ssbsync.smartadserver.com/api/ Frame 7C23 		9 B
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1703792907&div=zone_1703792907&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.122 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
9
content-type
text/plain; charset=utf-8
date
Tue, 12 Dec 2023 09:05:44 GMT
main.js
go.rcvlink.com/static/ Frame F01E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/main.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1703792907&div=zone_1703792907&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
3610ab58586e4ac937af60fe2e086cd4d6385568d85a4c94bdbe086df6a261fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 09:51:05 GMT
server
nginx
etag
W/"64f6fa09-1926"
content-type
application/javascript
cache-control
max-age=86400
expires
Wed, 13 Dec 2023 09:05:44 GMT
sync
ssbsync.smartadserver.com/api/ Frame 1F4B 		9 B
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1737613027&div=zone_1737613027&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=586&pl=3&mi=4&me=8&hc=4&n=1702371944093&url=mail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9F%D0%BE%D1%88%D1%82%D0%B0%20-%20%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%20%D0%BF%D0%BE%D1%88%D1%82%D0%B0%20%D0%B7%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D1%96%20%40email.ua%2C%20%D1%81%D1%82%D0%B2%D0%BE%D1%80%D1%96%D1%82%D1%8C%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D1%83%C2%A0&zyx=3386840418
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.122 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
9
content-type
text/plain; charset=utf-8
date
Tue, 12 Dec 2023 09:05:44 GMT
fpdata.js
kpmediagaua.hit.gemius.pl/ 		273 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kpmediagaua.hit.gemius.pl/fpdata.js?href=mail.i.ua
Requested by
Host: kpmediagaua.hit.gemius.pl
URL: https://kpmediagaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
c15e3418b4ac072eed73a69cccca4e7167c566d4329b48e1637b57cc89205974

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
273
expires
Thu, 11 Jan 2024 09:05:44 GMT
lsget.html
ls.hit.gemius.pl/ Frame C6DE 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: kpmediagaua.hit.gemius.pl
URL: https://kpmediagaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
65029e900759a60f601706d0c795dbd1448e8214a9edcbf371673a6e0dd6a86e

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2710
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:05:44 GMT
etag
PRIVATE7520710249
expires
Thu, 11 Jan 2024 09:05:44 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 10:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80935
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Dec 2024 10:36:49 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=mail.i.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
472ab3eca492a98354bfe4640f61b328bc3c81a213cd8e04032cfe046568e0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137722
x-xss-protection
0
server
cafe
etag
2728771338964696583
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:05:44 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 99AD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 04:04:50 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 04:04:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c.html
cdn.admixer.net/scripts3/65416/ Frame AB9A 		738 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/65416/c.html?b=65416
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 09:05:44 GMT
etag
W/"65688eac-2e2"
expires
Sat, 07 Dec 2024 10:38:20 GMT
last-modified
Thu, 30 Nov 2023 13:31:24 GMT
server
nginx
traceparent
00-d0f3c56207ad8149f5e8e6579a7f4ec1-3a0b20745a20a46d-01
vary
Accept-Encoding
x-cached-since
2023-12-07T10:38:51+00:00
x-id
fr5-hw-edge-gc35
x-id-fe
fr5-hw-edge-gc35
5b595623a626a1a17030.b.js
cdn.admixer.net/scripts3/65416/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/65416/5b595623a626a1a17030.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
008506a053ee25e0c163958199289bea93a59974dac377d046c0bc59d89185df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc35
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 13:31:14 GMT
server
nginx
traceparent
00-c270befd8ae27f9fa759ee96afca887a-a5aaeccc33320291-01
etag
W/"65688ea2-9501"
vary
Accept-Encoding
x-cached-since
2023-12-01T13:09:42+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-id-fe
fr5-hw-edge-gc35
expires
Sun, 01 Dec 2024 13:09:15 GMT
48a5e2947283a4c470b7.b.js
cdn.admixer.net/scripts3/65416/ 		78 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/65416/48a5e2947283a4c470b7.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d24cc4f95e97c25a9f2724dc01d909dadb52d8ded26ac9d12c577bbc9cedb7fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc35
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 13:31:12 GMT
server
nginx
traceparent
00-e8171c29e3326236d764ca08f4b47cf1-0e635ae42b980397-01
etag
W/"65688ea0-139e3"
vary
Accept-Encoding
x-cached-since
2023-11-30T13:33:34+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-id-fe
fr5-hw-edge-gc35
expires
Sat, 30 Nov 2024 13:33:08 GMT
/
sghb.adtelligent.com/geo/ 		156 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1OKLR/hbw_master_738585_17250.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1655ac55bcd6a12d606295310f4aeb0bdfbffbc9735f697045d5097ab74552f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:43 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://mail.i.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
156
tracking
sghb.adtelligent.com/adunit/ 		43 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=738585&site_id=17250&full_page_url=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&adid=24av25.ik&features=81952&vpbv=N214&tte=403&lifecycle_tte=880
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1OKLR/hbw_master_738585_17250.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:43 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://mail.i.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
config.json
player.adtelligent.com/exchange_rates/738581/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/738581/config.json?cb=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_738585_17250.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d2d56e94556e81fa9c97b7c6c205815afdd259bcdc70ec71533b3886366ad125

Request headers

Referer
https://mail.i.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 13 Dec 2023 09:05:44 GMT
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 12:01:41 GMT
server
nginx
etag
W/"65648525-8f4"
content-type
application/json
access-control-allow-origin
https://mail.i.ua
cache-control
max-age=86400
x-proxy-cache
HIT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
1247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24502
x-xss-protection
0
server
cafe
etag
8172479049841164170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:44:57 GMT
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=a53ba11b65b2de75&d=mail.i.ua
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 09:05:44 GMT
server
openresty
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3149432591697351&correlator=496859457232185&eid=31079827%2C31080021%2C44807689%2C31080115%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21861267298%2Ci.ua%2Cpremium_side_banner%2Ctop_banner&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x600%7C300x250%2C728x90%7C970x90&ifi=2&didk=1634572648~1946130967&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702371944594&lmt=1702371944&adxs=-9%2C436&adys=-9%2C64&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&rumc=3149432591697351&rume=1&vis=1&psz=0x-1%7C728x0&msz=0x-1%7C728x0&fws=2%2C4&ohw=0%2C730&ga_vid=1723165925.1702371945&ga_sid=1702371945&ga_hid=605160339&ga_fc=false&dlt=1702371943909&idt=649&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-i.ua%252Fpremium_side_banner%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-i.ua%252Ftop_banner%26excl_cat%3DPREPOST&adks=689876223%2C2789103602&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc4173b5d971092a2348e789557335dd25ee12f66a7d515f7e0dca784f08966b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15090
x-xss-protection
0
google-lineitem-id
-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mail.i.ua
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
736d068f792bbbd2cd3286c2b65ddd4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3EDB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://736d068f792bbbd2cd3286c2b65ddd4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:05:44 GMT
expires
Wed, 11 Dec 2024 09:05:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csyncs
sghb.adtelligent.com/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/csyncs?aid1=804476&aid2=852559&gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1OKLR/hbw_master_738585_17250.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e9710e51e46c0a26d27d206d57af3008db98cdca987c3be5334c961021be3d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:43 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://mail.i.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
918
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=mail.i.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
393f0553def67e5d57da3b8e65dec4c5b5b4392f04337436730b0fdea0abbced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:18:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
42406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21996
x-xss-protection
0
server
cafe
etag
14766420975578547412
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 21:18:58 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4377 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1702371944&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702371944334&bpp=2&bdt=425&idt=274&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7625872996380&rume=1&frm=20&pv=2&ga_vid=1723165925.1702371945&ga_sid=1702371945&ga_hid=605160339&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079924%2C31080103%2C42531705%2C95320870%2C95320885%2C31061691%2C31061693&oid=2&pvsid=3149432591697351&tmod=1526671711&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=286
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=mail.i.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:05:44 GMT
expires
Tue, 12 Dec 2023 09:05:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rexdot.js
kpmediagaua.hit.gemius.pl/__/_1702371944623/
Redirect Chain
  • https://kpmediagaua.hit.gemius.pl/_1702371944623/rexdot.js?l=100&sendf=24&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%...
  • https://kpmediagaua.hit.gemius.pl/__/_1702371944623/rexdot.js?l=100&sendf=24&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%...
169 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kpmediagaua.hit.gemius.pl/__/_1702371944623/rexdot.js?l=100&sendf=24&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=IXV2C99reInKFSODxceOI.kQkNIJlr51cCivywBaUoH.577MmwSNammP_DRD0vDR7FAERvw4ArGWjGghAVvoQHMhMU9_/owJgoQv_y59SQ/&fpdata=-TURNEDOFF&ltime=308&fr=1&ref=&inner=_ver%3D346%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6578226812baea7c&brts=1702371944
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
55ebe97a2ccdcc5a926252b225bcab2251e3088fb65d761930018d444759f819

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Mon, 11 Dec 2023 09:05:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1702371944623/rexdot.js?l=100&sendf=24&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=IXV2C99reInKFSODxceOI.kQkNIJlr51cCivywBaUoH.577MmwSNammP_DRD0vDR7FAERvw4ArGWjGghAVvoQHMhMU9_/owJgoQv_y59SQ/&fpdata=-TURNEDOFF&ltime=308&fr=1&ref=&inner=_ver%3D346%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6578226812baea7c&brts=1702371944
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 11 Dec 2023 09:05:44 GMT
i.ua.971124.es6.js
jsc.mgid.com/i/u/ 		336 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/i/u/i.ua.971124.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d7da35bcd9bae6d7ab060ab6071e48e276c6c2c486985fbfc51687b1ddb678
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://mail.i.ua/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
x-amz-version-id
k9.X7fWJ4nROFdHgTO_e6caN6kj3uKzf
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
4Q0M7GE61X8X1DQ2
age
430
cf-polished
origSize=343776
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
twtt+m7fsIVqNPNG2mmOPGeaS/tqKN1ai02CDDDoqPNApQqqSXpYbKE45eGf9yc4OWASS/i2kuM=
cf-bgj
minify
last-modified
Tue, 28 Nov 2023 09:18:08 GMT
server
cloudflare
etag
W/"70cf30d0389b4173dd18809aaf6ae313"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8344ceae2c764d37-FRA
expires
Tue, 12 Dec 2023 12:05:44 GMT
1
go.rcvlink.com/cs/1/ Frame F01E 		31 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
60169bd3547d9fa4414e6a31dc6fa32b54d419822b712eca6942780e0ab195fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 09:05:44 GMT
cache-control
private, max-age=63115200
content-encoding
gzip
content-type
text/javascript;charset=utf-8
server
nginx
expires
Thu, 11 Dec 2025 23:05:44 +0200
/
ads.us.e-planning.net/uspd/1/ Frame 2B80
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26p...
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D85255...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1OKLR/hbw_master_738585_17250.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
90d45ef29e6bf562a2ba2cd5c2cd10b012424963627c655d3fb2e49802dc51f3

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 09:05:44 GMT
expires
Tue, 12 Dec 2023 09:05:44 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 12 Dec 2023 09:05:44 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
/
ssc-cms.33across.com/ps/ Frame 5007 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1OKLR/hbw_master_738585_17250.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
server
33XP014
x-33x-status
2000208
csync
sync.adtelligent.com/ Frame 332D
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1OKLR/hbw_master_738585_17250.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:05:44 GMT
Etag
fd82b5ee5ec64a52
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 12 Dec 2023 09:05:44 GMT
expires
Tue, 12 Dec 2023 09:05:44 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1885%26sp%3...
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f3ad8a9a-d963-4e3b-b18d-d9a87c1f52ab&traffic_source=snippet&session=369CBC6FE53C1885&sp=804476&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f3ad8a9a-d963-4e3b-b18d-d9a87c1f52ab&traffic_source=snippet&session=369CBC6FE53C1885&sp=804476&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:44 GMT
Server
Adtelligent
Etag
fd82b5ee5ec64a52
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f3ad8a9a-d963-4e3b-b18d-d9a87c1f52ab&traffic_source=snippet&session=369CBC6FE53C1885&sp=804476&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
date
Tue, 12 Dec 2023 09:05:44 GMT
cache-control
no-store no-transform
server
nginx
content-length
322
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1885%26sp%3D804476%26pb%3D283366%26c%3D675886%26a%3D310570%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Dec 2023 09:05:44 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=fd82b5ee5ec64a52
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:05:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sync
cookies.nextmillmedia.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1885%26sp%3D804476%26pb%3D283366%26c%3D719582%26a%3D722242%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-6.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484067%26a%3D310570%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Dec 2023 09:05:44 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3...
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3af77f91-9e39-4784-b9a6-41bf8a74eb91&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=603469&a=307558&gdpr=0&gdpr_source...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3af77f91-9e39-4784-b9a6-41bf8a74eb91&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=603469&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:44 GMT
Server
Adtelligent
Etag
fd82b5ee5ec64a52
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3af77f91-9e39-4784-b9a6-41bf8a74eb91&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=603469&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
date
Tue, 12 Dec 2023 09:05:44 GMT
cache-control
no-store no-transform
server
nginx
content-length
322
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D751004%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D369CB...
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=5914369837483185201&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=736651&a=751004&gdpr=0&gdpr_source=&gdpr_consent=
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=5914369837483185201&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=736651&a=751004&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:44 GMT
Server
Adtelligent
Etag
fd82b5ee5ec64a52
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
an-x-request-uuid
3158b78b-586c-48db-8933-15aebed2f06d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=5914369837483185201&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=736651&a=751004&gdpr=0&gdpr_source=&gdpr_consent=
x-proxy-origin
84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26traffic_source%3Dsnippet%26sessio...
  • https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=d6cdb8a9-c0b0-4aef-ad68-4bb2b89fc7d2&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=746141&a=753378&gdpr=0&gdpr_source...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=d6cdb8a9-c0b0-4aef-ad68-4bb2b89fc7d2&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=746141&a=753378&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:44 GMT
Server
Adtelligent
Etag
fd82b5ee5ec64a52
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:44 GMT
Transfer-Encoding
chunked
Location
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=d6cdb8a9-c0b0-4aef-ad68-4bb2b89fc7d2&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=746141&a=753378&gdpr=0&gdpr_source=&gdpr_consent=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D369CB...
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=870914631770431160&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=529070&a=297253&gdpr=0&gdpr_source=&gdpr_consent=
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=870914631770431160&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=529070&a=297253&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:44 GMT
Server
Adtelligent
Etag
fd82b5ee5ec64a52
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
an-x-request-uuid
77d74925-14f0-4901-bff1-3c81e269697c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=870914631770431160&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=529070&a=297253&gdpr=0&gdpr_source=&gdpr_consent=
x-proxy-origin
84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D632122%26a%3D556847%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D369CB...
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3154478265322083504&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=635609&a=584890&gdpr=0&gdpr_source=&gdpr_consent=
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3154478265322083504&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=635609&a=584890&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:44 GMT
Server
Adtelligent
Etag
fd82b5ee5ec64a52
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
an-x-request-uuid
628e6d1f-b982-4994-ae10-077e895ea4f5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3154478265322083504&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=635609&a=584890&gdpr=0&gdpr_source=&gdpr_consent=
x-proxy-origin
84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lq24av95&c=3149432591697351&e=44759876%2C44759927%2C44759837%2C95320239%2C31079924%2C31080103%2C42531705%2C31061691%2C31061693&ctx=1&met.6=6.1_CgwYzAQgzgEqBAgIEgAKDBj-BiCBASoECAgSAA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.htm
go.rcvlink.com/static/ Frame 2FF7 		19 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/iframe.htm
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d80935360fca46968bdc6d751c7178e8f224eb12537892e0c9b0a7bd16eef73c

Request headers

Referer
https://mail.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 09:05:44 GMT
etag
W/"65417aa6-4ca8"
expires
Wed, 13 Dec 2023 09:05:44 GMT
last-modified
Tue, 31 Oct 2023 22:07:34 GMT
server
nginx
/
go.rcvlink.com/bdto/WckOTW32bU/ Frame 2FF7 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/WckOTW32bU/?cache=t57Y7NfUum7-&ver=231101-0007&w=1568&h=0&vw=1600&ms=379.0&pb=1&me=0&ref=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
c64ebbe91423295cf2d42239beb066b22d8706724664f6cff0f52510fb8a5d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Tue, 12 Dec 2023 09:05:44 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type
application/json
hn
b29
cache-control
no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin
*
expires
Tue, 12 Dec 2023 11:05:44 +0200
97ff79aaba13727ef66c6b9bb74a0634
st11.rcvlink.com/2/200/ Frame 2FF7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/200/97ff79aaba13727ef66c6b9bb74a0634
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e41bd3b8641f3dfe297a253350bea1fbbaecd985c32fcc8dfa0fe0763a5058ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
last-modified
Thu, 30 Nov 2023 16:35:52 GMT
server
nginx
etag
"6568b9e8-12636"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
6214
expires
Mon, 11 Mar 2024 09:05:44 GMT
bd0c93fba5d5a7e3b2225e3cb4514faf
st11.rcvlink.com/2/200/ Frame 2FF7 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/200/bd0c93fba5d5a7e3b2225e3cb4514faf
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
50e2a5f33637de4ee4d09282dee4ab89bb7062106beb01baa4fe97cbdddf25e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
last-modified
Thu, 30 Nov 2023 17:35:33 GMT
server
nginx
etag
"6568c7e5-17e6a"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
5566
expires
Mon, 11 Mar 2024 09:05:44 GMT
53961854a9f811a497a88107c3039de5
st11.rcvlink.com/2/200/ Frame 2FF7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/200/53961854a9f811a497a88107c3039de5
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
9a7243451921227894ad5f7c2adad8e72a5623bba8b1989df1bf41c273e1042b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
last-modified
Thu, 30 Nov 2023 16:24:57 GMT
server
nginx
etag
"6568b759-12527"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
3938
expires
Mon, 11 Mar 2024 09:05:44 GMT
gt.svg
go.rcvlink.com/img/ Frame 2FF7 		219 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/gt.svg
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
56d1f1f3e5b1add4f774ea6c58dbb722abd040454ccc1cc1ce38e9fe98e9021d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
last-modified
Tue, 22 Jan 2019 19:51:29 GMT
server
nginx
etag
"5c477441-db"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
219
expires
Tue, 19 Dec 2023 09:05:44 GMT
logo160.png
go.rcvlink.com/img/ Frame 2FF7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Tue, 19 Dec 2023 09:05:44 GMT
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9da88e942e6aee489526e53e74f2eebe0788e57037a3056a4e883014f326d7d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
z
s.zmctrack.net/ Frame C5DF 		102 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
31483c8f04ed064965e287052547eab869bdff9e71e45e9a1e18e753f42f2b2c

Request headers

Content-language
eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://mail.i.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
pbs.gif
sync.admanmedia.com/ Frame 2B80 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dbac73b088ae07ba7%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.26 Greenfield, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 12 Dec 2023 09:05:47 GMT
Server
nginx/1.18.0 (Ubuntu)
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 2B80 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 10 Dec 2028 09:05:44 GMT
um
u-ams03.e-planning.net/ Frame 2B80
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dbac73b088ae07ba7%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=bac73b088ae07ba7&uid=3154478265322083504
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=bac73b088ae07ba7&uid=3154478265322083504
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

server
openresty
date
Tue, 12 Dec 2023 09:05:44 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
an-x-request-uuid
33cdba02-3147-4a42-8395-617d9cdb6ee4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=bac73b088ae07ba7&uid=3154478265322083504
x-proxy-origin
84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 2B80
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dbac73b088ae07ba7%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=bac73b088ae07ba7&uid=ua-355a5eeb-4c73-3c99-9ec4-d0ae0ca938b0
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=bac73b088ae07ba7&uid=ua-355a5eeb-4c73-3c99-9ec4-d0ae0ca938b0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

server
openresty
date
Tue, 12 Dec 2023 09:05:45 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=bac73b088ae07ba7&uid=ua-355a5eeb-4c73-3c99-9ec4-d0ae0ca938b0
pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/universal/ Frame 2B80 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.159.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-159-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
us
sync.go.sonobi.com/ Frame 2B80 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dbac73b088ae07ba7%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-193
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 2B80 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dbac73b088ae07ba7%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 2B80
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=bac73b088ae07ba7
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=bac73b088ae07ba7
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=bac73b088ae07ba7
date
Tue, 12 Dec 2023 09:05:44 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 2B80 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.159.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-159-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D833 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dbac73b088ae07ba7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36880
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:05:44 GMT
expires
Tue, 12 Dec 2023 19:20:24 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CEB4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 09:05:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 09:05:44 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 2CBB
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
2 KB
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
542cc46f11a70013658d2dd9e62d2c55fb5f1061c53e44c4c4d71ed43bcdf3e1

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8344ceafc8404516-TXL
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 09:05:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFUS3EZg8rt9ba%2FPYfVQa4DgLOZS0JG3jLkNkRZy%2F7n0r%2Bge3liq8TWkqP60vvaI4F8PTW9m3UaBki4N5pV%2BU1r4PobHsRk44qfQ4qzMP6K2CwCKuWSbgKG5w3%2BTsavzh64VHTc%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8344ceaf4ed84516-TXL
content-length
0
date
Tue, 12 Dec 2023 09:05:44 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OipEUYCq6eyRpa0PfDqt28pAn9j9yPxYot4vcNsiXA6xjid5FuaWokd%2FsZlaBhd95aNR5BEG0bBO4Q%2BFx9cxUA9GzQYE6ELeiSVPgvdszD8Himqktzq%2B2Z41Q5jm3bxWKxudJ8l0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 831B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 447A 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
860e537ddfaa2df1dc73ba7fd8bf180cbb21bc9d0441a9b8ab436bad1032df6b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
8344ceaf39a3bbcb-FRA
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 09:05:44 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
24d13c3d-24b6-4ef8-b2bf-77a0ab4a65d6
https://mail.i.ua/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mail.i.ua/24d13c3d-24b6-4ef8-b2bf-77a0ab4a65d6
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
7ebdcb6e-60b2-4201-a691-a313053b6273
https://mail.i.ua/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mail.i.ua/7ebdcb6e-60b2-4201-a691-a313053b6273
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
c.mgid.com/pv/ 		43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?lu=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&cbuster=1702371944795796597352&pvid=18c5d46695bb0e34244&implVersion=11&cxurl=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&site=423244&i=1&scum=%3F0&scuw=%3F0
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8344ceaf19a618cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
i_mail.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_mail.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebbc5c5d4df8cd4d73deec122f1920fd2387a5dd732bd0530c552fb724881b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Sep 2014 08:29:44 GMT
server
cloudflare
age
2439424
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bb6380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Nov 2024 03:28:40 GMT
i_finance.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_finance.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07a6552fe34fd360d7d21dccd4beb9483a0eb7fe40722d03939a94bc3ad6a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Sep 2014 11:54:20 GMT
server
cloudflare
age
969259
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bb7380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Nov 2024 03:51:25 GMT
i_map.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_map.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfb90a3105673d42d9c01f46315177ff97007aafc4719c2cff449fee59a9837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Sep 2014 11:58:52 GMT
server
cloudflare
age
961720
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bb9380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Nov 2024 05:57:04 GMT
i_tv.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_tv.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e0d473d7efcb21c4a9771ad16f2ba9ecca65604a7ea3766623b712083488c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Sep 2014 07:23:52 GMT
server
cloudflare
age
2516205
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bba380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Nov 2024 06:08:59 GMT
i_weather.svg
i3.i.ua/v2/header2014/sections/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_weather.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b2d6c5e0f307028d435580a2b035a2d4216257253e152cf40097979a2e738b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Sep 2014 11:49:22 GMT
server
cloudflare
age
1225186
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bbb380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 04:45:58 GMT
i_sagittarius.svg
i3.i.ua/v2/header2014/horoscope/ 		1 KB
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/horoscope/i_sagittarius.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e239ed95f8ae115d26ffc1853c294dc0600f1ea2ccf1579168e55771d7967fac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Sep 2014 13:17:45 GMT
server
cloudflare
age
1053503
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bbe380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Nov 2024 04:27:21 GMT
i_music.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_music.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d208f358df51b848ef558ec83caf90f820d52c809ea658af48bff5faa6c4d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Sep 2014 13:30:42 GMT
server
cloudflare
age
3467418
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bbf380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Nov 2024 05:55:26 GMT
i_kino.svg
i3.i.ua/v2/header2014/sections/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_kino.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac15ec9e401122665e1a33cd2153863fc6987b4cd251600b80797b90557f262d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Sep 2014 11:57:52 GMT
server
cloudflare
age
1136945
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bc1380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Nov 2024 05:16:39 GMT
i_perevod.svg
i3.i.ua/v2/header2014/sections/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_perevod.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f016774df5e59fc8f05121990145bcd52ff2abc3d9076e81372c9c30c75b0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Sep 2014 11:45:52 GMT
server
cloudflare
age
958731
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bc2380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Nov 2024 06:46:53 GMT
i_org.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_org.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84d54f4e96317f8e291920e22df78f0cb124b96bd77e100ba5b1ad169e31e4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Sep 2014 14:04:45 GMT
server
cloudflare
age
2867680
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bc4380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Nov 2024 04:31:04 GMT
i_files.svg
i3.i.ua/v2/header2014/sections/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_files.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452d9c1844b0c1058c0d493e2b1f6c1d40d1e0f43232424705b273ba211358fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Sep 2014 14:25:50 GMT
server
cloudflare
age
1218287
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bc6380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 06:40:57 GMT
i_job.svg
i3.i.ua/v2/header2014/sections/ 		2 KB
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_job.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f594dcd7eac776282211980f6ce750ad8acdcdbe6ebde40c4c922cfb5786f5af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Sep 2014 08:47:26 GMT
server
cloudflare
age
963405
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bc8380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Nov 2024 05:28:59 GMT
i_catalog.svg
i3.i.ua/v2/header2014/sections/ 		738 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_catalog.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb4c057874d7d33d0749efb027fa72e6b605721a1feabe5bddfb56232d5e04f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Sep 2014 16:02:50 GMT
server
cloudflare
age
1136944
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bca380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Nov 2024 05:16:40 GMT
i_links.svg
i3.i.ua/v2/header2014/sections/ 		822 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_links.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20bacb42e7edfc7a932b2550925cd03d906e2227f0544edaa9d316e69aadfc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Sep 2014 13:49:36 GMT
server
cloudflare
age
2516205
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bcb380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Nov 2024 06:08:59 GMT
i_rss.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_rss.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c45f51143e6594b411d4380226d7a5796b2ee70891aadaf2a9cc4b482db479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Sep 2014 11:56:26 GMT
server
cloudflare
age
957991
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bcd380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Nov 2024 06:59:13 GMT
i_board.svg
i3.i.ua/v2/header2014/sections/ 		711 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_board.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724e76e07862b2791ab59ce70d9dc7f779f72315b168c99ff47ca61e052bfe66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Sep 2014 13:05:15 GMT
server
cloudflare
age
1061308
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bcf380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Nov 2024 02:17:16 GMT
i_news.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_news.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa4bf0728088a381a214a7df2808814c419a6e0cfcf6f416c1407a9eab79c0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Sep 2014 06:55:34 GMT
server
cloudflare
age
2867680
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bd0380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Nov 2024 04:31:04 GMT
i_otvet.svg
i3.i.ua/v2/header2014/sections/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_otvet.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171f09fd80d84f8a25f6f9720003055a429d9692a79646acfbd5b397eb32a273

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Sep 2014 11:55:48 GMT
server
cloudflare
age
1221108
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bd1380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 05:53:56 GMT
i_oboi.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_oboi.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ca33ff5409cd49923396fc75dbcc4095140221712ceae0d690acbf1ab146da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Sep 2014 12:00:40 GMT
server
cloudflare
age
2429107
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bd4380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Nov 2024 06:20:37 GMT
i_cards.svg
i3.i.ua/v2/header2014/sections/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_cards.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ada7d1cd0a5eafe15c197eaffb3c894215be85317b53247d707da723ff17f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Sep 2014 10:38:20 GMT
server
cloudflare
age
2775627
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bd5380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Nov 2024 06:05:17 GMT
i_group.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_group.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac124562d4e62b5f41f02e8112ee595f502823a4dc3ca464ce0b242750ff99ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Sep 2014 13:00:40 GMT
server
cloudflare
age
1215231
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bd7380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 07:31:53 GMT
i_narod.svg
i3.i.ua/v2/header2014/sections/ 		1010 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_narod.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3569c9eb61df167a8ebb076fdf347d90c541bdfc2aa240c6f96bd43bf9389483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Sep 2014 08:13:14 GMT
server
cloudflare
age
2429107
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bdb380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Nov 2024 06:20:37 GMT
i_prikol.svg
i3.i.ua/v2/header2014/sections/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_prikol.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed712b40814e5fd57231d9c472f6cdfcf76c03abac37b2fdc70d2913e5c3487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Sep 2014 13:39:24 GMT
server
cloudflare
age
3649839
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4bdf380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 30 Oct 2024 03:15:05 GMT
i_love.svg
i3.i.ua/v2/header2014/sections/ 		911 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_love.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0e6bcc3981eff2f7a6fd41c8be5a86536c92430eb80aca24ab3ea37b25efae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Sep 2014 08:10:42 GMT
server
cloudflare
age
1215231
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4be0380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 07:31:53 GMT
i_photo.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_photo.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892a3f68ef325ee1b088af1095e00462a097085b5b6e2068f63864f12b1e301b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Sep 2014 11:59:34 GMT
server
cloudflare
age
2781859
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4be2380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Nov 2024 04:21:25 GMT
i_blog.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_blog.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc85d029a7d31ef37c550c5f7b3dde8bee645268b15998093044b5d1665f5fac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Sep 2014 09:06:46 GMT
server
cloudflare
age
1225186
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4be5380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 04:45:58 GMT
i_video.svg
i3.i.ua/v2/header2014/sections/ 		1 KB
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_video.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be3f4982564309b2d6b0fb729f11fd1cd0fbe5b9b0c1ff940dcc17a18e5727b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Sep 2014 10:27:58 GMT
server
cloudflare
age
961720
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4be8380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Nov 2024 05:57:04 GMT
i_cook.svg
i3.i.ua/v2/header2014/sections/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.i.ua/v2/header2014/sections/i_cook.svg
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b45b437a8660ba95b8dfe43aa2d97eedb985e102f8f19bcba82a935c5d27aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Sep 2014 11:29:14 GMT
server
cloudflare
age
2781859
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8344ceaf4be9380a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Nov 2024 04:21:25 GMT
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 08:23:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 09:05:44 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 07:13:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 09:05:44 GMT
getuid
ib.adnxs.com/ Frame 447A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 447A 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=ca9bebc4-7b9d-4e23-a191-80c4780b9e71&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ca9bebc4-7b9d-4e23-a191-80c4780b9e71&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb08b51bbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 12 Dec 2023 09:05:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=ca9bebc4-7b9d-4e23-a191-80c4780b9e71&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 447A 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 447A 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 447A 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 12 Dec 2023 09:05:44 GMT
via
1.1 varnish
x-served-by
cache-fra-etou8220092-FRA
server
nginx
x-timer
S1702371945.931240,VS0,VE8
x-fastly-to-nlb-rtt
7314
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 447A 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
X-Fw-Request-Id
ume3124_1702371945732925196
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 447A 		0
0
genericusersync.ashx
sync.tidaltv.com/ Frame 447A 		0
0
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=18203127235902352132411845926958709191&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=18203127235902352132411845926958709191&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb22dfabbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

dcs
dcs-prod-irl1-2-v054-074d8d8ae.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
b2NEklyyQeo=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://mwzeom.zeotap.com/mw?cid=18203127235902352132411845926958709191&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 447A 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame 447A 		0
0
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7311631829403236501&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-...
95 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7311631829403236501&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb08b55bbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7311631829403236501&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Date
Tue, 12 Dec 2023 09:05:45 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 447A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 12 Dec 2023 09:05:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=AjK8qOhdv6RzJihi7fp3RO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-44...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=AjK8qOhdv6RzJihi7fp3RO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb0bb9dbbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
via
1.1 google
last-modified
Tue, 12 Dec 2023 09:05:45 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=AjK8qOhdv6RzJihi7fp3RO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 447A 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb13c71bbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
cache-control
no-cache
x-server
10.45.8.161
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-NUFV0TdE2ookhTW6AAkf4.WMCpQXdx7u3w--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-NUFV0TdE2ookhTW6AAkf4.WMCpQXdx7u3w--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb12c53bbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-NUFV0TdE2ookhTW6AAkf4.WMCpQXdx7u3w--~A&zpartnerid=570&env=mWeb
date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TByC8a22WB6MWL1vOW6xcFsv%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TByC8a22WB6MWL1vOW6xcFsv%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb1cd6bbbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TByC8a22WB6MWL1vOW6xcFsv%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 447A 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 447A 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.254.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-254-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Tue, 12 Dec 2023 09:05:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1702371945
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 447A 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:04:12 GMT
x-powered-by
PHP/8.2.5
server
nginx
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZXgiaQAGWNoY9QBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b5...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZXgiaQAGWNoY9QBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb3887abbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-cph2320055-CPH
pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702371945.402095,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZXgiaQAGWNoY9QBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 447A
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
108.128.254.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-254-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
beacon-n012-dub-prod.krxd.net
date
Tue, 12 Dec 2023 09:05:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1702371945
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
date
Tue, 12 Dec 2023 09:05:45 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a021-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 447A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B58DKEAY6VVYBHV8PASK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C0T007E21J39QCCKJRB9
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 447A 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.66 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cb...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb2ef3ebbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
date
Tue, 12 Dec 2023 09:05:45 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 447A 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 447A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.159.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-159-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 447A 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb23dffbbcb-FRA
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 447A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=eisxv34sML5hKDe-eCkrv3onZ7VhLjOyenpMjJ_t&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=1cbf7047-5cda-4c3...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=eisxv34sML5hKDe-eCkrv3onZ7VhLjOyenpMjJ_t&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceb2ef37bbcb-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=eisxv34sML5hKDe-eCkrv3onZ7VhLjOyenpMjJ_t&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 447A 		557 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12e35bb2ca2751547497b7502ccf31e7d741d0a304e22ee0ab54dc39259067b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8344ceaf9a08bbcb-FRA
access-control-allow-headers
*
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 2B80 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:39:05 GMT
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
16001
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
A6kXRKMJmjnTvq_pLoZixqfgaCuEjowNbeneBXNTJTcd1757Khp3IA==
PugMaster
image6.pubmatic.com/AdServer/ Frame D833 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51048105&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-length
0
15581
rtb.gumgum.com/usync/ Frame 5D30 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.188.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-188-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2161f6ff9d9058bdc23945a8d836d51411e84c5f8691b8f1587865db7cf6436c

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 12 Dec 2023 09:05:45 GMT
etag
W/"0384d453c02feeb0aae104c3bf9874ff5"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 75F4 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 12 Dec 2023 09:05:44 GMT
csync
sync.adtelligent.com/ Frame 57C5 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ACnc%2fHO7a3%2fYdedR&traffic_source=snippet&session=369CBC6FE53C1887&sp=852559&pb=753264&c=484122&a=307971&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D369CBC6FE53C1887%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:05:44 GMT
Etag
fd82b5ee5ec64a52
Server
Adtelligent
e38dd133-669f-4033-9861-dee6bd38631c
https://mail.i.ua/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://mail.i.ua/e38dd133-669f-4033-9861-dee6bd38631c
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
FT3B2YNDBGENVSWC
age
5754
alt-svc
h3=":443"; ma=86400
x-amz-id-2
T5sPcjZtf+bDh6XdJmp7hMMaIrle5xKb9BwVfmaNkAxai8X9iK4oKQPncfqBkIMJTmPLzS6Pbg2Yz9at9uMFJU2Q4p1mhW6T9hRl6tH5ghk=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8344ceafda7d18cd-FRA
expires
Wed, 13 Dec 2023 09:05:44 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YQB9E0XZ4AF5YHE7
age
6725
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8344ceafda7c18cd-FRA
expires
Wed, 13 Dec 2023 09:05:44 GMT
xgemius.js
kpmediagaua.hit.gemius.pl/ Frame C5DF 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kpmediagaua.hit.gemius.pl/xgemius.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
3acde6ea47287711d6135843bc3c6e4f381e3cf6d12bba8f1651e2b606910854

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 12:57:59 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
19517
expires
Tue, 12 Dec 2023 21:05:44 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 7FE8 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 03:37:55 GMT
age
19670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 03:37:55 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7FE8 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 03:37:45 GMT
age
19680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 03:37:45 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7FE8 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 01:47:30 GMT
age
285495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Dec 2024 01:47:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7FE8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Dec 2023 13:51:29 GMT
age
69256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Dec 2024 13:51:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7FE8 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 01:09:26 GMT
age
28579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 01:09:26 GMT
css
fonts.googleapis.com/ Frame 7FE8 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 07:22:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 09:05:44 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7FE8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:40:14 GMT
x-content-type-options
nosniff
server
cafe
age
23131
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3073
x-xss-protection
0
expires
Wed, 13 Dec 2023 02:40:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7FE8 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:48:36 GMT
x-content-type-options
nosniff
server
cafe
age
40629
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 12 Dec 2023 21:48:36 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/4910088868546287678/ Frame 7FE8 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4910088868546287678/6592766407814317453
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d5b3a820d9a21b83f1af6da60b95c508549901ed8ac503669eaf337267a29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:08:49 GMT
x-content-type-options
nosniff
age
35816
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46341
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 17:06:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 23:08:49 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/4502247047325849301/ Frame 7FE8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4502247047325849301/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf86d359d1531aee2e46233f03df7649a5ef3041f9550ff063ba329d25103229
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:15:08 GMT
x-content-type-options
nosniff
age
42637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3085
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 22:30:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 21:15:08 GMT
truncated
/ Frame 7FE8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b5ea49319f2cf9ae5b9cac79535023ef87a5806cc25891d995be984ba08d2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
1
servicer.mgid.com/971124/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/971124/1?mp4=1&ap=1&w=1390&h=158&wrongImageSize=1&sz=264x77&szp=1,2,3,4,5&szl=1,2,3,4,5&cols=5&sessionId=65782269-0ab1e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&cbuster=1702371944987257033772&pvid=18c5d46695bb0e34244&implVersion=11&cxurl=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&scum=%3F0&scuw=%3F0&uniqId=04c55&childs=1123083&gpt=1&niet=4g&nisd=false&pv=5&lct=1701129600&jsv=es6&pageView=1&dpr=1&ref=&tfre=1057
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49766682bde6d2f02df6f66533b43d4da3bb720026972ceec22f70a7e77cac6b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8344ceb04b0918cd-FRA
alt-svc
h3=":443"; ma=86400
fpdata.js
kpmediagaua.hit.gemius.pl/ Frame C5DF 		269 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kpmediagaua.hit.gemius.pl/fpdata.js?href=
Requested by
Host: kpmediagaua.hit.gemius.pl
URL: https://kpmediagaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
9d7e05394c453c06a28d61f7392c914f484fe0ee48f35272fc86af391446dcab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
269
expires
Thu, 11 Jan 2024 09:05:45 GMT
loader2.js
cdn.admixer.net/scripts3/ Frame C5DF 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
034fde29adc7ba797d885562222ac755e0708afaade34c34b2ef4a8966d38eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc35
date
Tue, 12 Dec 2023 09:05:45 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 13:31:01 GMT
server
nginx
traceparent
00-b8b5a421588cbc99437743270a37eedc-0165aa016c34eff9-01
etag
W/"65688e95-2c664"
x-cached-since
2023-12-12T08:57:00+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
cross-origin-resource-policy
cross-origin
x-id-fe
fr5-hw-edge-gc35
expires
Thu, 30 Nov 2023 13:43:08 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2CBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDILmpsI-PPKUH9HdU_Zb18&google_cver=1
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDILmpsI-PPKUH9HdU_Zb18&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8JEswEKsyQ0jRW2Kf6QXMOigWfbmrea3m%2BKopWErt9CdzQPNYkakm%2B8yHjlSWq%2Bv3RJZk1bjIE4hglalk5s7ypltLOVYtdjm2RDGRg7dSMTpOGBUISbyjGb6Jm1POYeHLTuQE9Ad6kmWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344ceb0cb064516-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDILmpsI-PPKUH9HdU_Zb18&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2CBB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
501709.gif
idsync.rlcdn.com/ Frame 2CBB
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e496cea0d7684d78ad05e15cd4265ff9
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e496cea0-d768-4d78-ad05-e15cd4265ff9
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b440e6ba-99da-46db-9c1c-3339f14a79ac%3A1702371945.9327953&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db440e6ba-99da-46db-9c1c-3339f14...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631274117568&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db440e6ba-99da-46db-9c...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b440e6ba-99da-46db-9c1c-3339f14a79ac%3A1702371945.9327953&_=1702371945.9349144
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=b440e6ba-99da-46db-9c1c-3339f14a79ac%3A1702371945.9327953&_=1702371945.9349144
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 12 Dec 2023 09:05:46 GMT
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=b440e6ba-99da-46db-9c1c-3339f14a79ac%3A1702371945.9327953&_=1702371945.9349144
content-length
447
x-amz-cf-id
3AzoFV7-p7B3wyYTiS7vX9NOpRRbiOo_3bDi6FIRDAVAvPQKJIaWMQ==
dcm
s.amazon-adsystem.com/ Frame 2CBB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KVVN9S2WEC87QP9WYCKT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
80YR1HWJ42F68TYBTYZW
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2CBB 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXgiaMtQJ-rPf-rtBjLN8AAADR4AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:357b:9971:3f66:201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 2CBB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&tc=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&tc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ALdRmfk%2FVIr9cec6zeEQSBwhtxwNg2tSROm1jS9WZcH3OHIDyYkW9oS4cZoGJ42%2BwOe%2FTjnpYZtv6SC8xTTQyPj1uVHGq7XkDw8%2BcV4Uoxs9RDKmiyZpcpk4dF9H3wj7G3FG81anpCLLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344ceb13c014516-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358&tc=1
pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT, Tue, 12 Dec 2023 09:05:45 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2CBB
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3c2a87f61367405ea8ae1e331d97f141&expiration=1704963945
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3c2a87f61367405ea8ae1e331d97f141&expiration=1704963945
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u10PP031g0SDUtD9AWS2dXhdDz6w9WqWK6P3yWntrwUdrDPFuqu1%2Bg78tPM063STKqwD0AmItnslxUDtEv8Q%2BoSbk85XJIGuqU3vZ5wdKBNFGBNmF3l%2FLqIO2VBnsIFbO70Fpdkc%2BCRIig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344ceb0fb724516-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:44 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3c2a87f61367405ea8ae1e331d97f141&expiration=1704963945
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2CBB
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7253670a12lg89600lq24avxb
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7253670a12lg89600lq24avxb
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hrui%2FUejKqEue3TV%2B9CuSqPSX%2B4p6wf2cy3Thd%2FeJ1Rg0klmLeRX82ISGuuqMRiCRRwiJ4s0igCHru4iCxWSPPo97SCAAWxrMiUZAlYJ320Ps0OgqghKql3A5NoB7WeEHKo8zlhh912Jbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344ceb42a724534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 09:05:45 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7253670a12lg89600lq24avxb
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
um
u-ams03.e-planning.net/ Frame 2CBB 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=bac73b088ae07ba7&uid=ZXgiaMtQJ.rPf.rtBjLN8AAA%263358
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dbac73b088ae07ba7%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

server
openresty
date
Tue, 12 Dec 2023 09:05:45 GMT
content-type
image/gif
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7FE8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
318384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 16:39:21 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7FE8 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:07:21 GMT
x-content-type-options
nosniff
age
395904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:07:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7FE8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:54:09 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7FE8 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:12:10 GMT
x-content-type-options
nosniff
age
14015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 05:12:10 GMT
usersync
usersync.gumgum.com/ Frame 5D30
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5914369837483185201
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5914369837483185201
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
an-x-request-uuid
14d16517-3ed1-41b2-a76d-3f6534c51803
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5914369837483185201
x-proxy-origin
84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 5D30
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6dd92856-25f9-4108-957a-85f838854942&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_6dd92856-25f9-4108-957a-85f838854942&gdpr=&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=4640bf22-7547-447b-8a7d-04a3fdedb8e2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=4640bf22-7547-447b-8a7d-04a3fdedb8e2
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=4640bf22-7547-447b-8a7d-04a3fdedb8e2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Server
54.93.159.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-159-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=4640bf22-7547-447b-8a7d-04a3fdedb8e2
date
Tue, 12 Dec 2023 09:05:45 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 5D30 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5D30
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6607cc4c-99b7-5afc-7a38-762df91a68d8$ip$84.19.175.183
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-6607cc4c-99b7-5afc-7a38-762df91a68d8$ip$84.19.175.183
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-6607cc4c-99b7-5afc-7a38-762df91a68d8$ip$84.19.175.183
Date
Tue, 12 Dec 2023 09:05:45 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 5D30 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:357b:9971:3f66:201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 5D30
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=8c24ebae-ba21-413b-8aa3-50fbe25b214a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=8c24ebae-ba21-413b-8aa3-50fbe25b214a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=8c24ebae-ba21-413b-8aa3-50fbe25b214a
Date
Tue, 12 Dec 2023 09:05:45 GMT
Connection
keep-alive
X-CI-RTID
2cfc7d86-273d-401f-a4a1-91345a7014c0
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 5D30 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 5D30
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6dd92856-25f9-4108-957a-85f838854942&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5D30
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=XGyLhKG9cJhi&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=XGyLhKG9cJhi&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:05:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=XGyLhKG9cJhi&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-wk22h
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 5D30 		9 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.122 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:44 GMT
content-length
9
content-type
text/plain; charset=utf-8
um
sync.e-planning.net/ Frame 5D30 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=bac73b088ae07ba7&uid=e_6dd92856-25f9-4108-957a-85f838854942
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

server
openresty
date
Tue, 12 Dec 2023 09:05:45 GMT
content-type
image/gif
usersync
rtb.gumgum.com/ Frame 3D60
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=2718736404924873562&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=2718736404924873562&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.188.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-188-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 12 Dec 2023 09:05:45 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 12 Dec 2023 09:05:45 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=2718736404924873562&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 9F8E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZGQ5Mjg1Ni0yNWY5LTQxMDgtOTU3YS04NWY4Mzg4NTQ5NDI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:05:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9BE4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36879
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:05:45 GMT
expires
Tue, 12 Dec 2023 19:20:24 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 3F4A 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 12 Dec 2023 09:05:45 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame E4F6
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXgiacCo8X8AAE6HkmsAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZXgiacCo8X8AAE6HkmsAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:05:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 09:05:45 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZXgiacCo8X8AAE6HkmsAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad400.dc4p.scaleout.jp
X-SO-IP
84.19.175.183
X-SO-Key
ZXgiacCo8X8AAE6HkmsAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZXgiacCo8X8AAE6HkmsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad400"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad400
usersync
usersync.gumgum.com/ Frame 9A3C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:05:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 12 Dec 2023 09:05:45 GMT Tue, 12 Dec 2023 09:05:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=hRBXTq8Ud76qoCbp6BLzLgxA--RdU3vjZ4auxOmAK3E&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame F4D9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dbac73b088ae07ba7%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 09:05:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 09:05:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTAvNTMwNDUzLzYxNDEyN...
s-img.mgid.com/g/17598334/328x328/-/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17598334/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTAvNTMwNDUzLzYxNDEyNDM1Y2IwZDhiMmFhZmUxMjIxODhhYWZkZjRiLmpwZWc.webp?v=1702371945-De0Oz7CgUA8DWsoYF6xfsK8LVay7mRZqofmSLqrdH94
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e19aa447415587470070a9807f2b44521b3b28ed65fa1d47487583ea4fc7c60e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://mail.i.ua/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
81a74f87-bc4d-471a-bbf3-3142526a4712
age
965414
alt-svc
h3=":443"; ma=86400
content-length
5974
last-modified
Tue, 31 Oct 2023 16:18:57 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8344ceb11d8c1bcf-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTIvNzQyNTMwL2UzNWJhY...
s-img.mgid.com/g/17936883/328x328/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17936883/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTIvNzQyNTMwL2UzNWJhYjlkZmY3Y2I4NmQ5OTkwZTI5NDNjYzMwYTczLkpQRw.webp?v=1702371945-ETOhC0HC5cKXqDPlVZj5ySiVzWSp4q5oO5bJOx-RKDc
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1a8a2ea9bf731fc6eab9182fa72487824f8f7a1f7e85d1167df39b471783c33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://mail.i.ua/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
b2b36f1f-7ffa-47b0-b134-1f57c6b330a1
age
776994
alt-svc
h3=":443"; ma=86400
content-length
12316
last-modified
Sun, 03 Dec 2023 08:27:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8344ceb11d8b1bcf-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTIvODI1Mjk4LzczYjZjZ...
s-img.mgid.com/g/17944654/328x328/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17944654/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTIvODI1Mjk4LzczYjZjZTZlN2IxZjZhNTE0MWEyYTgwN2YwMDYzZWY2LmpwZWc.webp?v=1702371945-au4lkP5Uf0Q0mMKHZt0sVO6tGCKUg5MsvqPtzyIDNks
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
749cb40f1a996de80d64e33cb37c991c759c01da6a9d2f5c4333896b01f752f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://mail.i.ua/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
a0d0904c-f1d0-4725-810a-b118979af276
age
570719
alt-svc
h3=":443"; ma=86400
content-length
9132
last-modified
Tue, 05 Dec 2023 08:46:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8344ceb11d891bcf-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvMzY5NDAzLzE3MTU5N...
s-img.mgid.com/g/17185580/328x328/-/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17185580/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvMzY5NDAzLzE3MTU5N2RjN2U2YzBlMDkyMDYyZmFjMmExYWMzN2Q3LnBuZw.webp?v=1702371945-08Gex4gwRnWcRrM32iuI6uO2WKyIRVRewsFSSDy88Kw
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ad9d39cf8b460ee7c2e8aa06966a4617eb2a0661cf979f9bc574f8264ab061
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://mail.i.ua/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
1d7d2388-995f-47db-9397-270ea13dd51d
age
1292076
alt-svc
h3=":443"; ma=86400
content-length
10630
last-modified
Tue, 31 Oct 2023 14:46:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8344ceb11d8f1bcf-FRA
i.ua.1552127.es6.js
jsc.mgid.com/i/u/ Frame 4BC7 		303 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/i/u/i.ua.1552127.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c4a7f18cd91fb5c3a3e955e01353a2be636ce493e520a8d92fa9c0df88de98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
x-amz-version-id
grUIfZ.e3ABERqPHM_N50NR6kTnCQ4nv
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
34CDXZ6C8RN2J16B
age
7097
cf-polished
origSize=310382
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sHqZR3LpQJp+qiQSJ4vV7zOuXQ4QtlrIiN53MglktsH0XWGuJAyHnyXfu4wrkzUkNNCT2EIUNYI=
cf-bgj
minify
last-modified
Tue, 28 Nov 2023 09:18:22 GMT
server
cloudflare
etag
W/"30ef51aa7d492e733e7eea6a82590c37"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8344ceb0ebf518cd-FRA
expires
Tue, 12 Dec 2023 12:05:45 GMT
usync.js
eus.rubiconproject.com/ Frame CEB4 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36677
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:17:02 GMT
i.js
cm.mgid.com/ 		0
104 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?cbuster=1702371945109914079915
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8344ceb10c2318cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
A4KDSW9C35CJC47C
age
3127
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8344ceb17be11c7f-FRA
x-amz-id-2
pBuwKfAA1m5+IhgdsJ6tbn2pJoo2Snnkl8Z3rsNpE66sNUeZtC0YmBfEqLGLVAIrNdzSiNnRbuo=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=28283
accept-ranges
bytes
content-length
63913
expires
Tue, 12 Dec 2023 16:57:08 GMT
csi
csi.gstatic.com/ Frame 7FE8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1702371945162&c=3149432591697351&qqid=COyCpdjFiYMDFZ3iuwgdUp8NlA&rt=any.link.6.30.10.o.1b.0.17i5.179t~any.script.6.3c.1.1z.0.0.49h.415~any.script.6.3h.h.1o.0.0.mo1.mfp~any.script.6.3b.1.1y.0.0.1pf.1h3~any.script.7.3d.2.20.0.0.a84.9zs~any.link.7.x.1.v.0.0.pr.hf~any.img.8.33.4.1e.0.0.2lp.2dd~any.img.8.26.1.k.0.0.hw.9k~any.css.b.2w.t.l.0.0.zzl.zr9~any.css.c.2r.3.18.1c.0.2m1.2dp&met.a4a=dcl.0~ol.0~nvs.1702371944966~ini.1702371945162
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.i.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7FE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C550KaCJ4ZeyuJ53F7_UP0r62oAnZlYGtdNnvkfCrEpT0jryWDhABIIrW_JcBYJWalYKgB6ABg6yNqirIAQmpAkc5ppu2D7I-4AIAqAMByAMKqgT6AU_QWlk--FKGsxV5ckmEKSDIFVGUsImYaQQEsArO0Xg9-NdzDxIjxBod7dgRb43PTA2rLspLQvbVqmbDeu1dLdX6i0MiQ0t3DRirHWn2d40sneFCfUhVaUmqsEM9Tz_1vEBCKJRzp67CH8ODbFvKHJ51DXlelNnEGoMspSGtwi2JvdTzTdSKIlPohtf-L5CPN_0MKgHDIKeB2Nk1ZzIqLElL_Cm1w7zk3N8fRG07er8NdynLx1Aa-x_Hg2xiCz61oFcF295O3tXn68nkD5U-6T6AOgR1-kporYmEdqRMgEqCrBl0riOCS5QIG3lpWkUFBdcCZmQDZbOkjrHABMft_9DDBOAEAYgF-K7unk2SBQQIBBgBkgUECAUYBKAGLoAHg-TdiQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCt4xfSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WPTAo9jFiYMDmgkaaHR0cHM6Ly9ub3ZhcG9zdC5jb20vdWstZGWACgPICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLiDRMIt4Kk2MWJgwMVneK7CB1Snw2UuBPkA9gTAogUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNzU1NjYyMTk3Mzg2MjY5GJTUcw&sigh=iglY0yFh-_s&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNTtL2EEXR2egNJcStHQhLlFg8ufwrTgwSgQksv5p9yLJ7o1moh2xMKqjliIFR29LeNkSAyTO3FdoHT7umlyYCB9DKF4rm0pmmwRQYAQ&template_id=484&cbvp=2
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
268e0f3a-8ee5-42c5-a9ee-cec429697c5c
https://mail.i.ua/ Frame 4BC7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mail.i.ua/268e0f3a-8ee5-42c5-a9ee-cec429697c5c
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
c2382681-697d-44fd-a919-4e08fb5b3725
https://mail.i.ua/ Frame 4BC7 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mail.i.ua/c2382681-697d-44fd-a919-4e08fb5b3725
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
khaos.json
token.rubiconproject.com/ Frame CEB4 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
usync.js
eus.rubiconproject.com/ Frame F4D9 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:05:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36677
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:17:02 GMT
khaos.json
token.rubiconproject.com/ Frame F4D9 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
e974de72-07a4-4066-849f-e862e6c13d6b
https://mail.i.ua/ Frame 4BC7 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://mail.i.ua/e974de72-07a4-4066-849f-e862e6c13d6b
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
1
servicer.mgid.com/1552127/ Frame 4BC7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1552127/1?pubmatic=%7B%7D&mp4=1&ap=1&w=264&h=304&sz=264x304&szp=1&szl=1&cols=1&sessionId=65782269-0ab1e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&cbuster=1702371945361864979475&pvid=18c5d46695bb0e34244&implVersion=11&cxurl=https%3A%2F%2Fmail.i.ua%2F%3F_url%3D%2F%3F_rand%3D1400942705%26phcode%3Da84daa13c5d8594bb69664fba0da1543%26_rand%3D1702371941&scum=%3F0&scuw=%3F0&uniqId=043f2&except_ads=17598334,17936883,17944654,17185580&niet=4g&nisd=false&pv=5&lct=1701129600&jsv=es6&pageView=0&dpr=1&ref=&tfre=281
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.1552127.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349ef2a9c75769f321468a3b8b83818343859da1c13612a2681178b914f920d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8344ceb29a7d3835-FRA
alt-svc
h3=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTIvNzA0OTEwLzNjMDNjZ...
s-img.mgid.com/g/17978166/328x328/-/ Frame 4BC7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17978166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTIvNzA0OTEwLzNjMDNjZTkyNWIzNmZkNjkyOTQ1ZDc0ZGI5OTdlMzM2LmpwZw.webp?v=1702371945-TShLDj4lDTKKDoha42fvkl__6LuhNfSTEeDePjiBTjI
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c157ff5f7534c52dd604d5191c8e2e0bebb27d2c0f416854694e7629f1cb65e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://mail.i.ua/
Origin
https://mail.i.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
7a0cfe41-950a-4ebd-8db2-1822dafe541d
age
327467
alt-svc
h3=":443"; ma=86400
content-length
5756
last-modified
Fri, 08 Dec 2023 08:55:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8344ceb32c7d4d37-FRA
i.js
cm.mgid.com/ Frame 4BC7 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?cbuster=1702371945452610764408
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.1552127.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8344ceb32b363835-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 4BC7 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.1552127.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
A4KDSW9C35CJC47C
age
3127
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8344ceb32da81c7f-FRA
x-amz-id-2
pBuwKfAA1m5+IhgdsJ6tbn2pJoo2Snnkl8Z3rsNpE66sNUeZtC0YmBfEqLGLVAIrNdzSiNnRbuo=
multitracking
sghb.adtelligent.com/adunit/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1OKLR/hbw_master_738585_17250.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mail.i.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://mail.i.ua
Date
Tue, 12 Dec 2023 09:05:44 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
activeview
pagead2.googlesyndication.com/pcs/ Frame 7FE8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjrCAB7e2MjBhAzmHkhphKW4V-6v5WGqqIb9SYk0kDQc8Cni53K6Id_jLBWBbYDxHgSy5q-6UxSwLPhVSeOtF5ODDpDuAr4vO5dy1OKh6JlC11UuBXxeC06itSWQ7bRJSm2F_Yx5_201pg0dUKWv8OV3vg&sai=AMfl-YSsh5fcGInOVV9RXOrJ4kXZrQKrQ0TRmUUoXFeuCx1BpOM3prmtBT-GfqwHqDBA8bQEhwjHbXat-5pRmGHbGKLxRaq--LjcIcBW99AdqgYkRbCNn8bxeV6J5hUMLujQgJ2i8f47o3dYu5NKk5bm3A&sig=Cg0ArKJSzOha_EKjU6CsEAE&cid=CAQSTwDICaaNTtL2EEXR2egNJcStHQhLlFg8ufwrTgwSgQksv5p9yLJ7o1moh2xMKqjliIFR29LeNkSAyTO3FdoHT7umlyYCB9DKF4rm0pmmwRQYAQ&id=ampim&o=315,64&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=198&tls=1204&g=100&h=100&tt=1204&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:05:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
go.rcvlink.com/bv/cgPjIZiT9lAkr61JZy0kyuQIyzPAVho832WX3SyNJYF8tyJOlqleIH4NKZB2sBCgh3Aw2y-qryUkqaiDwV97q6_JRuFze7yCTn6coYNlL8glukgF1KnC4EypBa-KEN2Q6kL40w_nFpX6IwHGnC84gmv_XIEJ76PKswzz1yszPezi81vz1Vw... Frame 2FF7 		43 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/bv/cgPjIZiT9lAkr61JZy0kyuQIyzPAVho832WX3SyNJYF8tyJOlqleIH4NKZB2sBCgh3Aw2y-qryUkqaiDwV97q6_JRuFze7yCTn6coYNlL8glukgF1KnC4EypBa-KEN2Q6kL40w_nFpX6IwHGnC84gmv_XIEJ76PKswzz1yszPezi81vz1VwaHR7dphTs5pyGXoa3CyNV/?c=379-41-4-1800-1800&ver=231101-0007&io=1&m=W1sxMDAwLDEwMDAsInRpbXAiLCJyYUFvcEVGcFBiRDFla1A2Vk5IcDN4RlpQSnJiVlBsSlc2aC1pNUVzQ3FRMFdsT0Mzdk1HamN2b2NJdzVjRUdpdkJyRjJpYXZPRVF4RnBKZ1dmSFN0d3pxWXIzVVVZZHVyMkJFNVVsZ3J3OjA6MDowOjA6MjU6MTM6NjUxNDpzdDExIl0sWzEwMDAsMTAwMCwidGltcCIsInJhQW9wRUZwUGJEMWVrUDZWTkhwM3hGWlBKcmJWUGxKVzZoLWk1RXNDcVEwV2xPQzN2TUdqY3ZvY0l3NWNFR2l2QnJGMmltdk9FUXhGV3p5OExqRHBRenFZcjNVVVlkdXIyQkU1VWxncnc6MDowOjA6MDoyNDoxOjU4NjY6c3QxMSJdLFsxMDAwLDEwMDAsInRpbXAiLCJyYUFvcEVGcFBiRDFla1A2Vk5IcDN4RlpQSnJiVlBsSlc2aC1pNUVzQ3FRMFdsT0Mzdk1HamN2b2NJdzVjRUdpdkJyRjJqS3ZPRVF4RlRZcE5id1c4d3pxWXIzVVVZZHVyMkJFNVVsZ3J3OjA6MDowOjA6Mzk6MTo0MjM4OnN0MTEiXSxbMTAwMCwxMDAwLCJiaW1wIiwiMDoxNjAwOjEwODoxODA6MTAyOjM6MToxIl1d
Requested by
Host: mail.i.ua
URL: https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

hn
b27
date
Tue, 12 Dec 2023 09:05:46 GMT
cache-control
no-store
server
nginx
content-type
image/gif
v1
lb.eu-1-id5-sync.com/lb/ Frame 4BC7 		33 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
50c5279b3391cecc58ffb0cb27f0cbd874a14769082a9db92685a6e5aba3296e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.i.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://mail.i.ua
date
Tue, 12 Dec 2023 09:05:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v3
id5-sync.com/gm/ Frame 4BC7 		319 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
53a096ec0c9bd961136c5cb8de90ae849fb71086bda7843c0e41051b6f394222
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mail.i.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mail.i.ua
date
Tue, 12 Dec 2023 09:05:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d%26reqId%3D2dc61fc3-2841-446b-56e5-3b54b8de5d3f%26zdid%3D1361
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture number| lmJsVersion string| lmJsPath number| JS_LANG_ID boolean| I_VER2 boolean| I_SSL string| JS_ERROR_NOTIFY function| browseIt object| b function| trim function| stripTags function| checkAll function| checkDate function| frPr object| toggleDisplay_hiddenObj function| toggleDisplay function| dce function| dct function| dge function| getItemIndex function| arrayPos function| peUtilClearContainer function| strCmp function| striCmp function| DBG function| nalert function| formatStToSafeGET function| inputLimit function| getPosition function| getPosition2 function| getOffsetRect function| mouseCoords function| getWindowInfo function| itemSpelling function| addToBody function| util_htmlspecialchars function| sprintf function| utilSetCookie function| utilGetCookie function| hrefSSG object| UtilLite number| nalertCount boolean| UTIL_LOADED boolean| UTIL_READY function| Subsys_JsHttpRequest_Js string| ref function| i_showFloat function| i_showFloat2 function| i_showFloat3 function| i_lForm2 function| i_lForm undefined| i_blinkMail undefined| i_blinkMailTimer undefined| i_blinkMailStep function| i_blinkM undefined| i_reqMail string| i_chkEmlUrl function| i_checkNewMail function| i_checkNewMailResponse number| i_checkInterval undefined| i_reqSCode function| i_updateSCode function| i_removeDefVal function| i_keypress function| i_showSections function| i_showPeopleOnline function| i_showPeopleOnline2 function| i_poSetLoading function| i_poSetLoading2 function| i_poHideBadObjects function| i_poReady function| i_closePeopleOnline function| i_closePeopleOnline2 function| i_getBottomPos function| i_s function| bannerInternalFooterJS function| i_checkOpenstat function| i_closeDisclaimer object| poToggledObjects object| Autoload object| googletag object| vmpbjs object| vpb string| ua function| ILoadScript string| pp_gemius_identifier function| gemius_pending object| _gaq string| iS object| iD string| iR string| iT string| iH number| iI string| bmQ object| bmD object| bmS string| bmF function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ABNS string| ABNSh object| ABNSl function| ld object| name220now function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad number| H_DEV object| holderPlaces function| holder object| vmpbjsChunk object| _pbjsGlobals object| mnet object| google_rum_config object| gaGlobal object| hb_dmx_res function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_ object| _mgIntExchangeNews object| MarketGidInfC971124 boolean| mg_loaded_423244_971124 function| _mgWidgetLoad971124 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint423244 object| _mgPageView423244 object| _mgPvidList string| _mgPvid string| _mgCanonicalUri object| _mgUserPages object| onClickExcludes function| mgReject971124 function| mgLoadAds971124_04c55 function| _mgConsentWait971124_04c55 function| MarketGidCReject971124 function| MarketGidLoadGoods971124_04c55 function| mgReject1123083 function| mgLoadAds1123083_04c55 function| _mgConsentWait1123083_04c55 function| MarketGidCReject1123083 function| MarketGidLoadGoods1123083_04c55 object| _mgSessionPages string| _mgSessionId number| _mgSessionPagesNumber object| _mgSessionsTimeList object| google_timing_params boolean| _mgGPT971124 object| _mgViewrate971124 string| _mgUniqueHash971124_04c55 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| i.js.loaded object| PWT object| pbjs object| regeneratorRuntime object| ID5 object| owpbjsChunk object| owpbjs boolean| _mgPubmaticExists object| __id5_instances object| _mgViewrate1552127

87 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDbFg
.i.ua/ Name: __cf_bm
Value: EyCCYgytvtV6B8BJuzBJDAcE9aIuabQU2YjOsRkchFM-1702371943-1-AYniI5A5QzKXnS9uh3SHVCuRDqGstuuIiXMKNsEYOdoLT7zt0yf1d2jGgeGV7nnD7EJyfWeeJRYfDamG6lspqxo=
mail.i.ua/ Name: b
Value: b
.cdn.umh.ua/ Name: AU
Value: 85d54f28689b6437
.i.ua/ Name: cf_clearance
Value: FtEqRaRFo7PGoVvQtXejmye0d3VWtF3mQ.xe_44DmHg-1702371944-0-1-6df338ec.b2df9260.624b7b7f-0.2.1702371944
mail.i.ua/ Name:
Value: store.test
mail.i.ua/ Name: store.test
Value:
.mgid.com/ Name: __cf_bm
Value: nl1zXB1Ehjdcnes0_oHAM7TEBIjbTmPjE5RodWijsOY-1702371944-1-AaprBAvfLKQ1joz7XqnKt2018GIGPz5YHEoXot8SCILcZKPJ3tJEs0Q2sWhfpai8cYfeDb5froPihf762oiRfEE=
mail.i.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.i.ua/ Name: _pubcid
Value: 79688e21-7abd-4dea-9fd2-757646e8d170
mail.i.ua/ Name: cbtYmTName
Value: KVILQE0LEwtIHBpLSBgYSx8cSxtNTB4cC1QL
.i.ua/ Name: __gfp_64b
Value: IVp3VrTyOllixFWyXKGy14APGr2Nkxv6B7dGzVkbb5..A7|1702371944
.adtelligent.com/ Name: vmuid
Value: fd82b5ee5ec64a52
.trafmag.com/ Name: vid
Value: 0518949957784328
.go.rcvlink.com/ Name: cache
Value: t57Y7NfUum7-
ads.us.e-planning.net/ Name: CT
Value: 1
a4p.adpartner.pro/ Name: apuid
Value: 3af77f91-9e39-4784-b9a6-41bf8a74eb91
loadercdn.net/ Name: vui
Value: f3232f99486647358e3ad0fb9af02c22
.e-planning.net/ Name: E
Value: ACnc/HO7a3/YdedR
.hit.gemius.pl/ Name: Gdyn
Value: KlxxHRGGQMQGEzLy6RXYGF2UssGMXP8c25nSGVxeHUSWFRxSG7RrGS6GNLctFlMMYH7hRjBGqSRxSG8.
.hit.gemius.pl/ Name: Gdynp
Value: IU1xiG76Dy.lNOxVom9ZOtHNaiIyidNVj4LyGCTesTb.s7
.adnxs.com/ Name: uuid2
Value: 5914369837483185201
.zeotap.com/ Name: zc
Value: 1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d
.zeotap.com/ Name: zsc
Value: %04%A5%EC%00%05%B5%8F%A1%1Fs%CA%89%F9B%F4%17F%B0%037%2Bc%80%F9%82%5CWx%EB5%B0%CE%C0%91%81%F5%86g%7B%D9%F4%8E%A0%1D%19%C6%5El%A7%C4%EE%BFY_ye%D5%F8%23%AA%CF%1D%83f%0F%93%DB%40s%EF%94%08%84%C4%84%0B%F2%29%9E%02%A8F%3C%5EQ%DD%3A%7C%D8%A1%27h%16%603A7%AAW%60%10%1F%9Da%0D%F07%E9%25%11F%E1%D3%3C%C7%15%F3%B7%2B%2F.%3Fh5%25%8D%B7%EF%AE%B8%5C%0F%97%99%95a%8A%60%D9p%F1_%28P%05%1E%91%89h%26%07~%2A%05%8D%FA%03%3BA%DD%11n%E0O%ED%DA%82r%CF%F3%E5
.casalemedia.com/ Name: CMID
Value: ZXgiaMtQJ.rPf.rtBjLN8AAA
.casalemedia.com/ Name: CMPS
Value: 3358
.casalemedia.com/ Name: CMPRO
Value: 3358
.adtelligent.com/ Name: a754412
Value: 0000EEA
.i.ua/ Name: __gads
Value: ID=dce2854635afa105:T=1702371944:RT=1702371944:S=ALNI_MbnBEp9OVJsY0YItOD7we_hkm9Wvg
.i.ua/ Name: __gpi
Value: UID=00000d13d36f0656:T=1702371944:RT=1702371944:S=ALNI_MavghpO-88m2vbcUrqo5Wh8IvU7wQ
.adtelligent.com/ Name: a751004
Value: 5914369837483185201
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_8ffedc82-010a-4b96-94e1-6e1d4482332a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adtelligent.com/ Name: a307971
Value: ACnc/HO7a3/YdedR
.tapad.com/ Name: TapAd_TS
Value: 1702371944964
.tapad.com/ Name: TapAd_DID
Value: efe2482d-d553-4a41-abb7-11d417b28aaa
.adfarm1.adition.com/ Name: UserID1
Value: 7311631829403236501
.adtelligent.com/ Name: a297253
Value: 870914631770431160
.doubleclick.net/ Name: IDE
Value: AHWqTUk4BLs3t3MrRo4jTzBY25RhrCkoTZopiW9IBotwczNNA9uI4URzS7swcqzJk_c
.adtelligent.com/ Name: a584890
Value: 3154478265322083504
.weborama.fr/ Name: AFFICHE_W
Value: 6J9EKedoat3o13
.gumgum.com/ Name: vst
Value: e_6dd92856-25f9-4108-957a-85f838854942
.bidswitch.net/ Name: tuuid
Value: 4640bf22-7547-447b-8a7d-04a3fdedb8e2
.bidswitch.net/ Name: c
Value: 1702371945
.bidswitch.net/ Name: tuuid_lu
Value: 1702371945
.adtelligent.com/ Name: a307558
Value: f3ad8a9a-d963-4e3b-b18d-d9a87c1f52ab
.ctnsnet.com/ Name: cid_3c2a87f61367405ea8ae1e331d97f141
Value: 1
.adform.net/ Name: C
Value: 1
.creativecdn.com/ Name: ts
Value: 1702371945
.creativecdn.com/ Name: u
Value: T05qUNMesPzLgdJlMEJN
.creativecdn.com/ Name: g
Value: T05qUNMesPzLgdJlMEJN_1702371945081
.go.sonobi.com/ Name: HAPLB8G
Value: s85193|ZXgib
.mgid.com/ Name: lmg_usr
Value: d6cdb8a9-c0b0-4aef-ad68-4bb2b89fc7d2
.mgid.com/ Name: lmg_r
Value: 25
.adform.net/ Name: uid
Value: 2718736404924873562
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2fk9
.yahoo.com/ Name: A3
Value: d=AQABBGkieGUCEJgrwPvZ3nYgPKSEIVc_m5kFEgEBAQFzeWWCZQAAAAAA_eMAAA&S=AQAAAlbWPDFIsFCT7io-3XdPk9Q
mail.i.ua/ Name: __gfp_64b
Value: XliwrqSZVcX.8tPoh.H_K5UaGLOZ2HrGEUwTKBSm_Mb.c7|1702371945
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-355a5eeb-4c73-3c99-9ec4-d0ae0ca938b0
.adtelligent.com/ Name: a753378
Value: d6cdb8a9-c0b0-4aef-ad68-4bb2b89fc7d2
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 1dfc09d9561709be
.demdex.net/ Name: demdex
Value: 18203127235902352132411845926958709191
.agkn.com/ Name: ab
Value: 0001%3AOfwnaUemEMLKw6wl7Cny3ti7bVyxxL80
.krxd.net/ Name: _kuid_
Value: P-FfB5P9
.dpm.demdex.net/ Name: dpm
Value: 18203127235902352132411845926958709191
.fwmrm.net/ Name: _uid
Value: ume3124_7313333892110514546
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXgiaQAGWNoY9QBU
.quantserve.com/ Name: d
Value: EHYBDQHSKuvLswA
.quantserve.com/ Name: mc
Value: 65782269-61947-869a2-0556d
mail.i.ua/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C971124%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221702371945070%22%7D%2C%22C1552127%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221702371945450%22%7D%7D
.amazon-adsystem.com/ Name: ad-id
Value: A0xKwjlQIEuQmk1c-tZHkSw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.liadm.com/ Name: lidid
Value: e496cea0-d768-4d78-ad05-e15cd4265ff9
.ipredictive.com/ Name: cu
Value: 8c24ebae-ba21-413b-8aa3-50fbe25b214a|1702371945485
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6607cc4c-99b7-5afc-7a38-762df91a68d8.GyswUnAcCcNVj%2FsMcwQgDx7JvYptIHTAPzmRMQ3giwY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6607cc4c-99b7-5afc-7a38-762df91a68d8.GyswUnAcCcNVj%2FsMcwQgDx7JvYptIHTAPzmRMQ3giwY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZgfMTJm3Wvx6OHYt-Rpo2FQTr7c.s3t6CAlHRd4HuzZtHmRZPFwQRlP4pjgDmaIIVXvrqLc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZgfMTJm3Wvx6OHYt-Rpo2FQTr7c.s3t6CAlHRd4HuzZtHmRZPFwQRlP4pjgDmaIIVXvrqLc
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBzsIsZHvoG0fW3pNiRL49aSYdlJV3gnfKBPMLolaFPDEHwYBCDpxOCrBjABOgQtwj9GQgT3AIRp.et%2FFO%2Bbt7%2F0aDmgmQMMkeYflsvFZjSMzBtOmopD%2Bc4A
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBzsIsZHvoG0fW3pNiRL49aSYdlJV3gnfKBPMLolaFPDEHwYBCDpxOCrBjABOgQtwj9GQgT3AIRp.et%2FFO%2Bbt7%2F0aDmgmQMMkeYflsvFZjSMzBtOmopD%2Bc4A
.mediago.io/ Name: __mguid_
Value: 81fa84b7253670a12lg89600lq24avxb
.rezync.com/ Name: zync-uuid
Value: b440e6ba-99da-46db-9c1c-3339f14a79ac:1702371945.9327953
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IuRGAMAwEwAqIXIcYyydbc3QjPxRESEilZASEu1fybpZX6yHkDLE2u3DoEAA81cIZ41DPBa60uhPFWXGn7cumsOfnF7PY5lZaAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQyNzE0NDc1sxDiM9QNL9KN90l3jzLPKDMAAMc2f9glAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRHAIAgEwE_aISMeyly6AdRCrDy79_E0a3tmCLlCbK4UlpYA4FELZ9Sn3jpcaeMlunPgB-NUOo46AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQyNzE0NDc1sxDiM9QNL9KN90l3jzLPKDMAAMc2f9glAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNykkOgzAMAMC_-EyqOM6C8xmUxZWilrQicCni7-U40pywfGVbU5e-Q9y3QyYo73ZrQDxhtN8qL4jgULOfnSc0wSIG52e4JhgyRvv0pdX7ZGu1-JwUc03K-poVFyyKiPiJNgVOJWLQhgKydQ8mE9gRXH_CWyYG.ZXgiag.95iN-bqYfFOmMaZIZPds9L_sED0

13 Console Messages

Source Level URL
Text
network error URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=85d54f28689b6437
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://kpmediagaua.hit.gemius.pl/xgemius.js(Line 989)
Message:
Mixed Content: The page at 'https://mail.i.ua/?_url=/?_rand=1400942705&phcode=a84daa13c5d8594bb69664fba0da1543&_rand=1702371941' was loaded over HTTPS, but requested an insecure frame 'http://ls.hit.gemius.pl/lsget.html'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=bac73b088ae07ba7
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1cbf7047-5cda-4c30-62c6-3f6f68f7fc5d&reqId=2dc61fc3-2841-446b-56e5-3b54b8de5d3f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b440e6ba-99da-46db-9c1c-3339f14a79ac%3A1702371945.9327953&_=1702371945.9349144
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

736d068f792bbbd2cd3286c2b65ddd4c.safeframe.googlesyndication.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
c.mgid.com
c1.adform.net
cdn.admixer.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.mgid.com
cdn.umh.ua
cm-x.mgid.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
cookies.nextmillmedia.com
creativecdn.com
csi.gstatic.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.rcvlink.com
googleads.g.doubleclick.net
hbx.media.net
i.holder.com.ua
i.i.ua
i.liadm.com
i3.i.ua
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
jsc.mgid.com
kpmediagaua.hit.gemius.pl
lb.eu-1-id5-sync.com
live.rezync.com
loadercdn.net
loadeu.exelator.com
ls.hit.gemius.pl
mail.i.ua
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mbox2.i.ua
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtcdn.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
r.i.ua
rtb.gumgum.com
rtb.openx.net
s-img.mgid.com
s.amazon-adsystem.com
s.e-planning.net
s.zmctrack.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
sghb.adtelligent.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
st11.rcvlink.com
sync-tm.everesttech.net
sync.admanmedia.com
sync.adtelligent.com
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.tidaltv.com
t.trafmag.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
vid.vidoomy.com
x.bidswitch.net
z.cdn.adtarget.market
z.cdn.umh.ua
bn01.er.bemail.it
image6.pubmatic.com
sync.tidaltv.com
104.18.2.81
104.18.36.155
104.64.126.246
108.128.254.201
124.146.153.168
13.32.27.113
136.243.84.74
142.250.185.98
146.59.30.108
15.197.193.217
151.101.66.49
162.19.138.116
162.19.138.119
168.119.72.236
18.198.126.47
185.15.245.82
185.184.8.90
185.187.81.40
185.83.71.234
185.89.210.122
193.0.160.130
193.200.65.5
193.3.178.1
193.3.178.3
198.47.127.19
2.18.160.23
2.19.217.60
2.19.217.66
2001:4860:4802:32::3
208.93.169.131
216.52.2.16
23.35.236.201
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:1::6813:834c
2606:4700:1::6813:854c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:6ea0:c700::19
2a03:90c0:41:2801::62
2a04:4e42::300
2a05:d018:d29:3601:357b:9971:3f66:201
2a06:98c1:3120::3
2a0c:5c87:5239::2
3.233.244.31
3.71.149.231
34.111.113.62
34.111.131.239
34.160.236.64
34.202.194.6
35.186.193.173
35.208.249.213
35.210.239.72
35.227.252.103
35.244.159.8
35.244.174.68
37.157.4.29
38.91.45.7
45.133.44.4
5.79.65.76
50.31.142.159
51.83.200.186
51.83.220.94
51.89.9.254
52.204.248.204
52.210.15.1
52.214.242.160
52.31.22.181
52.46.128.147
52.50.56.243
54.162.68.92
54.166.150.36
54.170.64.73
54.194.188.15
54.90.9.38
54.93.159.119
54.93.159.64
65.9.66.104
67.202.105.23
67.220.226.232
69.166.1.35
69.173.144.165
76.223.111.18
78.159.118.240
8.2.110.161
8.2.110.26
81.17.55.122
85.114.159.118
91.198.36.26
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
008506a053ee25e0c163958199289bea93a59974dac377d046c0bc59d89185df
034fde29adc7ba797d885562222ac755e0708afaade34c34b2ef4a8966d38eb6
0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d208f358df51b848ef558ec83caf90f820d52c809ea658af48bff5faa6c4d42
0fa18d19a86844b255321cd7be5ab5617cc97821b19721d8e884c8b99b7d7d4a
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36
12b2d6c5e0f307028d435580a2b035a2d4216257253e152cf40097979a2e738b
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
1529458c37bff2e35cc59227716069b4b31d902505b7a4c0688d27821538b49c
1655ac55bcd6a12d606295310f4aeb0bdfbffbc9735f697045d5097ab74552f3
16f3c184c1810a331ad2a0ca125b30f2de1af11405d1849e9f1237a2a1205c0b
171f09fd80d84f8a25f6f9720003055a429d9692a79646acfbd5b397eb32a273
177476a3a84722cd966c2d2a2c91762e9d28857739500da230cb7ecfc03d1399
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1b5ea49319f2cf9ae5b9cac79535023ef87a5806cc25891d995be984ba08d2cf
1d4af9cf7fd74a43e7640f0d828823068c6d6dfe7688ca8a122cc1cf6fd6ca03
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2161f6ff9d9058bdc23945a8d836d51411e84c5f8691b8f1587865db7cf6436c
2303b7255401bd9397eebdcea376f70c725253d0b1e3c8c31a6f15390da253be
244d49b6e5b41166e0dc0ce3727e4dbed9b9783efa6d77891c96eda2c545c7c6
257ae897eb8307e45ebba08e4b65969625e876e20d3b99c9593f3e5bab3f7db0
2bcb06d6faa4ca062642d7b2e98970ef0343614d2ec8364f52d2a78d42b3732b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f0e6bcc3981eff2f7a6fd41c8be5a86536c92430eb80aca24ab3ea37b25efae
31483c8f04ed064965e287052547eab869bdff9e71e45e9a1e18e753f42f2b2c
337214d0914d6318337c9e59df0710b824942ace8c800f4bd85e1dbd47e34bac
349ef2a9c75769f321468a3b8b83818343859da1c13612a2681178b914f920d0
3569c9eb61df167a8ebb076fdf347d90c541bdfc2aa240c6f96bd43bf9389483
3610ab58586e4ac937af60fe2e086cd4d6385568d85a4c94bdbe086df6a261fa
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725
393f0553def67e5d57da3b8e65dec4c5b5b4392f04337436730b0fdea0abbced
3acde6ea47287711d6135843bc3c6e4f381e3cf6d12bba8f1651e2b606910854
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed712b40814e5fd57231d9c472f6cdfcf76c03abac37b2fdc70d2913e5c3487
3fa4bf0728088a381a214a7df2808814c419a6e0cfcf6f416c1407a9eab79c0c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fececa76e51743397de4d63925b41e27f67fc31fab7d1bd0f0f016d74eac7b6
43ce5e5fc944426f117531e92e0f3b86daa5fd4d4a9230a8019fdb5c1e2d1dd1
452d9c1844b0c1058c0d493e2b1f6c1d40d1e0f43232424705b273ba211358fd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ad9d39cf8b460ee7c2e8aa06966a4617eb2a0661cf979f9bc574f8264ab061
472ab3eca492a98354bfe4640f61b328bc3c81a213cd8e04032cfe046568e0b1
47d5b3a820d9a21b83f1af6da60b95c508549901ed8ac503669eaf337267a29e
4888da081350832551211e0cf8535bce5ca4663a313cc3df2476a3486728e840
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49766682bde6d2f02df6f66533b43d4da3bb720026972ceec22f70a7e77cac6b
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f991511863788a5cd9a942e983ab90e740cb9773c85d7643217493337c4c9e7
50c5279b3391cecc58ffb0cb27f0cbd874a14769082a9db92685a6e5aba3296e
50e2a5f33637de4ee4d09282dee4ab89bb7062106beb01baa4fe97cbdddf25e4
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51ada7d1cd0a5eafe15c197eaffb3c894215be85317b53247d707da723ff17f6
51bea6ed07028434e168fbec1f0f86c448049b241e5923bcf5fd7f824dfb313f
52c4a7f18cd91fb5c3a3e955e01353a2be636ce493e520a8d92fa9c0df88de98
53a096ec0c9bd961136c5cb8de90ae849fb71086bda7843c0e41051b6f394222
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
542cc46f11a70013658d2dd9e62d2c55fb5f1061c53e44c4c4d71ed43bcdf3e1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ebe97a2ccdcc5a926252b225bcab2251e3088fb65d761930018d444759f819
56d1f1f3e5b1add4f774ea6c58dbb722abd040454ccc1cc1ce38e9fe98e9021d
60169bd3547d9fa4414e6a31dc6fa32b54d419822b712eca6942780e0ab195fc
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
64af276432829f203bda40c6c6171b897c06655253b5ec8ae74286fe56e1cd3d
65029e900759a60f601706d0c795dbd1448e8214a9edcbf371673a6e0dd6a86e
65c61c40760fe63a744db98c844aa1b532f1618d417577ec9655bed857bda223
65ca33ff5409cd49923396fc75dbcc4095140221712ceae0d690acbf1ab146da
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71604723f65bd247f578d1a2b876aff61ef3f5f3e05aed4cd07bb182b4811014
724e76e07862b2791ab59ce70d9dc7f779f72315b168c99ff47ca61e052bfe66
749cb40f1a996de80d64e33cb37c991c759c01da6a9d2f5c4333896b01f752f6
77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
860e537ddfaa2df1dc73ba7fd8bf180cbb21bc9d0441a9b8ab436bad1032df6b
892a3f68ef325ee1b088af1095e00462a097085b5b6e2068f63864f12b1e301b
8b5bd8933f666a7f33af4f9f738d5218de828b4f13f670bef8fea71e25a398bd
8be3f4982564309b2d6b0fb729f11fd1cd0fbe5b9b0c1ff940dcc17a18e5727b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8eb3d8130e2d91cd2fe730fe82b5038a4c136ff6a8ee579d41ff9961d6d1a002
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90d45ef29e6bf562a2ba2cd5c2cd10b012424963627c655d3fb2e49802dc51f3
91ecc58418e617c747f0ebc35e7ef6e70044d1e9719bb2cd0b78070844e03648
937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5
97ce8ab21f20c49ac4f5f581cbf8dde59b5c314ed7c97c6fbb1a1e21e6b63541
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7243451921227894ad5f7c2adad8e72a5623bba8b1989df1bf41c273e1042b
9d7e05394c453c06a28d61f7392c914f484fe0ee48f35272fc86af391446dcab
9da88e942e6aee489526e53e74f2eebe0788e57037a3056a4e883014f326d7d5
9e192c46bc94d4b82876ea77dfa89178ddc94448838f4b778ef8094d40dbbed3
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9f016774df5e59fc8f05121990145bcd52ff2abc3d9076e81372c9c30c75b0f1
a22e14df0f1c54ab4414eb691343cbeb487bc4c5d7d191875cf145fe792f485d
a2b45b437a8660ba95b8dfe43aa2d97eedb985e102f8f19bcba82a935c5d27aa
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a7fba677b115f54d9fd24bdcbdc9a135364921fe7e7b7620794d795d17654345
a9d7da35bcd9bae6d7ab060ab6071e48e276c6c2c486985fbfc51687b1ddb678
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac124562d4e62b5f41f02e8112ee595f502823a4dc3ca464ce0b242750ff99ce
ac15ec9e401122665e1a33cd2153863fc6987b4cd251600b80797b90557f262d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d0602272ae1a1a50d071170b1d810f3a09925fe2e530a739663a7f12e3f98d
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd1d11f1337506016b8a8aebd681ea681a2d3814d95d91706b362a9e835a23e5
c0c45f51143e6594b411d4380226d7a5796b2ee70891aadaf2a9cc4b482db479
c157ff5f7534c52dd604d5191c8e2e0bebb27d2c0f416854694e7629f1cb65e1
c15e3418b4ac072eed73a69cccca4e7167c566d4329b48e1637b57cc89205974
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5a82d67fbd8c8f33b22a6695fdc31b2ea98f68bcd5f11638dadb39bead51b01
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c64ebbe91423295cf2d42239beb066b22d8706724664f6cff0f52510fb8a5d66
cbb4c057874d7d33d0749efb027fa72e6b605721a1feabe5bddfb56232d5e04f
cc85d029a7d31ef37c550c5f7b3dde8bee645268b15998093044b5d1665f5fac
cf40dbd9ac7bcfdc3b5715a31add6d9515a6ca9ea83242481f6ee496acaaa849
cf86d359d1531aee2e46233f03df7649a5ef3041f9550ff063ba329d25103229
d07a6552fe34fd360d7d21dccd4beb9483a0eb7fe40722d03939a94bc3ad6a84
d24cc4f95e97c25a9f2724dc01d909dadb52d8ded26ac9d12c577bbc9cedb7fc
d2d56e94556e81fa9c97b7c6c205815afdd259bcdc70ec71533b3886366ad125
d41478a8574c785058d0145576d696cd83de38a293b6f20d553bc5f69c78501e
d80935360fca46968bdc6d751c7178e8f224eb12537892e0c9b0a7bd16eef73c
d84d54f4e96317f8e291920e22df78f0cb124b96bd77e100ba5b1ad169e31e4a
dc2cb56fff3c10eb3f947a10bdc834285f0f6dc683f32a59093a903ab1e91b78
dc4173b5d971092a2348e789557335dd25ee12f66a7d515f7e0dca784f08966b
e0754399a6b65b8ec41171e4462edad8a3105cb0e624aceb45d64b05d718b8e2
e12e35bb2ca2751547497b7502ccf31e7d741d0a304e22ee0ab54dc39259067b
e19aa447415587470070a9807f2b44521b3b28ed65fa1d47487583ea4fc7c60e
e22fac23ccb614270d216693c693b77fa55c1f70697adadb977fec87ba172002
e239ed95f8ae115d26ffc1853c294dc0600f1ea2ccf1579168e55771d7967fac
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41bd3b8641f3dfe297a253350bea1fbbaecd985c32fcc8dfa0fe0763a5058ff
e4e0d473d7efcb21c4a9771ad16f2ba9ecca65604a7ea3766623b712083488c4
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84
e9710e51e46c0a26d27d206d57af3008db98cdca987c3be5334c961021be3d16
ebbc5c5d4df8cd4d73deec122f1920fd2387a5dd732bd0530c552fb724881b2a
ecfb90a3105673d42d9c01f46315177ff97007aafc4719c2cff449fee59a9837
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a8a2ea9bf731fc6eab9182fa72487824f8f7a1f7e85d1167df39b471783c33
f20bacb42e7edfc7a932b2550925cd03d906e2227f0544edaa9d316e69aadfc1
f594dcd7eac776282211980f6ce750ad8acdcdbe6ebde40c4c922cfb5786f5af
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615