znaj.ua Open in urlscan Pro
2606:4700:20::681a:2a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://znaj.ua/
Effective URL:
https://znaj.ua/
Submission: On October 10 via api (October 10th 2022, 2:38:25 am UTC) from GB — Scanned from GB

Summary HTTP 89 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 20 domains to perform 89 HTTP transactions. The main IP is 2606:4700:20::681a:2a, located in United States and belongs to CLOUDFLARENET, US. The main domain is znaj.ua. The Cisco Umbrella rank of the primary domain is 304089.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 31st 2022. Valid for: 3 months.

This is the only time znaj.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:20:... 2606:4700:20::681a:2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::ac43:8597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:a0b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	138.199.37.232 138.199.37.232	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
7	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
89	27

16 2606:4700:20::681a:2a (United States)

ASN13335 (CLOUDFLARENET, US)

znaj.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:8597 (United States)

ASN13335 (CLOUDFLARENET, US)

aixcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.aixcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

s.getstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:a0b5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.getpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

cdn-b.notsy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.232 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-232.datapacket.com

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com 7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 170 pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	143 KB
16	znaj.ua znaj.ua — Cisco Umbrella Rank: 304089	332 KB
11	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 171 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 304	196 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	487 KB
7	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 11775	9 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908	4 KB
4	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 136	2 KB
4	aixcdn.com aixcdn.com — Cisco Umbrella Rank: 228490 c.aixcdn.com — Cisco Umbrella Rank: 252375	12 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 334	3 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 391	47 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	40 KB
2	notsy.io cdn-b.notsy.io — Cisco Umbrella Rank: 54426	186 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	72 KB
2	getstat.net s.getstat.net — Cisco Umbrella Rank: 248015	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5221	792 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 492	2 KB
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 46425
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2523	501 B
1	getpush.net cdn.getpush.net — Cisco Umbrella Rank: 64747	18 KB
89	20

	Domain	Requested by
16	znaj.ua	znaj.ua
11	pagead2.googlesyndication.com	znaj.ua googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net s0.2mdn.net
9	tpc.googlesyndication.com	znaj.ua 7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net s0.2mdn.net
7	s0.2mdn.net	znaj.ua s0.2mdn.net
7	a4p.adpartner.pro	znaj.ua a4p.adpartner.pro
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	c.amazon-adsystem.com	cdn-b.notsy.io c.amazon-adsystem.com
3	www.google.com	znaj.ua tpc.googlesyndication.com
3	www.google-analytics.com	znaj.ua www.google-analytics.com a4p.adpartner.pro
3	aixcdn.com	znaj.ua aixcdn.com
2	googleads.g.doubleclick.net	znaj.ua
2	7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn-b.notsy.io	aixcdn.com cdn-b.notsy.io
2	www.googletagservices.com	aixcdn.com znaj.ua
2	s.getstat.net	znaj.ua
1	fonts.googleapis.com	7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com
1	c.aixcdn.com	znaj.ua
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	cdn-b.notsy.io
1	ym-tack.b-cdn.net	cdn-b.notsy.io
1	www.google.co.uk	znaj.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.getpush.net	znaj.ua
89	27

This site contains links to these domains. Also see Links.

Domain
t.me
invite.viber.com
flipboard.com
www.pinterest.com
grosi.znaj.ua
life.znaj.ua
kyiv.znaj.ua
www.youtube.com
sport.znaj.ua
breaking.znaj.ua
news.google.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
znaj.ua Cloudflare Inc ECC CA-3	`2022-08-31` - `2022-11-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
cdn-b.notsy.io R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://znaj.ua/
Frame ID: 30839250E4279E3560D5874F543E9955
Requests: 49 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=a370d026-aa81-4c5b-8a93-92ea22c44149&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Frame ID: 5CDCCDB0B38B9F7210DEDDC579CAD2B6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=59207650057788960&apuid=934b9bc4-4b9b-45d9-931e-11136f1bc9ab&session_pageview=1&session_id=a370d026-aa81-4c5b-8a93-92ea22c44149&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Frame ID: FA3D4E90E83162A33AC9DD0539092408
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522934b9bc4-4b9b-45d9-931e-11136f1bc9ab%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Frame ID: 6371057D6AFE174F1DB8B040C5848BFE
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522934b9bc4-4b9b-45d9-931e-11136f1bc9ab%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Frame ID: AAFAA78540748D66FE6B9A07F86758AD
Requests: 1 HTTP requests in this frame

Frame: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9123A8FF7416FA50C87DC0D73811EAC0
Requests: 1 HTTP requests in this frame

Frame: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F68D1D5D3C3893B292F614F6797512F5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARiHy5SvATAB&v=APEucNUaoTmidY6CaBdGK-EhDAiDUD12tXSAhkkf7KCcjXZC5Vvu8jEWO_b8obcP-WB9icDSMwektEt9nB-KpjENodClNMoHxgIo7zsYLfaAEvC4fdWGdOQg5rb0V2y8ZwZfjmrx_OL1vJ2bCu-vF02obhLcEqoCSbKO4i5PPJ2lWl6JQJHhYUs
Frame ID: CACDF0BB3A81609E824D5E2796C9D470
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dtx7fAsPjZvbihsnT0yozgQwxQjSVunKEIvDizOi9-25IYhoiLADz9t0nT46LRs3YMBFqnAQNU_QdtLGNEwr11usY1ZR5eCrZ0zdgPq0fFpbpcXLG3cjS5cDnPUh5z-32vY3SVxjzEhzWurUC0NzrniW2CyaW-5ZD5sVEYc6Z2IxMtbKo&dbm_d=AKAmf-BNkrCZuvj1gYtw2zbpNVi-di9ZCjmKBuhAxjIElYZJ2HSrLgXUfa1G82U9rvKihx6E5OWnn67hVFiYIow5FQw-MC5kYK1dAcC051bRrDgOuEiDZnNuKXOWIwiu8WclTVAKNAkA6Icfvsp2x00he2uDIJxFXWTUI9VTUfy_AkSZvUUWXWrravxzlkBv5wfx5W2JCTJyVGfRJ-EVkGxa4Caknv0qWA_Ob5LP4H1RgxvnPHSUQTZ1bw8UcAvAP2cwGKPqurxAJGQAKY1ylpy4zgDifdW2xnXvCvEexIG9R9q3Yfhlpxi0zrlLdA0yUJfEifHCTUMEBQ2X1h4mWuG2nVEZDf1gpZ-GIohA2psbASu1Xzib9dn0PSJDcLgl4Ah7qFgqFV67-qQAGqlWoDs0rXFFSTSM6UANH7mNPcADM0S4oEfn-ofT2ThJlFZJ58axIJYs9g4VtNBx3Xq6CnGfnViBE5s2nrhwanhkUBcBv7g6Nb39uf8p3cTRFbXyPEjnGtmBLFXj6yZuQMcjZWcgga89PIahyYZsiUIzp_HLzmbma_clGhjilQgrbkjrbImECZapNB_kTUjUVxqgJD_wUFm0D2xHnC63lO5kao5IofQAFsMkG03ZqPKwzBsT4AP46GNqXKl2IUEnUVS1XfXSM0gY8Qt1xiaWwBF8erf4Q7VSi3UMazhlMK4fkL88hgCaae2PKgr6LMqpD2LnBT3pdnznCKZrEKfHyEYT0H0Lm94DrTkwXCC3w6WUn0w6bwCkgEiCqXRdfYEPSrZ9fOnpkZHGKyAg4jC6ojAxJ6pMxBAN5ky_ykyPeDD1qE0UGfWuLgtvGuvAJbDh_kIrQ9g_eVOiMFs839lOgULOIhircvO5psmiGqS5zk9MhZe94Ik-E69EblU3jvilElogqyPq8Rn05Dfj8NxRLcQdhwR35hhnh_hkYy51CkKjsabcdl9AoU7ednKwgtM05t4dpqddcNUKx8Yh4iD7EWg6v4QZ0Kh4OzUiVMu36h2-ROkWrGvLbYtz2QIBMYkaxa0W4Oy6PaCPyrKBsIUy3fpTNSb5nmBcW1ZM5VBFK1JiIZe43Bd5jJ9c2_M3AXwxzwFOBZDhXD2BZSucit_fJrTJS0DDVNQ2M0ahX8fWQ8rjRVlI9bLVlWG23lPgeNLVCIQ1pO6EyCdPUpvDidliar6rRTK_xtplht3KxXPVwWiu6_iMK1U8RFTFyP5rde1calPuh6p4Q8ogEZvh9-djXZUcucCTTDTnm8GX-3PYTMGFn4aAD68k2QEO8Vbk_bqGrmFiqFsDYjwcV4l9d1f2UJVdQEZNE_j86NGJIIiaydsMIUT12OpWi3KmsXcrp-IdVQn3LUwEUZJa2PJof_1p7YRAp9EkONgDG4iuqYtu7gIMiVP7v1T_TdVV3Ef-spvUbhsvIYESbP9Ag1WzLcG3jSGsn_3a1VsTcLbjAtFGHSlznE-HuWgHmo-kPm6q2py7jlchn9da8dQ7B_Z32jt3urnVusIZOF5U_KqOAxoqdAbzjWYmcKmcO1TKLtzMGBVvOzVi9AnLMCMAWeKujGHvaXK-4jQTNmuUXzqSggXNBUTHgyEdIJ4eCbwiWdEAsPZyMqrp9OzPhwOgbVhzL7n0s5BczBNDv07tGcUezSxB_ZfxC5aGJiJHoNrmu5iTXjWLy0l_KU23dhxvAaakodeA4u-md5oJQ5zr4TZWREcA_3Y58iBcbeReLqEIvyI5CLQovkcJ8j8NGbLSJeJlFjGCctlsZOjcVTN56l4O93lmqOEg30Uuo5JvPuH_GqHwLoGUpzUUziJK8dkS2QzmeoAdlFDgVxe1jx7FJ4BPPfeaWRVIgVUoERUzjzs8vHCtpWwWXzBuQ-oxSIyTy8r1mF62qoLWdqNJXdVwe7VyWJrHQv6Pt8WKGo33F5dUY_rzf0WpT2t8JwuZax16HzeeiquYwCziBZPRt0KETdB_zCBr0ueXB92JWWtu2mG_E6q_czEMkAWa-bxYbKB5p07wbN5HU5jX-Dqi50Ga9L-x8WnDOEE6D9lVoLTH0Y_Ed2CU8CYT9LzIFtzuzkyEYmOFVWLup-iC5hZ406pzYkq8mYjYfg7X8-7N9fktd_o9GneDQoNY8PhwP0aKIdQzitp7zoW-Di9eR9B_xqw0tWVntTw7kw9cReFrPQ45D4NjtUBQC3iI6aKH43jDNCJvqgUfWWvfbJ0-QL-H1eFTZdIxMppaD0DgtUUvcyvSvRNoc5FJijx8ecRJCQzrRyrF20-grrSfgpPKwgw3XffRUjBLzkX0aR4VylZ8G4gXhNXv0z52hAwXTaTLOAfpkI_z_-TLpUyWj-8tpdi38GcNc80cj4aAE93vdH7pc-veKn5eLkEf1vX0EOb0PiQ1cLSGPP8FhwJSV9FrbSxPX4ISl72ds5WG9zhDz4lsSqFduGlRyUvW_NAVrEMAO1rSJ1epGt59q6rxzLCnqnoojtc4QrFpnqmE-R_njAstq3ti-VLdRdTde3Mm5548ON6jf_mTOik7BE7XN8yt516BWRoKdNZIiBKPWJdHDHakdDoXm3FiLWt0Y7IaMVHPJYcNlfyE5GxmhTlvtWoqsEi-Co6-LHVmQKasIbyXOauNjsxcW1ZRK-2xFsPhpFq_y5SVZboUXi2_XDR3mBHfEtJKXl0NiN_vYwyVDpRbTUQo2XBZOIUBni39hHHiir-CO8t4hWpIY1yzyWgcEXc_1DsRgm3o9zEcXl5q7r4TbHi0xT_Fd91nxWYKt2aTqToaMcBQNqGGDpXpxj3w7AHi10MzSxXQWzRG2icV93hFKp5RWN4lcOotSuo290JgVtjnBVDQ-YYofwg5Df3BTliZOSW2YNk7XOO3dNIBtfwsxLGInvKa7bUblDPwfSvGBJtErO_A90ovuojzN0HoWO6awDzMMvpD7SgqvHY5XEYPi3xvgiGbKtKWN88yPsN1Z4PArD93nslpcHDcgVY345qSmC2DVTEsyqv2J6XeJBH7pKCuwVUGJA438_UrQY9hvs9N-B2DBEXHVilNa6gQRbUL5o7NqyP8eGf3dZZPg2UXCjL_jSVCOPszyw12Wlf6O_KAo-aSiBTjDciKcdoLx3RWsAutBsw04RMxQ4ZuX0DJVPclebVjfpoVdptoGvnhxnNy3RiBFg7J8eNTg_vT1i5zOCStcsqeZB_pWaNy3QzyJlzOl0BMgL60AuddTX93BRsWpLLrpzOtuOfcAQ&cid=CAASJ-RoWBxyvLCWv_fPQ4MuW3c-jnxRrGTGEhtvLI9M0Y4wtanI8nUkQg&rfl=2%2Chttps%253A%252F%252Fznaj.ua%252F%240
Frame ID: 175DA1301D34D41ECFB701853FADAC29
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11696667625940582400/index.html?e=69&leftOffset=0&topOffset=0&c=DDRDcxoIqL&t=1&renderingType=2&ev=01_247
Frame ID: 29872EC0DA7EDD99367B2D1BF3408A26
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E0B4499DB06A5548EF2C04D72DD875B0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EACAAC62FE5E7AC5255BC774EA929DA6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9F0A0EAC2F7CE6A10D1777AC3E1760A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: 3D64A94A176B8027FB08076AF9A656D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Свіжі та актуальні новини України, Києва та світу. Znaj.ua

Page URL History Show full URLs

http://znaj.ua/ HTTP 307
https://znaj.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

89
Requests

96 %
HTTPS

73 %
IPv6

20
Domains

27
Subdomains

27
IPs

5
Countries

1557 kB
Transfer

3544 kB
Size

25
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/znajua_channel

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQBHp854yy0BjknLCovlazGCqvAmipQtzJqWDxlaZXNq4%2FMp3TOY868DzX9xyWLg

Search URL Search Domain Scan URL

URL: https://flipboard.com/@ZnajUA?from=share

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/znajznaj/

Search URL Search Domain Scan URL

URL: https://grosi.znaj.ua/
Title: Гроші

Search URL Search Domain Scan URL

URL: https://life.znaj.ua/
Title: Життя

Search URL Search Domain Scan URL

URL: https://kyiv.znaj.ua/
Title: Київ

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwgXH0dz8d8SiYeMLg9WtIw?sub_confirmation=1
Title: Анекдоти

Search URL Search Domain Scan URL

URL: https://kyiv.znaj.ua/439998-goroskop-na-tizhden-10-16-zhovtnya-dlya-vsih-znakiv-zodiaku-ribi-pid-perehresnim-vognem-a-strilci-pidut-u-mazohizm
Title: Гороскоп на тиждень 10-16 жовтня для всіх знаків Зодіаку: Риби під перехресним вогнем, а Стрільці підуть у мазохізм

Search URL Search Domain Scan URL

URL: https://kyiv.znaj.ua/439986-ne-pospishayte-kupuvati-radiatori-opalennya-likar-komarovskiy-poperediv-usih-ukrajinciv-pro-nebezpeku
Title: Не поспішайте купувати радіатори опалення: лікар Комаровський попередив усіх українців про небезпеку

Search URL Search Domain Scan URL

URL: https://kyiv.znaj.ua/439993-deficit-ta-visoki-cini-na-kartoplyu-na-shcho-chekati-ukrajincyam
Title: Дефіцит та високі ціни на картоплю: на що чекати українцям

Search URL Search Domain Scan URL

URL: https://life.znaj.ua/440003-ukrajinska-komanda-peredala-viyskovim-200-banderpechey-ranishe-shche-300-volonter-krishtafovich
Title: 18:40 вчора, 18:40 “Українська команда” передала військовим 200 бандерпечей, раніше – ще 300, - волонтер Криштафович

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/439977-maks-barskih-pokazav-hto-naspravdi-pidirvav-krimskiy-mist-alan-badoyev-ociniv-a-teper-po-kremlyu
Title: 16:10 вчора, 16:10 Макс Барських показав, хто насправді підірвав Кримський міст - Алан Бадоєв оцінив: "А тепер по Кремлю"

Search URL Search Domain Scan URL

URL: https://kyiv.znaj.ua/439926-yak-dopomozhut-ukrajincyam-yaki-opinilisya-u-skruti-na-shcho-rozrahovuvati-lyudyam
Title: 14:10 вчора, 14:10 Як допоможуть українцям, які опинилися у скруті: на що розраховувати людям

Search URL Search Domain Scan URL

URL: https://life.znaj.ua/439860-geopolitik-yuriy-buzdugan-rozpoviv-pro-chotiri-rivni-vedennya-viyni-na-yakomu-zaraz-rosiya
Title: Геополітик Юрій Буздуган розповів про чотири рівні ведення війни: на якому зараз росія 8 жовтня 2022, 22:20

Search URL Search Domain Scan URL

URL: https://life.znaj.ua/439925-tribunalu-nad-putinim-buti-oleksandr-kachura
Title: "Трибуналу над путіним бути!" – Олександр Качура 8 жовтня 2022, 12:36

Search URL Search Domain Scan URL

URL: https://life.znaj.ua/439886-oksana-davida-rozpovila-yak-zhive-ukrajinska-diaspora-v-ssha-zhiti-voloditi-movoyu-i-todi-vzhe-prinositi-korist
Title: Оксана Давида розповіла, як живе українська діаспора в США: «Жити, володіти мовою і тоді вже приносити користь» 7 жовтня 2022, 23:45

Search URL Search Domain Scan URL

URL: https://life.znaj.ua/439891-bogdan-borovec-rozpoviv-yak-amerikanci-stavlyatsya-do-dopomogi-ssha-ukrajini
Title: Богдан Боровець розповів, як американці ставляться до допомоги США Україні 7 жовтня 2022, 23:20

Search URL Search Domain Scan URL

URL: https://life.znaj.ua/439890-uryad-ukrajini-povidomiv-pro-novu-dopomogu-yaku-zmozhut-otrimati-zhiteli-deokupovanih-teritoriy-katerina-kotenkova
Title: Уряд України повідомив про нову допомогу, яку зможуть отримати жителі деокупованих територій, - Катерина Котенкова 7 жовтня 2022, 22:45

Search URL Search Domain Scan URL

URL: https://breaking.znaj.ua/
Title: Важливе

Search URL Search Domain Scan URL

URL: https://breaking.znaj.ua/433309-sudna-kolona-z-yadernimi-boyegolovkami-projihala-po-vsiy-velikobritaniji-druzi-ukrajini-pokazali-putinu-svoji-gorishki
Title: 27 липня 2022, 15:50 "Судна колона" з ядерними боєголовками проїхала по всій Великобританії: друзі України показали путіну свої "горішки" 27 липня 2022, 15:50

Search URL Search Domain Scan URL

URL: https://breaking.znaj.ua/410757-astrolog-vlad-ross-zayaviv-shcho-nazarbayev-maye-vsi-shansi-piti-z-zhittya
Title: Астролог Влад Росс заявив, що Назарбаєв має всі шанси піти з життя 7 грудня 2021, 16:17

Search URL Search Domain Scan URL

URL: https://breaking.znaj.ua/410763-monastirskiy-vodiy-vantazhivki-porushiv-pravil-dorozhnogo-ruhu-shcho-prizvelo-do-smertelnoji-avariji-pid-chernigivom
Title: Монастирський: Водій вантажівки порушив правил дорожнього руху, що призвело до смертельної аварії під Чернігівом 7 грудня 2021, 15:59

Search URL Search Domain Scan URL

URL: https://breaking.znaj.ua/410577-pristrit-ce-vpliv-na-lyudinu-i-na-jiji-dva-nizhni-centri-tarolog-anastasiya-kazachok
Title: Пристріт – це вплив на людину і на її два нижні центри, - таролог Анастасія Казачок 6 грудня 2021, 14:17

Search URL Search Domain Scan URL

URL: https://breaking.znaj.ua/410311-viluchili-ponad-10-kg-duri-na-poltavshchini-vikrili-bandu-narkodileriv
Title: Вилучили понад 10 кг "дурі": на Полтавщині викрили банду наркодилерів 3 грудня 2021, 16:41

Search URL Search Domain Scan URL

URL: https://breaking.znaj.ua/410260-4-grudnya-bude-sonyachne-zatemnennya-u-znaku-zodiaku-strilec-numerolog-nonna-musalyan
Title: 4 грудня буде сонячне затемнення у знаку зодіаку Стрілець, - нумеролог Нонна Мусалян 3 грудня 2021, 14:07

Search URL Search Domain Scan URL

URL: https://kyiv.znaj.ua/439953-ne-davayte-groshi-v-borg-i-ne-torkaytesya-gorobini-zaboroni-na-ioanna-bogoslova-9-zhovtnya-tradiciji-svyata
Title: Не давайте гроші в борг і не торкайтеся горобини: заборони на Іоанна Богослова 9 жовтня, традиції свята вчора, 06:50

Search URL Search Domain Scan URL

URL: https://kyiv.znaj.ua/439946-elina-mbani-rozpovila-chi-zamovlyali-jiji-yak-divchinku-z-kvartalu-zanadto-vulgarno
Title: Еліна Мбані розповіла чи замовляли її, як дівчинку з "Кварталу": "Занадто вульгарно" вчора, 06:10

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/439915-dmitro-komarov-virishiv-pidgotuvati-ukrajinciv-do-mozhlivoji-katastrofi
Title: Дмитро Комаров із "Світу навиворіт" вирішив підготувати українців до можливої катастрофи 8 жовтня 2022, 20:20

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/439788-svitlana-loboda-nazvala-ostannyu-nadiyu-na-svit-groshami-ne-kupiti
Title: Світлана Лобода назвала останню надію на мир: "Грошами не купити" 8 жовтня 2022, 07:50

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/439887-olya-polyakova-otrimala-hvorobu-bagatoh-molodih-divchat-yefrosinina-vvazhaye-shcho-ce-ne-norma-ydu-i-virivayu
Title: Оля Полякова отримала хворобу багатьох молодих дівчат, Єфросиніна вважає, що це не норма: "Йду і вириваю" 8 жовтня 2022, 06:20

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/439863-aleks-topolskiy-iz-holostyaka-vzhe-rozstavsya-z-kohanoyu-ukrajinci-u-gnivi
Title: Алекс Топольський із "Холостяка" вже розстався з коханою? Українці у гніві 7 жовтня 2022, 18:35

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/439842-maksim-galkin-zgadav-yak-vishchi-sili-pidshtovhnuli-yogo-do-dolenosnogo-rishennya-vdyachniy-bogu
Title: Максим Галкін згадав, як вищі сили підштовхнули його до доленосного рішення: "Вдячний Богу" 7 жовтня 2022, 11:50

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/
Title: Показати більше

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/437694-aktor-oleksiy-panin-z-ispaniji-smachno-plyunuv-u-rosiyski-zmi-nakiduyut-g-vno-na-ventilyator
Title: Актор Олексій Панін з Іспанії смачно плюнув у російські ЗМІ: "Накидують г*вно на вентилятор" 12 вересня 2022, 14:10

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/417207-ninishni-ukrajinski-shkolyari-mayut-bilshe-mozhlivostey-stati-zirkami-sportu-v-maybutnomu-vladislav-vashchuk
Title: Нинішні українські школярі мають більше можливостей стати зірками спорту в майбутньому, - Владислав Ващук 1 лютого 2022, 11:17

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/407083-absolyutna-ikona-ogolena-superzirka-britni-spirs-zasvitila-svoji-yamki
Title: "Абсолютна ікона": оголена суперзірка Брітні Спірс засвітила свої "ямки" 10 листопада 2021, 02:00

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/407087-vidtvorennya-smerti-merlin-monro-legendarna-madonna-v-zuhvalomu-vbranni-oskandalilasya-na-ves-svit
Title: "Відтворення смерті Мерлін Монро": легендарна Мадонна в зухвалому вбранні оскандалилася на весь світ 9 листопада 2021, 23:00

Search URL Search Domain Scan URL

URL: https://sport.znaj.ua/407074-dumayut-shcho-vona-20-tirichna-studentka-babusya-zdivuvala-internet-svoyeyu-zovnishnistyu-i-formoyu
Title: Думають, що вона - 20-тирічна студентка: бабуся здивувала Інтернет своєю зовнішністю і формою 10 листопада 2021, 05:00

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqJAgKIh5DQklTRUFnTWFnd0tDbnB1WVdvdWRXRXZjblVvQUFQAQ?hl=ru&gl=RU&ceid=RU%3Aru

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/znaj-ua/id1473938906?l=uk

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.znaj.znaj&hl=uk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://znaj.ua/ HTTP 307
https://znaj.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOvWpA1HNg0hZUXNc4-93M&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOvWpA1HNg0hZUXNc4-93M&google_cver=1&C=1

Request Chain 61

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0OFnc2EH0dLNnRt-wqRQgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-9-g221BHAsn6Vmf7XWRI&google_cver=1

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOMA7V_AyELmWPxcOIghNIg&google_cver=1

Request Chain 63

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3OTYyNDE3OTIyNDg3MTUyNg%3D%3D

89 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
znaj.ua/
Redirect Chain

http://znaj.ua/
https://znaj.ua/

300 KB
61 KB

184ms
70ms

Document
text/html

2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bc2b86b7d6c7c2edf1fbf56f2122c36cccee4caf392df02b4f9a80499744e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: HIT
cf-ray: 757bfaacffd2770e-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Oct 2022 02:38:19 GMT
last-modified: Mon, 10 Oct 2022 02:30:26 GMT
link
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9O9W6OVZQ8NE4CpoTBaTkwJSArfC4QgDD%2FoI7DWJyAgdItedralPJutAF1mAv8wGAl8DIOgJs3LWl8JxdsyhlbWsiahplBISx90kqQ1%2FZOPejzwE9OsqtsDnbgGGzFXGd5jt4U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache-status: MISS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://znaj.ua/
Non-Authoritative-Reason: HSTS

GET
H2 200 3L0A2602zLyLHjFyaI7JHixWRUvMqf78PQgnaDf3.jpeg
znaj.ua/crops/da4998/150x100/2/0/2019/11/06/ 7 KB
8 KB 54ms
53ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/da4998/150x100/2/0/2019/11/06/3L0A2602zLyLHjFyaI7JHixWRUvMqf78PQgnaDf3.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0754b5f6a6c9f87517622a5b0d0135e4a776ce1dd80ae9c02907d0e3a7f1e940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096
cf-polished: origSize=7457, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7309
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Nov 2019 13:44:00 GMT
server: cloudflare
etag: "5dc2ce20-1d21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4HQp%2F40d1in6J%2FTzljjjXMYfIrRXBaCya36DqnwsMtdRGVyRccwgr1uibfg8Ets5Wb3YiwIc7C83r31Q1kFAbZcX38nE3kVlWqeWdmugtppg4bkKpaDV%2BVKTi%2BD7pm7UlxIbaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaad883d770e-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ukraine.png
znaj.ua/img/ 702 B
1 KB 50ms
50ms Image
image/webp 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/img/ukraine.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5163550
cf-polished: origFmt=png, origSize=992
content-disposition: inline; filename="ukraine.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 702
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Mon, 13 Jun 2022 21:17:50 GMT
server: cloudflare
etag: "62a7a97e-3e0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6pKsHkEb3YrIAbHqPdnjqJZhUaVEHRDTZVDU88a8mGjr5cvbqArZ24Yn8d2DJhdSSPH9Rjb0i%2F1ejvK47fALh6%2BBHD%2BnlUDJk4wZS429HawuwxOaUxd71MMu3nTTmrkWkjW2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 757bfaadb855770e-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 app.js Show response
znaj.ua/desktop/js/ 90 KB
26 KB 53ms
53ms Script
application/javascript 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaj.ua/desktop/js/app.js?id=d8b216e72b18bc82b328

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3504662
cf-polished: origSize=92589
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 13 Jun 2022 21:17:50 GMT
server: cloudflare
etag: W/"62a7a97e-169ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNOorojKlRxkziVCcsNPTB7bA50nSPBrmKTJQWSHO8JzCBVPQv%2FMsVp%2FNRdvxc70ZzpMEpbGfQ8ISS4npIpogYOeV7LUf%2Bgz2S4rJdgpywXZglBT3eC0aDEg%2BllQAxXw0z9axXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, public
cf-ray: 757bfaadcadf408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
aixcdn.com/ 23 KB
9 KB 153ms
51ms Script
application/javascript 2606:4700:3037::ac43:8597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/client.js?166537

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11510
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Aug 2022 15:12:27 GMT
server: cloudflare
etag: W/"62e7ed5b-5a3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3to59NzZpGP%2FVIgGJTak09oaLtRGeHbc59RWJtFo5v4UvtMkFrHG5YU0TxfSvyv7R9V2n74Ynuzgz%2FcRLdxum6ohSoXHVE8vPM3Csg0qG9ENHv%2BZPIIPpZC1fmh06dUh4tkmZ6UDlMK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 757bfaae7f3b7691-LHR
expires: Mon, 10 Oct 2022 02:30:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 168ms
53ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 01:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5780
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 10 Oct 2022 03:01:59 GMT

GET
H2 200 client.js Show response
s.getstat.net/cdn/ 16 KB
7 KB 151ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.getstat.net/cdn/client.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6989
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Apr 2022 15:15:08 GMT
server: cloudflare
etag: W/"6260237c-3e9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qom9m6VEEV28Ux65SXfJhIxl%2B61nbBNSsxYmMLPTgo6psG0MebPDZ10UA%2BP5wHB1Bvc8N3L3ZQvCdKtB3FPFXMORMi2Q%2BLM6V1nA5gfsLA1jTb3cekQSWHnCMpDGDMRGzc5A3SG%2FE7j9wLPA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 757bfaae79060726-LHR

GET
H2 200 client.js Show response
cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/ 58 KB
18 KB 153ms
52ms Script
application/javascript 2606:4700:3030::ac43:a0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/client.js
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3414
x-cache: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 Oct 2022 00:50:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gspvt9DY0AhdAiyNle4Xq3MYp4Iu8kWDTXgVu0HVUXVPZLppSg%2FBukaDHhiwXoDg%2FRBMJ1SNg3McAAUr9L2X3eSZ37clat2Hmo6%2FlCgZQLVqjb%2Bm0fcZbXFHzKywyU1V24r2maCYyQ%2BK%2By1Iif4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: max-age=14400, public
cf-ray: 757bfaae7e5e7756-LHR

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 oRxDdp81ExsYvaKnC0Da0zgcERKUlVvrrgdIEIa6.png
znaj.ua/crops/14b4f0/150x100/2/0/2021/10/28/ 5 KB
6 KB 113ms
112ms Image
image/png 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/14b4f0/150x100/2/0/2021/10/28/oRxDdp81ExsYvaKnC0Da0zgcERKUlVvrrgdIEIa6.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cc9d716d866c19f66cb4f1c0ca93f48de166a31268d72bffbd3f2a2d60e2757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5700, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5573
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Oct 2021 06:27:45 GMT
server: cloudflare
etag: "617a42e1-1644"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McHL%2BArUQiDk8%2BLjTmJF56j8rXAf3jnGP9MN5MuUYCxujHg6D5H7b06tUtaUfkQB%2BLKqx2iUagfGKHyoKnUJdI5%2Bxs5dUKZ%2FMqtSz1S%2B0l9%2BKd8QJJltFTab8TUl7FCzQzrshU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaaeab48408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 UA0OxfpdRcqB3uy20Bh4L7TglRqqV3DII9T1tdb6.jpeg
znaj.ua/crops/ebb271/150x100/2/0/2020/11/11/ 5 KB
5 KB 120ms
118ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/ebb271/150x100/2/0/2020/11/11/UA0OxfpdRcqB3uy20Bh4L7TglRqqV3DII9T1tdb6.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15be1e9d6bbc19f5f0d055a634c6e87e76a15d7b678844b8e6c81fd9b1793e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4922, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4795
cf-bgj: imgq:100,h2pri
last-modified: Wed, 11 Nov 2020 13:44:58 GMT
server: cloudflare
etag: "5fabeada-133a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhWsJyvg6ZcvYR0J8YAJNqp9NtLn%2FvlvZi37YBWS60yjgpPaA0XnlOSxOPj69iqf%2BRl0w4DOuz82KujjwvgHEWuuv9%2BF5ZAw8rO6NWbwCyObJpXPizWDo7NXQzi8oGP%2FVSj2T4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaaeab4d408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 aMDACA57GgBpcMZ7tYzSemyZ6MIjoPQnKgxrQmnQ.jpg
znaj.ua/crops/cb9a7d/150x100/2/0/2022/09/01/ 3 KB
4 KB 136ms
134ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/cb9a7d/150x100/2/0/2022/09/01/aMDACA57GgBpcMZ7tYzSemyZ6MIjoPQnKgxrQmnQ.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

570c09bfa970a04b2e2217d445580cd8889c01cffc08b25f3c270de7f79354a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3201, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3039
cf-bgj: imgq:100,h2pri
last-modified: Thu, 01 Sep 2022 20:01:29 GMT
server: cloudflare
etag: "63110f99-c81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBHDPlXevBzR1k403zafX%2FFIEKwCcM5WSBhHocJ9dowWfE5cOI7pDiKfUDInIg%2FkUNoa6x%2FilhEPLJRmWmWYJzTz5eicWHbJ0mrUOKW%2FL49oxyI76BPlYt%2FOm%2FoabIPw7aMiurk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaaeab50408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rSB8S98p9ghkyfDH83q0skqiT5zvDPBwGkCw45Kx.jpg
znaj.ua/crops/ce5577/150x100/2/0/2022/10/09/ 7 KB
8 KB 126ms
124ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/ce5577/150x100/2/0/2022/10/09/rSB8S98p9ghkyfDH83q0skqiT5zvDPBwGkCw45Kx.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1813085857b9504b972f615d98a5c283da859419a21a6c554e32694bfb0376ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7216, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7115
cf-bgj: imgq:100,h2pri
last-modified: Sun, 09 Oct 2022 16:26:47 GMT
server: cloudflare
etag: "6342f647-1c30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6Rd0Z5V57jzUCUWPgd%2BCPguMNEviXKH%2Fp8S3njieHJ%2BHtD%2F82oMFxlK8eEC0sF7g3bQh7onUOrV80PMYeQonSh%2Fx9PQUkw8537oz4oK7UuarvtgcS8wrveR%2FhbREvEm4HEgKGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaaeab51408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ZWCSb8YPzkzEsXCZ9fzYKJWPz9g8w4ZXdgjQeyCi.png
znaj.ua/crops/f3abd7/150x100/2/0/2021/10/31/ 5 KB
6 KB 135ms
133ms Image
image/png 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/f3abd7/150x100/2/0/2021/10/31/ZWCSb8YPzkzEsXCZ9fzYKJWPz9g8w4ZXdgjQeyCi.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cde5064761dc2a5c27bbc27a3a4e9b76f0ac9f1d08ecdb07cb3899966b35b7d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5505, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5355
cf-bgj: imgq:100,h2pri
last-modified: Sun, 31 Oct 2021 17:10:32 GMT
server: cloudflare
etag: "617ece08-1581"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Skv6zNxk0eNltSKiJP1rYTNOBGYmvw38eN%2BssNtQWp4xDpDScRCo3fhPYkWQzas6Mnyz7OrYWHXCt1YtYwm%2FM3CH7G9GMrbYZl6aDp9AEJKbRyY5UY%2Bff4KMfT125W2bH8nMkZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaaeab52408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 N5nag5YmQMk1Nhks759hZbnYfsReDF2MRAyYaGLl.jpeg
znaj.ua/crops/831bc8/735x400/2/0/2020/09/07/ 45 KB
45 KB 68ms
66ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/831bc8/735x400/2/0/2020/09/07/N5nag5YmQMk1Nhks759hZbnYfsReDF2MRAyYaGLl.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12622d62833b43778988c40cd485c1226c9a21f5bf4ad1f52792837aa9b9423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=46121, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45642
cf-bgj: imgq:100,h2pri
last-modified: Mon, 10 Oct 2022 02:30:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHZ%2B9gcdsAJ4n6aAVBnXvZ%2BYyRTcFAGpkvDitwA%2BL9sWRU%2FmmkNpT5Yep%2FXwJPtf8zr%2BcMKVnqXaCZkUoTxZU%2B50UoP9ibSOVwA1h6ysjAR8sbKt6d4jXKy5vrYhSyVD0Rr9oSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 757bfaaeab54408a-LHR

GET
H3 200 3L0A2602zLyLHjFyaI7JHixWRUvMqf78PQgnaDf3.jpeg
znaj.ua/crops/c0a4e8/735x400/2/0/2019/11/06/ 78 KB
79 KB 165ms
163ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/c0a4e8/735x400/2/0/2019/11/06/3L0A2602zLyLHjFyaI7JHixWRUvMqf78PQgnaDf3.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9414d1b7898f9d86b85e27ea9558c76fad51b0008a98220bd4fc9f58e49ea78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=80831, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80383
cf-bgj: imgq:100,h2pri
last-modified: Mon, 10 Oct 2022 02:12:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LcAxbdMDRgOY%2BoZ9iynpKvy%2B9UdTKwVChxGF1INVRuyTPjBOQPFqiAqs7ZnvhG%2FRDG9z2wXJG79vxG752wZciVCY5grSmEr2Je4AjwCmUcRUAIgNY%2F4wkLepE1M4qYx4%2F5GQtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 757bfaaeab55408a-LHR

GET
H3 200 6s5hWJ8VVSdRq9XqHiMfOvcvGYE5OCpL5ZoYtuYk.jpg
znaj.ua/crops/0ccb1a/350x250/2/0/2022/10/09/ 21 KB
21 KB 202ms
201ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/0ccb1a/350x250/2/0/2022/10/09/6s5hWJ8VVSdRq9XqHiMfOvcvGYE5OCpL5ZoYtuYk.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961abfebbe046468868f105d64a1e1f7883b848fcbb632d17f84f69955c7b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=21301, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21201
cf-bgj: imgq:100,h2pri
last-modified: Sun, 09 Oct 2022 15:42:36 GMT
server: cloudflare
etag: "6342ebec-5335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqTLcl0ms69DJH2JMeoS8hndxcYaOPg2KxucqxUKpu281iFu443nQCpNFNhbTJXROZh1kk5ydhfNNFC%2FavA%2BHpUrfJL6idw5CkhhUHTEQfif810uGXmT%2FCJWBGobg6iLvI2Wpjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaaeab56408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 TWbsDd60mVskChqLpVgpxjM87LCPJouLneyL1pQV.jpg
znaj.ua/crops/9a5779/150x100/2/0/2022/10/08/ 5 KB
5 KB 217ms
215ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/9a5779/150x100/2/0/2022/10/08/TWbsDd60mVskChqLpVgpxjM87LCPJouLneyL1pQV.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eb6b38234531fd946142a24fe06cf7e9f1adb80ae2c58add1f5dbb5a07bafc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4959, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4831
cf-bgj: imgq:100,h2pri
last-modified: Sat, 08 Oct 2022 09:36:16 GMT
server: cloudflare
etag: "63414490-135f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdDxEILTZUyQ%2BmAZxPzOPUEqdTiYQ2VOiA9JluWEofdRe9yC9GDlt51APS5uv7zjoV4xeLCxKqLBFhOpHE7b%2Feg9LlfrMSzZNPNCN6e6j1hyB48isRG%2FlXJP4bLQGOb%2B0FPnrtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaaeab57408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 JKBGgRF7cyAtHNZHbFSOXa2kdTWhPkgDFoYjGw4I.png
znaj.ua/crops/5ac3eb/150x100/2/0/2022/10/07/ 4 KB
5 KB 218ms
217ms Image
image/png 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/5ac3eb/150x100/2/0/2022/10/07/JKBGgRF7cyAtHNZHbFSOXa2kdTWhPkgDFoYjGw4I.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

827aa93fbc841609ffe3d98e2aa933208afeb920c91d7fc534f552ff5ae4fb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4309, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4194
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 Oct 2022 14:45:06 GMT
server: cloudflare
etag: "63403b72-10d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZLoBkaFBvYRZG3WIikOhhjvABZlhSL%2BlwX%2BtDAgGd1OsDIqt2UvSQ5InjWRj3ZMYirkLpy79hVZkPqfrb%2B3YRRoc6k1dVryPGofN%2FWZW5yyOATid%2BcDtV6G9P4Az%2Bww5NdHKQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfaaeab58408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pv
s.getstat.net/ 42 B
725 B 123ms
73ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.getstat.net/pv?u=https%3A%2F%2Fznaj.ua%2F&d=znaj.ua&s=&t=&l=uk&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=1&r=0.7905144608330339

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQR9%2FNrG5UKvKNJgE02NkN67AAlwUUAVRQHRDxSp31u%2B1cyUoCtUBEu5QS%2BoYuw73dfG6xnoSCHWZFudRUsapKN9l44OYtCq9yGCZE6dfM3YofE3Xzjv%2BzfPBsZY%2F%2FJf08DQk3g4HJHk%2Fp0m"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store
cf-ray: 757bfaaf19dcdc5f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H3 200 97 Show response
aixcdn.com/p/ 23 B
607 B 115ms
53ms Script
text/javascript 2606:4700:3037::ac43:8597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/97

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?166537

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51152
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 09 Oct 2022 10:53:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDlRSSxMuJ5q2m0HA0MC2GhhUjNpeJGtq7%2F6TTmivuiBVrOSfTTPGWdGU8XRMyk4wOWCX7yYB%2FfU3WuMjXwGwdZloCJEYRtXIGrhvfnsMRf0dGCTO%2Bbdf1RDPud4dXOspo7W5B%2Fm2CYV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 757bfaaf3fe4e61c-LHR

GET
H3 200 194 Show response
aixcdn.com/p/ 2 KB
2 KB 120ms
57ms Script
text/javascript 2606:4700:3037::ac43:8597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/194

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?166537

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23140
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 09 Oct 2022 10:53:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiXLtXd16cDsHwB79XoFMCNlGrn1DxFEpNl5BlnHI5GpqgAn6DtQHgzUKXSZXn6KDQwEJ8WLH59oU1ZZp2RgygX3ddjEyElOnrQHO7PzhLD9waye%2Fhqc91jfB9LSFhyXE0ov4tb6Weqd"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 757bfaaf3fe6e61c-LHR

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 169ms
61ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2029085609&t=pageview&_s=1&dl=https%3A%2F%2Fznaj.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B2%D1%96%D0%B6%D1%96%20%D1%82%D0%B0%20%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83.%20Znaj.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1789191782&gjid=408419860&cid=207372142.1665369500&tid=UA-108263001-1&_gid=566078181.1665369500&_r=1&_slc=1&z=464219213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 branding Show response
a4p.adpartner.pro/ 11 KB
3 KB 233ms
74ms Script
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=1582&0.6993086875481271
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 04f98125e2792cd0188dd6e7406b61ad1fc63e632433d4b236f4087ecaae2860

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
28 KB 185ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?166537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f2efb70c7d65f087e001fc88b8f7e2e96fe251f5737831c9d5ec77f252e82b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27714
x-xss-protection: 0
server: sffe
etag: "1359 / 296 of 1000 / last-modified: 1665180320"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 10 Oct 2022 02:38:20 GMT

GET
H2 200 ym.js Show response
cdn-b.notsy.io/zna/ 355 KB
113 KB 192ms
54ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/zna/ym.js
Requested by: Host: aixcdn.com
URL: https://aixcdn.com/client.js?166537
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 682008b8aa7cd5dfe3f608ca7db63bccc666fb3d7c24b529bba4d7b45926efc7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-199
cdn-cachedat: 10/05/2022 21:08:40
cdn-pullzone: 139012
last-modified: Tue, 04 Oct 2022 19:15:35 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 250
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"633c8657-58a77"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 4443cbf579753285d782ee83d7dec990
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
439 B 173ms
56ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-108263001-1&cid=207372142.1665369500&jid=1789191782&gjid=408419860&_gid=566078181.1665369500&_u=IEBAAEAAAAAAACAAI~&z=667975338

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 10 Oct 2022 02:38:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 branding.min.js Show response
a4p.adpartner.pro/apstc/ 13 KB
3 KB 75ms
74ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.425
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.6993086875481271
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
cache-control: no-store no-transform
content-encoding: br
last-modified: Wed, 31 Aug 2022 13:16:12 GMT
server: nginx
etag: W/"630f5f1c-35bf"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame 5CDC 0
0 884ms
881ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=a370d026-aa81-4c5b-8a93-92ea22c44149&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.6993086875481271
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Mon, 10 Oct 2022 02:38:21 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/branding/ Frame FA3D 5 KB
2 KB 74ms
74ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=59207650057788960&apuid=934b9bc4-4b9b-45d9-931e-11136f1bc9ab&session_pageview=1&session_id=a370d026-aa81-4c5b-8a93-92ea22c44149&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.6993086875481271
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 6271d8bc498732adc9340a237fe8262b8c0d9e25828111589b407d2dc4941277

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 10 Oct 2022 02:38:20 GMT
server: nginx

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 183ms
65ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108263001-1&cid=207372142.1665369500&jid=1789191782&_u=IEBAAEAAAAAAACAAI~&z=1206272240

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 198ms
67ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108263001-1&cid=207372142.1665369500&jid=1789191782&_u=IEBAAEAAAAAAACAAI~&z=1206272240

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022100401.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 171ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc3fe7bed6cc66d192c34a90ac7912453305c15c62634159227882d6656ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 16:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131625
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:36:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 09 Oct 2023 16:23:04 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 297 B
778 B 177ms
63ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=znaj.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
expires: Mon, 10 Oct 2022 02:38:20 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 176 KB
44 KB 192ms
57ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:21 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2022 22:15:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"13600701857be6a3c4cd98a7b8e7133a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: nqFGIZ9a1dfIiOXHl63svIjF9Xdq5Fn1wpSRSKiJIZbMwL9ymmkAww==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 230ms
114ms Ping
text/html 138.199.37.232
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?ZNA;desktop;;main_page_desktop;c667db|b77b67
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-232.datapacket.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn-b.notsy.io/video/ 228 KB
73 KB 54ms
53ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/video/video.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 0329dd260d6f5e82572ba5080cda23dabee534bc670f442985a40f85aa5d81ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-197
cdn-cachedat: 10/08/2022 23:20:24
cdn-pullzone: 139012
last-modified: Sat, 08 Oct 2022 23:20:05 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"634205a5-38fb3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 08701ac584fa45054fe4f198735fa03b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 154ms
55ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221010

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa1cc992ed4468086582d7abbbb9de34aaf07e2a25dd2fba749fe5eaa584443c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41842
x-jsd-version: 1.0.1488
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-mia11393-MIA
x-jsd-version-type: version
server: cloudflare
etag: W/"664-t6uVsbzjHRzVi/1yGZs0jnfuGyk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cn7sW7xMPnLuAbhNKs0Xb2%2B32amaZrlq2jPkgRS6oJS0d67kGOClSWtbTIc0pttUqGhBEogXJlmGtY7aDiKvygboozHv1IyaZI4N2f%2BcbMKHEsPnyK6IFgKdAar2ChNkXT0RyWbILzCY2zCyvx4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 757bfab2880388b6-LHR

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame FA3D 49 KB
20 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=59207650057788960&apuid=934b9bc4-4b9b-45d9-931e-11136f1bc9ab&session_pageview=1&session_id=a370d026-aa81-4c5b-8a93-92ea22c44149&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 01:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5781
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 10 Oct 2022 03:01:59 GMT

POST
H2 200 branding Show response
a4p.adpartner.pro/ Frame FA3D 771 B
450 B 84ms
84ms XHR
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=1582&session_id=a370d026-aa81-4c5b-8a93-92ea22c44149&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=59207650057788960&apuid=934b9bc4-4b9b-45d9-931e-11136f1bc9ab&session_pageview=1&session_id=a370d026-aa81-4c5b-8a93-92ea22c44149&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: c06c8ca6c8aaeff5c2502f15d795d39289495beccdadac100eef321db24758fe

Request headers

Referer: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=59207650057788960&apuid=934b9bc4-4b9b-45d9-931e-11136f1bc9ab&session_pageview=1&session_id=a370d026-aa81-4c5b-8a93-92ea22c44149&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 6371 0
139 B 75ms
74ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522934b9bc4-4b9b-45d9-931e-11136f1bc9ab%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 10 Oct 2022 02:38:20 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame AAFA 0
139 B 76ms
76ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522934b9bc4-4b9b-45d9-931e-11136f1bc9ab%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 10 Oct 2022 02:38:20 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 200ms
63ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 191ms
62ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
13 KB 376ms
262ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2521783500936593&correlator=959529075825970&eid=31070165%2C31070192%2C31070193&output=ldjh&gdfp_req=1&vrg=2022100401&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_WEB_INTERSTITIAL&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3438404882&sfv=1-0-38&fsbs=1&ists=1&fas=8&fsapi=false&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1665369500731&lmt=1665369026&dlt=1665369499729&idt=975&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=207372142.1665369500&ga_sid=1665369501&ga_hid=2029085609&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6812fd4c328f81cd81bc60a381cf090c653e8a6c2f41cfd513de1ba05f68d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13549
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9123 6 KB
4 KB 237ms
61ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 02:38:20 GMT
expires: Tue, 10 Oct 2023 02:38:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022100401.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 168ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022100401.js?cb=31070165

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c10be1ff1e09cb86b04cb6a5ebdf514d8e1f6fabf57d76851bef5cab6f037a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13934
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:36:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 Oct 2023 11:19:12 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
298 B 153ms
152ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fznaj.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:20 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://znaj.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: sfZzLFEcs0QRSGyTGXixZBESFwdWUFzhmtNxwf6dz4eASS2m7CBrPg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 163ms
54ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding: gzip
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
date: Mon, 10 Oct 2022 01:33:10 GMT
x-amz-cf-pop: FRA56-P6
age: 3912
x-cache: Hit from cloudfront
last-modified: Thu, 06 Oct 2022 01:32:47 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _acHg797IuDL37zE1ghcufw28vpwPl3c8BIXdZjZWEINwPwkw7bMeQ==

GET
H2 200 /
c.aixcdn.com/ 42 B
393 B 106ms
97ms Image
image/gif 2606:4700:3037::ac43:8597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aixcdn.com/?2120&3224&4137&r=3713

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab037c2cbbde510127db317534973d375a4a142c4bae4fbe3a42b3dfe420cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:21 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUk6p1m0105l2csrhYz8Mu9JoA7PDoGBkRSb6MFU1fFZyrNvm40mJXGkuVjJXtPo5q5cOeUKvEbO9TnPJFfZhuuM8uIksy0rg3GLWypr3LZ6VNX2PGZwAUyL%2B2wDSZiSklQj7hdQ7bG952Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 757bfab51b867691-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H3 200 container.html Show response
7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F68D 6 KB
3 KB 163ms
53ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 02:38:20 GMT
expires: Tue, 10 Oct 2023 02:38:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F68D 4 KB
1 KB 180ms
64ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com
URL: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Oct 2022 02:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 00:48:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Oct 2022 02:38:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CACD 624 B
976 B 181ms
65ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARiHy5SvATAB&v=APEucNUaoTmidY6CaBdGK-EhDAiDUD12tXSAhkkf7KCcjXZC5Vvu8jEWO_b8obcP-WB9icDSMwektEt9nB-KpjENodClNMoHxgIo7zsYLfaAEvC4fdWGdOQg5rb0V2y8ZwZfjmrx_OL1vJ2bCu-vF02obhLcEqoCSbKO4i5PPJ2lWl6JQJHhYUs

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 02:38:21 GMT
expires: Mon, 10 Oct 2022 02:38:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 175D 97 KB
37 KB 220ms
105ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dtx7fAsPjZvbihsnT0yozgQwxQjSVunKEIvDizOi9-25IYhoiLADz9t0nT46LRs3YMBFqnAQNU_QdtLGNEwr11usY1ZR5eCrZ0zdgPq0fFpbpcXLG3cjS5cDnPUh5z-32vY3SVxjzEhzWurUC0NzrniW2CyaW-5ZD5sVEYc6Z2IxMtbKo&dbm_d=AKAmf-BNkrCZuvj1gYtw2zbpNVi-di9ZCjmKBuhAxjIElYZJ2HSrLgXUfa1G82U9rvKihx6E5OWnn67hVFiYIow5FQw-MC5kYK1dAcC051bRrDgOuEiDZnNuKXOWIwiu8WclTVAKNAkA6Icfvsp2x00he2uDIJxFXWTUI9VTUfy_AkSZvUUWXWrravxzlkBv5wfx5W2JCTJyVGfRJ-EVkGxa4Caknv0qWA_Ob5LP4H1RgxvnPHSUQTZ1bw8UcAvAP2cwGKPqurxAJGQAKY1ylpy4zgDifdW2xnXvCvEexIG9R9q3Yfhlpxi0zrlLdA0yUJfEifHCTUMEBQ2X1h4mWuG2nVEZDf1gpZ-GIohA2psbASu1Xzib9dn0PSJDcLgl4Ah7qFgqFV67-qQAGqlWoDs0rXFFSTSM6UANH7mNPcADM0S4oEfn-ofT2ThJlFZJ58axIJYs9g4VtNBx3Xq6CnGfnViBE5s2nrhwanhkUBcBv7g6Nb39uf8p3cTRFbXyPEjnGtmBLFXj6yZuQMcjZWcgga89PIahyYZsiUIzp_HLzmbma_clGhjilQgrbkjrbImECZapNB_kTUjUVxqgJD_wUFm0D2xHnC63lO5kao5IofQAFsMkG03ZqPKwzBsT4AP46GNqXKl2IUEnUVS1XfXSM0gY8Qt1xiaWwBF8erf4Q7VSi3UMazhlMK4fkL88hgCaae2PKgr6LMqpD2LnBT3pdnznCKZrEKfHyEYT0H0Lm94DrTkwXCC3w6WUn0w6bwCkgEiCqXRdfYEPSrZ9fOnpkZHGKyAg4jC6ojAxJ6pMxBAN5ky_ykyPeDD1qE0UGfWuLgtvGuvAJbDh_kIrQ9g_eVOiMFs839lOgULOIhircvO5psmiGqS5zk9MhZe94Ik-E69EblU3jvilElogqyPq8Rn05Dfj8NxRLcQdhwR35hhnh_hkYy51CkKjsabcdl9AoU7ednKwgtM05t4dpqddcNUKx8Yh4iD7EWg6v4QZ0Kh4OzUiVMu36h2-ROkWrGvLbYtz2QIBMYkaxa0W4Oy6PaCPyrKBsIUy3fpTNSb5nmBcW1ZM5VBFK1JiIZe43Bd5jJ9c2_M3AXwxzwFOBZDhXD2BZSucit_fJrTJS0DDVNQ2M0ahX8fWQ8rjRVlI9bLVlWG23lPgeNLVCIQ1pO6EyCdPUpvDidliar6rRTK_xtplht3KxXPVwWiu6_iMK1U8RFTFyP5rde1calPuh6p4Q8ogEZvh9-djXZUcucCTTDTnm8GX-3PYTMGFn4aAD68k2QEO8Vbk_bqGrmFiqFsDYjwcV4l9d1f2UJVdQEZNE_j86NGJIIiaydsMIUT12OpWi3KmsXcrp-IdVQn3LUwEUZJa2PJof_1p7YRAp9EkONgDG4iuqYtu7gIMiVP7v1T_TdVV3Ef-spvUbhsvIYESbP9Ag1WzLcG3jSGsn_3a1VsTcLbjAtFGHSlznE-HuWgHmo-kPm6q2py7jlchn9da8dQ7B_Z32jt3urnVusIZOF5U_KqOAxoqdAbzjWYmcKmcO1TKLtzMGBVvOzVi9AnLMCMAWeKujGHvaXK-4jQTNmuUXzqSggXNBUTHgyEdIJ4eCbwiWdEAsPZyMqrp9OzPhwOgbVhzL7n0s5BczBNDv07tGcUezSxB_ZfxC5aGJiJHoNrmu5iTXjWLy0l_KU23dhxvAaakodeA4u-md5oJQ5zr4TZWREcA_3Y58iBcbeReLqEIvyI5CLQovkcJ8j8NGbLSJeJlFjGCctlsZOjcVTN56l4O93lmqOEg30Uuo5JvPuH_GqHwLoGUpzUUziJK8dkS2QzmeoAdlFDgVxe1jx7FJ4BPPfeaWRVIgVUoERUzjzs8vHCtpWwWXzBuQ-oxSIyTy8r1mF62qoLWdqNJXdVwe7VyWJrHQv6Pt8WKGo33F5dUY_rzf0WpT2t8JwuZax16HzeeiquYwCziBZPRt0KETdB_zCBr0ueXB92JWWtu2mG_E6q_czEMkAWa-bxYbKB5p07wbN5HU5jX-Dqi50Ga9L-x8WnDOEE6D9lVoLTH0Y_Ed2CU8CYT9LzIFtzuzkyEYmOFVWLup-iC5hZ406pzYkq8mYjYfg7X8-7N9fktd_o9GneDQoNY8PhwP0aKIdQzitp7zoW-Di9eR9B_xqw0tWVntTw7kw9cReFrPQ45D4NjtUBQC3iI6aKH43jDNCJvqgUfWWvfbJ0-QL-H1eFTZdIxMppaD0DgtUUvcyvSvRNoc5FJijx8ecRJCQzrRyrF20-grrSfgpPKwgw3XffRUjBLzkX0aR4VylZ8G4gXhNXv0z52hAwXTaTLOAfpkI_z_-TLpUyWj-8tpdi38GcNc80cj4aAE93vdH7pc-veKn5eLkEf1vX0EOb0PiQ1cLSGPP8FhwJSV9FrbSxPX4ISl72ds5WG9zhDz4lsSqFduGlRyUvW_NAVrEMAO1rSJ1epGt59q6rxzLCnqnoojtc4QrFpnqmE-R_njAstq3ti-VLdRdTde3Mm5548ON6jf_mTOik7BE7XN8yt516BWRoKdNZIiBKPWJdHDHakdDoXm3FiLWt0Y7IaMVHPJYcNlfyE5GxmhTlvtWoqsEi-Co6-LHVmQKasIbyXOauNjsxcW1ZRK-2xFsPhpFq_y5SVZboUXi2_XDR3mBHfEtJKXl0NiN_vYwyVDpRbTUQo2XBZOIUBni39hHHiir-CO8t4hWpIY1yzyWgcEXc_1DsRgm3o9zEcXl5q7r4TbHi0xT_Fd91nxWYKt2aTqToaMcBQNqGGDpXpxj3w7AHi10MzSxXQWzRG2icV93hFKp5RWN4lcOotSuo290JgVtjnBVDQ-YYofwg5Df3BTliZOSW2YNk7XOO3dNIBtfwsxLGInvKa7bUblDPwfSvGBJtErO_A90ovuojzN0HoWO6awDzMMvpD7SgqvHY5XEYPi3xvgiGbKtKWN88yPsN1Z4PArD93nslpcHDcgVY345qSmC2DVTEsyqv2J6XeJBH7pKCuwVUGJA438_UrQY9hvs9N-B2DBEXHVilNa6gQRbUL5o7NqyP8eGf3dZZPg2UXCjL_jSVCOPszyw12Wlf6O_KAo-aSiBTjDciKcdoLx3RWsAutBsw04RMxQ4ZuX0DJVPclebVjfpoVdptoGvnhxnNy3RiBFg7J8eNTg_vT1i5zOCStcsqeZB_pWaNy3QzyJlzOl0BMgL60AuddTX93BRsWpLLrpzOtuOfcAQ&cid=CAASJ-RoWBxyvLCWv_fPQ4MuW3c-jnxRrGTGEhtvLI9M0Y4wtanI8nUkQg&rfl=2%2Chttps%253A%252F%252Fznaj.ua%252F%240

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33f91639d5b6d429bea710d0bf6f40cf3a70c1cd6bed404ffb13e4cf3e5aae5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37881
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 175D 3 KB
1 KB 183ms
68ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Oct 2022 02:01:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 175D 17 KB
8 KB 170ms
55ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Oct 2022 01:33:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 175D 0
0 172ms
61ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9IKSpb1r91PTQM6FIjw9zllv-BB1a_sy9qyf42yuxap76jert4fGVuJLmx9YJ0EmpbEEHGxnI71AGeceU-3c3ZlRVsw
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 175D 142 KB
44 KB 174ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Oct 2022 02:38:21 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 175D 42 B
494 B 204ms
88ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALQhwwtya10vLUszvm2rVoxzRsJYxbJ-TipAUiRds4whypgR5RzAapIRSqV5qAE-dF3fWbGP4TF9pj_sKPDEVYRKSt4iLAR2NHD0s9ojCOdQEuhzc

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame F68D 19 KB
8 KB 174ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com
URL: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 17584738254627026664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Oct 2022 01:31:03 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CACD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOvWpA1HNg0hZUXNc4-93M&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOvWpA1HNg0hZUXNc4-93M&google_cver=1&C=1

43 B
766 B

100ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOvWpA1HNg0hZUXNc4-93M&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARiHy5SvATAB&v=APEucNUaoTmidY6CaBdGK-EhDAiDUD12tXSAhkkf7KCcjXZC5Vvu8jEWO_b8obcP-WB9icDSMwektEt9nB-KpjENodClNMoHxgIo7zsYLfaAEvC4fdWGdOQg5rb0V2y8ZwZfjmrx_OL1vJ2bCu-vF02obhLcEqoCSbKO4i5PPJ2lWl6JQJHhYUs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 02:38:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 02:38:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEMOvWpA1HNg0hZUXNc4-93M&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CACD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0OFnc2EH0dLNnRt-wqRQgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-9-g221BHAsn6Vmf7XWRI&google_cver=1

43 B
766 B

54ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-9-g221BHAsn6Vmf7XWRI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARiHy5SvATAB&v=APEucNUaoTmidY6CaBdGK-EhDAiDUD12tXSAhkkf7KCcjXZC5Vvu8jEWO_b8obcP-WB9icDSMwektEt9nB-KpjENodClNMoHxgIo7zsYLfaAEvC4fdWGdOQg5rb0V2y8ZwZfjmrx_OL1vJ2bCu-vF02obhLcEqoCSbKO4i5PPJ2lWl6JQJHhYUs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 02:38:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-9-g221BHAsn6Vmf7XWRI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CACD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOMA7V_AyELmWPxcOIghNIg&google_cver=1

43 B
1016 B

84ms
55ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOMA7V_AyELmWPxcOIghNIg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARiHy5SvATAB&v=APEucNUaoTmidY6CaBdGK-EhDAiDUD12tXSAhkkf7KCcjXZC5Vvu8jEWO_b8obcP-WB9icDSMwektEt9nB-KpjENodClNMoHxgIo7zsYLfaAEvC4fdWGdOQg5rb0V2y8ZwZfjmrx_OL1vJ2bCu-vF02obhLcEqoCSbKO4i5PPJ2lWl6JQJHhYUs

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 02:38:21 GMT
AN-X-Request-Uuid: fc597fb2-fb62-4e54-841b-292dd8fdcc4a
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOMA7V_AyELmWPxcOIghNIg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CACD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3OTYyNDE3OTIyNDg3MTUyNg%3D%3D

170 B
188 B

173ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3OTYyNDE3OTIyNDg3MTUyNg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 02:38:21 GMT
AN-X-Request-Uuid: 6758e38d-16f0-4682-b5e1-6417c9264579
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3OTYyNDE3OTIyNDg3MTUyNg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 175D 170 KB
59 KB 176ms
54ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
Origin: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 11:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Oct 2022 11:10:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame 175D 8 KB
3 KB 175ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dtx7fAsPjZvbihsnT0yozgQwxQjSVunKEIvDizOi9-25IYhoiLADz9t0nT46LRs3YMBFqnAQNU_QdtLGNEwr11usY1ZR5eCrZ0zdgPq0fFpbpcXLG3cjS5cDnPUh5z-32vY3SVxjzEhzWurUC0NzrniW2CyaW-5ZD5sVEYc6Z2IxMtbKo&dbm_d=AKAmf-BNkrCZuvj1gYtw2zbpNVi-di9ZCjmKBuhAxjIElYZJ2HSrLgXUfa1G82U9rvKihx6E5OWnn67hVFiYIow5FQw-MC5kYK1dAcC051bRrDgOuEiDZnNuKXOWIwiu8WclTVAKNAkA6Icfvsp2x00he2uDIJxFXWTUI9VTUfy_AkSZvUUWXWrravxzlkBv5wfx5W2JCTJyVGfRJ-EVkGxa4Caknv0qWA_Ob5LP4H1RgxvnPHSUQTZ1bw8UcAvAP2cwGKPqurxAJGQAKY1ylpy4zgDifdW2xnXvCvEexIG9R9q3Yfhlpxi0zrlLdA0yUJfEifHCTUMEBQ2X1h4mWuG2nVEZDf1gpZ-GIohA2psbASu1Xzib9dn0PSJDcLgl4Ah7qFgqFV67-qQAGqlWoDs0rXFFSTSM6UANH7mNPcADM0S4oEfn-ofT2ThJlFZJ58axIJYs9g4VtNBx3Xq6CnGfnViBE5s2nrhwanhkUBcBv7g6Nb39uf8p3cTRFbXyPEjnGtmBLFXj6yZuQMcjZWcgga89PIahyYZsiUIzp_HLzmbma_clGhjilQgrbkjrbImECZapNB_kTUjUVxqgJD_wUFm0D2xHnC63lO5kao5IofQAFsMkG03ZqPKwzBsT4AP46GNqXKl2IUEnUVS1XfXSM0gY8Qt1xiaWwBF8erf4Q7VSi3UMazhlMK4fkL88hgCaae2PKgr6LMqpD2LnBT3pdnznCKZrEKfHyEYT0H0Lm94DrTkwXCC3w6WUn0w6bwCkgEiCqXRdfYEPSrZ9fOnpkZHGKyAg4jC6ojAxJ6pMxBAN5ky_ykyPeDD1qE0UGfWuLgtvGuvAJbDh_kIrQ9g_eVOiMFs839lOgULOIhircvO5psmiGqS5zk9MhZe94Ik-E69EblU3jvilElogqyPq8Rn05Dfj8NxRLcQdhwR35hhnh_hkYy51CkKjsabcdl9AoU7ednKwgtM05t4dpqddcNUKx8Yh4iD7EWg6v4QZ0Kh4OzUiVMu36h2-ROkWrGvLbYtz2QIBMYkaxa0W4Oy6PaCPyrKBsIUy3fpTNSb5nmBcW1ZM5VBFK1JiIZe43Bd5jJ9c2_M3AXwxzwFOBZDhXD2BZSucit_fJrTJS0DDVNQ2M0ahX8fWQ8rjRVlI9bLVlWG23lPgeNLVCIQ1pO6EyCdPUpvDidliar6rRTK_xtplht3KxXPVwWiu6_iMK1U8RFTFyP5rde1calPuh6p4Q8ogEZvh9-djXZUcucCTTDTnm8GX-3PYTMGFn4aAD68k2QEO8Vbk_bqGrmFiqFsDYjwcV4l9d1f2UJVdQEZNE_j86NGJIIiaydsMIUT12OpWi3KmsXcrp-IdVQn3LUwEUZJa2PJof_1p7YRAp9EkONgDG4iuqYtu7gIMiVP7v1T_TdVV3Ef-spvUbhsvIYESbP9Ag1WzLcG3jSGsn_3a1VsTcLbjAtFGHSlznE-HuWgHmo-kPm6q2py7jlchn9da8dQ7B_Z32jt3urnVusIZOF5U_KqOAxoqdAbzjWYmcKmcO1TKLtzMGBVvOzVi9AnLMCMAWeKujGHvaXK-4jQTNmuUXzqSggXNBUTHgyEdIJ4eCbwiWdEAsPZyMqrp9OzPhwOgbVhzL7n0s5BczBNDv07tGcUezSxB_ZfxC5aGJiJHoNrmu5iTXjWLy0l_KU23dhxvAaakodeA4u-md5oJQ5zr4TZWREcA_3Y58iBcbeReLqEIvyI5CLQovkcJ8j8NGbLSJeJlFjGCctlsZOjcVTN56l4O93lmqOEg30Uuo5JvPuH_GqHwLoGUpzUUziJK8dkS2QzmeoAdlFDgVxe1jx7FJ4BPPfeaWRVIgVUoERUzjzs8vHCtpWwWXzBuQ-oxSIyTy8r1mF62qoLWdqNJXdVwe7VyWJrHQv6Pt8WKGo33F5dUY_rzf0WpT2t8JwuZax16HzeeiquYwCziBZPRt0KETdB_zCBr0ueXB92JWWtu2mG_E6q_czEMkAWa-bxYbKB5p07wbN5HU5jX-Dqi50Ga9L-x8WnDOEE6D9lVoLTH0Y_Ed2CU8CYT9LzIFtzuzkyEYmOFVWLup-iC5hZ406pzYkq8mYjYfg7X8-7N9fktd_o9GneDQoNY8PhwP0aKIdQzitp7zoW-Di9eR9B_xqw0tWVntTw7kw9cReFrPQ45D4NjtUBQC3iI6aKH43jDNCJvqgUfWWvfbJ0-QL-H1eFTZdIxMppaD0DgtUUvcyvSvRNoc5FJijx8ecRJCQzrRyrF20-grrSfgpPKwgw3XffRUjBLzkX0aR4VylZ8G4gXhNXv0z52hAwXTaTLOAfpkI_z_-TLpUyWj-8tpdi38GcNc80cj4aAE93vdH7pc-veKn5eLkEf1vX0EOb0PiQ1cLSGPP8FhwJSV9FrbSxPX4ISl72ds5WG9zhDz4lsSqFduGlRyUvW_NAVrEMAO1rSJ1epGt59q6rxzLCnqnoojtc4QrFpnqmE-R_njAstq3ti-VLdRdTde3Mm5548ON6jf_mTOik7BE7XN8yt516BWRoKdNZIiBKPWJdHDHakdDoXm3FiLWt0Y7IaMVHPJYcNlfyE5GxmhTlvtWoqsEi-Co6-LHVmQKasIbyXOauNjsxcW1ZRK-2xFsPhpFq_y5SVZboUXi2_XDR3mBHfEtJKXl0NiN_vYwyVDpRbTUQo2XBZOIUBni39hHHiir-CO8t4hWpIY1yzyWgcEXc_1DsRgm3o9zEcXl5q7r4TbHi0xT_Fd91nxWYKt2aTqToaMcBQNqGGDpXpxj3w7AHi10MzSxXQWzRG2icV93hFKp5RWN4lcOotSuo290JgVtjnBVDQ-YYofwg5Df3BTliZOSW2YNk7XOO3dNIBtfwsxLGInvKa7bUblDPwfSvGBJtErO_A90ovuojzN0HoWO6awDzMMvpD7SgqvHY5XEYPi3xvgiGbKtKWN88yPsN1Z4PArD93nslpcHDcgVY345qSmC2DVTEsyqv2J6XeJBH7pKCuwVUGJA438_UrQY9hvs9N-B2DBEXHVilNa6gQRbUL5o7NqyP8eGf3dZZPg2UXCjL_jSVCOPszyw12Wlf6O_KAo-aSiBTjDciKcdoLx3RWsAutBsw04RMxQ4ZuX0DJVPclebVjfpoVdptoGvnhxnNy3RiBFg7J8eNTg_vT1i5zOCStcsqeZB_pWaNy3QzyJlzOl0BMgL60AuddTX93BRsWpLLrpzOtuOfcAQ&cid=CAASJ-RoWBxyvLCWv_fPQ4MuW3c-jnxRrGTGEhtvLI9M0Y4wtanI8nUkQg&rfl=2%2Chttps%253A%252F%252Fznaj.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Oct 2022 02:22:23 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 175D 30 KB
11 KB 156ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3600d5d161593a066ed57bfa0f44230fd55d0fbf709e0517c7a30e69b4eef59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11696
x-xss-protection: 0
server: cafe
etag: 3440521625644817407
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Oct 2022 02:21:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 175D 41 KB
15 KB 164ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com
URL: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 21:11:06 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11696667625940582400/ Frame 2987 144 KB
28 KB 174ms
63ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11696667625940582400/index.html?e=69&leftOffset=0&topOffset=0&c=DDRDcxoIqL&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc4e1d3d110fa900db7cc80260bfaebd97b155f28fb0791110a4a612ab9a751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 02:38:22 GMT
expires: Tue, 10 Oct 2023 02:38:22 GMT
last-modified: Tue, 06 Jul 2021 08:02:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E0B4 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 274914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 22:16:27 GMT
expires: Fri, 06 Oct 2023 22:16:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame E0B4 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 12:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 12:19:44 GMT

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 2987 116 KB
39 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11696667625940582400/index.html?e=69&leftOffset=0&topOffset=0&c=DDRDcxoIqL&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11696667625940582400/index.html?e=69&leftOffset=0&topOffset=0&c=DDRDcxoIqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 11:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Oct 2022 11:21:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 177ms
67ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa779035aad7a214de5b7e19cd74bbd8191d7b021a7b700cf19962bdfdc9e133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11118
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0B4 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-pC7nYVDY4GnHOWxx_APi6mw-AUAAAAAOAHgBAI&bg=!i4iliMzNAAYQgTJdMIE7ACkAdvg8Wvv_hHNNH6za7F7D9-8MQd9sueUlhfmoHwL-YaiCjNT7R3zENAIAAABNUgAAAAJoAQeZAz365rOcHO3sjVqN5mqFHZvv3BopHKN6e4IepZlbXJ6XUdBhIwtwHumpKgK8hbolRwWKUqmliDDzUSf9pI4mo4BTo0mlz2pdGU9F7248mMoLK89zF7LnE7g1nhrDQ2YdKdsFOGjlX6APm8X0yO_hDabkAGA9XtoG4domJFS_8BFDz4bdd_BWaFbl3eC68O5ToM3lV5QHnPMjx67bOJp3KwmL8lJpFHZLc9Px1eCoET08q_F9TsWlrr3duKqav-8TUrr_mvr0afQmkcxCLc4MyH7y-7nv-xle--760lvaM7nsGmJ5u4Or7MGTzFdSTVy5G92MAPjJ6Ey_mHrX4knhmPfVjajX6HoYEmw-EpDZHBhqRxquG9BYk53Bdc1hFEOdgfc8ANVWLSVOYFfaY8qVcRb9YVZ8H_Zxx-llLDZ2l3R0r6Tpsz8ap4r_Fw0mttSaINHJ3onkbLqoSbotmDpjd5Kf7yk12NlJsilMvVO0PZMtX3JEcNe0OmO2F_Es0G3w4U_vlvnpLNjcM-LplAtRuHnUB6obTxCXLK3OSSdfjUvwE1BXIhSlOFMfPJbUspfFH1yuVCSzAJdJYEGX6PuaU1yseRJ13kM775BlT230Gmb_YVePMCiweb6E8zed5_IeqQ9BdoAMXxakqclWzsbb60NklxGJSdMPasI7pmuoD6Y7xsiYAf41aMBipsar2Uw16VeaF5uzZ9kbAimqB7WB-ThBIFXSBU2GKWvbAMQ0Qq1R4SRMZVAleGcZ_GGnuGdgdEdv45QlkC-f4aa4Ht8ZanQ589Padz3lohcBmqgIz_1kW7J1stZWkJoqSGUdi5V1EE9eO_5_yKFfk9KTnEVvDE961cyXYst8FAp1vNrDsP9boXu52LTEP9p6JrM-eqUCMkhcnDPwMA-PQtItQeZgEDqkHGNzyhLPI85pifg5ekqhgm5Deu7Rw6L0JUsUnLBCGVAV4acLrQCPwkwBcM3m-Xi6drz9vstl_JaSR7tdwtMMogUnJ37lJle3FqjE82NhUgaGqG9HBrC11Ohqn1eh2GhkwbyunlkEDZXKaLFhxyqjRj6FVBIwxqLxTEOF6IbsHcb5TtAZCmf2hCxUYQ_s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 02:38:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2987 7 KB
6 KB 174ms
79ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

782643afc3b8884d5629ad69f2208e20ad7376a20aedd72a960f70f8fc9f8e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5746
x-xss-protection: 0

GET
H3 200 prod_studio_01_246_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 2987 30 KB
10 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_246_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60cee2b7c0e6399de0c613d7abdf961da05ffb4f02406eba30bb2569fa9d64e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11696667625940582400/index.html?e=69&leftOffset=0&topOffset=0&c=DDRDcxoIqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 08:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10534
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Oct 2022 08:50:52 GMT

GET
H3 200 Jets_logo.svg
s0.2mdn.net/sadbundle/11696667625940582400/ Frame 2987 8 KB
3 KB 55ms
54ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11696667625940582400/Jets_logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5d89aeb1b772954a0c6d12147018b9eb6377b8cdf289937220b52fe32a75ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11696667625940582400/index.html?e=69&leftOffset=0&topOffset=0&c=DDRDcxoIqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2656
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:02:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 20:04:03 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/11696667625940582400/ Frame 2987 1 KB
694 B 55ms
55ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11696667625940582400/arrow.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11696667625940582400/index.html?e=69&leftOffset=0&topOffset=0&c=DDRDcxoIqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 08:02:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 20:04:03 GMT

GET
H3 200 4986023447842752130
s0.2mdn.net/simgad/ Frame 2987 346 KB
346 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4986023447842752130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487faead8c685e6df2f7d096cc8b76e8f40a5e2c0f1b43b9b893a27b7a96e202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11696667625940582400/index.html?e=69&leftOffset=0&topOffset=0&c=DDRDcxoIqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:04:03 GMT
x-content-type-options: nosniff
age: 196459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354232
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 10:23:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 20:04:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Oct 2022 02:38:22 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2987 17 KB
6 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Oct 2022 02:38:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EACA 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 24483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 19:50:19 GMT
expires: Mon, 09 Oct 2023 19:50:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F9F0 783 B
536 B 64ms
64ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf538a4f5fb9e06499588d96ad9b5c4d56afa13cf8c33ee2f6e0c8be4967a90d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-skAYXGdxNY8B3R8Ulcxp7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-skAYXGdxNY8B3R8Ulcxp7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 02:38:22 GMT
expires: Mon, 10 Oct 2022 02:38:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D64 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 12:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 12:19:44 GMT

GET
DATA 200
OK truncated
/ Frame 2987 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame EACA 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 12:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 12:19:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F9F0 0
0 88ms
87ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100401&jk=2521783500936593&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EACA 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5i9WQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
94ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100401&jk=2521783500936593&bg=!WlmlWR3NAAYQgTJdMIE7ACkAdvg8Wl9cgZv4n8tuH85NkJ5zPHHFz_VR1du3CYNfXHdkfi4feFyuxwIAAABQUgAAAAVoAQcKAAV-YRPKnpkCn9RNH73Kvj0KemRv6aYjMBjA3zl98jyB7P4OUkrYUC0Wr9cJU7ME-oD-b76Bgw_Yoh6ZKN8u_y6JqFq1DfUUl4dR4DQ8G7xojGoNPy0LLji3_m7AubxRgy9EB9OyI_JZ3iEBkJRcw5YNUGMRhGCg_aiiuJDln5ovk6CacbfB3nuLbmeAVKNowomA7YAhcoa_EIq-lMPukg-fvKfPNuEtyr_x5ADX_z66YxLV3sETSOwR0m81RhEbP0fCTi75_YIctmTO8nTat78Dt0xIxRi0jbt_ZpGwnWNF1G1hrqkOTJ9tb9tj1DbQBOcJT7anoFCWaAZtE7VKFh87V75Stb6PalmooQhPd0jc7bmjXPP9huWqcsUCbqN44hq5TTVyX6Ey6spabHyQgn9DHPE2ZEmn0ljD6npkHxknBzBUZKNE1JAjjF7hz6FZVbj73UjnI1poe3a2HNN2wKBLL0ZjtXNT-bBHpHI741NudedJb677i5bAbBsUyeS03qfH9qh3IY90MJ--MhmbeSmR5U89iC9-kmg2Jx4leAo2AGn38gUFlH2fJ5xObTRTQu0r96WiSBoIwAJIkHf1DnfTSHvnacN9b6_YmSNccfKx1-2E048qqCQsEvlqJH1W1h2yU3CCJxbmWRUAH9Hx-Goj9R3qsyFdHhjYkjJVKJI1bUn2iRhSHVk69QMLGNNB_LxJhNKkuEZBNZdMG6gVcch0CqEK-NedAZ5Js3P8VKNAAlN1dMtUsBHjT28LYsIbsD3F5WJor1wIkYt4Qypo5tnAgnhdu4MNgQUB629THFhAhdauRcYIXMDQ_E4xmruF3hU2QJV1eAzUEeZ15159R1XYXQ9tA3EDoErxg-o07zmzWWL8ObdBf3453GwKxVgCFpJjPCVSNUcM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 NcHjZ9UNgZlxZ2C9H7kseF977Ce62Qy52Canh18f.jpg
znaj.ua/crops/cb1fc8/150x100/2/0/2022/10/09/ 7 KB
7 KB 68ms
68ms Image
image/jpeg 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/cb1fc8/150x100/2/0/2022/10/09/NcHjZ9UNgZlxZ2C9H7kseF977Ce62Qy52Canh18f.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec8e75d4e2650c96cc529516774eda68a75adb16bc005cbcbafd87fc39d349d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6791, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6662
cf-bgj: imgq:100,h2pri
last-modified: Sun, 09 Oct 2022 17:03:05 GMT
server: cloudflare
etag: "6342fec9-1a87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6fp8C1ZivWsAhwS4CdabP9PSx9G%2BEUX42wHh%2FLYNFThY2%2BuvkykoM0BIun9oTiYnvaKMSazxhB%2FdcE%2B1HIlVgeWydzz7M20bFiYUxA3Y04osz8jqqgUBRN%2BsuPKV5KmELHy%2BzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bface3d4e408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 oRxDdp81ExsYvaKnC0Da0zgcERKUlVvrrgdIEIa6.png
znaj.ua/crops/bebc9c/735x400/2/0/2021/10/28/ 46 KB
46 KB 67ms
66ms Image
image/png 2606:4700:20::681a:2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/bebc9c/735x400/2/0/2021/10/28/oRxDdp81ExsYvaKnC0Da0zgcERKUlVvrrgdIEIa6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b190b130f95821c9bd476680f0eaf5b7fb18cbf82cb751faf026af80d6f885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 02:38:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=47251, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46917
cf-bgj: imgq:100,h2pri
last-modified: Sun, 09 Oct 2022 20:59:00 GMT
server: cloudflare
etag: "63433614-b893"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDd%2F7SaeHeUhFEYRal2An%2FfOyCOCxJlRjAB17h8rEftKI%2BhAtF1RxQeB%2BUjQwO4EYwsTQ%2BPpIUOh5Xkv1OWuz%2B2Qmnx%2BvjFuFuM8KYC5lq5ckTHrCthKOHoWyroQydq6FWUH4k4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 757bfacffe40408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.znaj.ua/	1970-01-20 06:36:10	Name: _gs_lp Value: 2a0c975e
.znaj.ua/	1970-01-20 06:36:10	Name: _gs_d Value: 1
.znaj.ua/	1970-01-20 06:36:10	Name: _gs_sd Value: 1
.znaj.ua/	1970-01-20 06:36:10	Name: _gs_s Value:
.znaj.ua/	1970-01-20 15:14:33	Name: _gs_ul Value: 6343859c
.znaj.ua/	1970-01-20 06:36:10	Name: _gs_ss Value:
.znaj.ua/	1970-01-20 16:12:09	Name: _ga Value: GA1.2.207372142.1665369500
.znaj.ua/	1970-01-20 06:37:35	Name: _gid Value: GA1.2.566078181.1665369500
.znaj.ua/	1970-01-20 06:36:09	Name: _gat Value: 1
.s.getstat.net/	1970-01-20 06:36:10	Name: _gs_si Value: 516b814e1a2159c9
.s.getstat.net/	1970-01-20 15:21:45	Name: _gs_ui Value: 4d6797aa-49dc-4b0f-8dd4-eca706b69393
znaj.ua/	1970-01-20 06:36:11	Name: session_id Value: a370d026-aa81-4c5b-8a93-92ea22c44149
znaj.ua/	1970-01-20 06:36:11	Name: session_pageview Value: 1665369500.1
znaj.ua/	1970-01-20 07:19:21	Name: site_visited Value: 1665455900.1
znaj.ua/	1970-01-20 16:12:09	Name: lapuid Value: 934b9bc4-4b9b-45d9-931e-11136f1bc9ab
a4p.adpartner.pro/	1970-01-20 16:12:09	Name: apuid Value: 934b9bc4-4b9b-45d9-931e-11136f1bc9ab
a4p.adpartner.pro/	1970-01-20 16:12:09	Name: apudmg Value: 1
.znaj.ua/	1970-01-20 15:57:45	Name: __gads Value: ID=58d56e16cdf606f6-222d8c0540ce00b4:T=1665369500:S=ALNI_Mb47JaOMpfU6a70smdUuft85Ugt3Q
.doubleclick.net/	1970-01-20 15:57:45	Name: IDE Value: AHWqTUmfFxL0BQYxYdR9KcGEcqt-5IuvZWBq0taNVqxQsq5KD8hTewTjQE3YnpBvNA4
.adnxs.com/	1970-01-20 08:45:45	Name: uuid2 Value: 1479624179224871526
.casalemedia.com/	1970-01-20 08:45:45	Name: CMPS Value: 3239
.casalemedia.com/	1970-01-20 08:45:45	Name: CMPRO Value: 3239
.adnxs.com/	1970-01-20 08:45:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU$l:3e[!]tbPl1M>e)ZlrFUfJ+tGXxpW^K9EJbSVjA>QyHF:G)`DLE<(+b#r.mc3/:g%nugO%v4VB%nlmh)h%hP
.casalemedia.com/	1970-01-20 15:21:45	Name: CMID Value: Y0OFnc2EH0dLNnRt-wqRQwAA
.casalemedia.com/	1970-01-20 08:45:45	Name: CMTS Value: 5174

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7d5d8630cd2412792ca2cf593c30ddb5.safeframe.googlesyndication.com
a4p.adpartner.pro
adservice.google.com
adservice.google.de
aixcdn.com
c.aixcdn.com
c.amazon-adsystem.com
cdn-b.notsy.io
cdn.getpush.net
cdn.jsdelivr.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s.getstat.net
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
ym-tack.b-cdn.net
znaj.ua
108.138.4.10
138.199.37.232
142.250.185.194
185.59.220.194
185.80.39.216
185.89.211.12
2606:4700:20::681a:2a
2606:4700:3030::ac43:a0b5
2606:4700:3037::ac43:8597
2606:4700::6810:5714
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a06:98c1:3121::3
51.83.220.94
0329dd260d6f5e82572ba5080cda23dabee534bc670f442985a40f85aa5d81ce
04f98125e2792cd0188dd6e7406b61ad1fc63e632433d4b236f4087ecaae2860
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0754b5f6a6c9f87517622a5b0d0135e4a776ce1dd80ae9c02907d0e3a7f1e940
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15be1e9d6bbc19f5f0d055a634c6e87e76a15d7b678844b8e6c81fd9b1793e04
1813085857b9504b972f615d98a5c283da859419a21a6c554e32694bfb0376ff
2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7
2ec8e75d4e2650c96cc529516774eda68a75adb16bc005cbcbafd87fc39d349d
33f91639d5b6d429bea710d0bf6f40cf3a70c1cd6bed404ffb13e4cf3e5aae5a
3600d5d161593a066ed57bfa0f44230fd55d0fbf709e0517c7a30e69b4eef59b
3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937
41b190b130f95821c9bd476680f0eaf5b7fb18cbf82cb751faf026af80d6f885
487faead8c685e6df2f7d096cc8b76e8f40a5e2c0f1b43b9b893a27b7a96e202
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570c09bfa970a04b2e2217d445580cd8889c01cffc08b25f3c270de7f79354a4
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
60cee2b7c0e6399de0c613d7abdf961da05ffb4f02406eba30bb2569fa9d64e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6271d8bc498732adc9340a237fe8262b8c0d9e25828111589b407d2dc4941277
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
682008b8aa7cd5dfe3f608ca7db63bccc666fb3d7c24b529bba4d7b45926efc7
6cc9d716d866c19f66cb4f1c0ca93f48de166a31268d72bffbd3f2a2d60e2757
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7
6eb6b38234531fd946142a24fe06cf7e9f1adb80ae2c58add1f5dbb5a07bafc3
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
76f2efb70c7d65f087e001fc88b8f7e2e96fe251f5737831c9d5ec77f252e82b
7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe
782643afc3b8884d5629ad69f2208e20ad7376a20aedd72a960f70f8fc9f8e0c
7ab037c2cbbde510127db317534973d375a4a142c4bae4fbe3a42b3dfe420cc3
7bc2b86b7d6c7c2edf1fbf56f2122c36cccee4caf392df02b4f9a80499744e84
827aa93fbc841609ffe3d98e2aa933208afeb920c91d7fc534f552ff5ae4fb8c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cc4e1d3d110fa900db7cc80260bfaebd97b155f28fb0791110a4a612ab9a751
8f5d89aeb1b772954a0c6d12147018b9eb6377b8cdf289937220b52fe32a75ff
95dc3fe7bed6cc66d192c34a90ac7912453305c15c62634159227882d6656ddb
961abfebbe046468868f105d64a1e1f7883b848fcbb632d17f84f69955c7b2fb
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12622d62833b43778988c40cd485c1226c9a21f5bf4ad1f52792837aa9b9423
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6812fd4c328f81cd81bc60a381cf090c653e8a6c2f41cfd513de1ba05f68d87
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979
bf538a4f5fb9e06499588d96ad9b5c4d56afa13cf8c33ee2f6e0c8be4967a90d
c06c8ca6c8aaeff5c2502f15d795d39289495beccdadac100eef321db24758fe
c10be1ff1e09cb86b04cb6a5ebdf514d8e1f6fabf57d76851bef5cab6f037a0a
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c9414d1b7898f9d86b85e27ea9558c76fad51b0008a98220bd4fc9f58e49ea78
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a
cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb
cde5064761dc2a5c27bbc27a3a4e9b76f0ac9f1d08ecdb07cb3899966b35b7d9
d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa1cc992ed4468086582d7abbbb9de34aaf07e2a25dd2fba749fe5eaa584443c
fa779035aad7a214de5b7e19cd74bbd8191d7b021a7b700cf19962bdfdc9e133

znaj.ua Open in urlscan Pro 2606:4700:20::681a:2a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

96 %HTTPS

73 %IPv6

20 Domains

27 Subdomains

27 IPs

5 Countries

1557 kBTransfer

3544 kBSize

25 Cookies

42 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

znaj.ua Open in urlscan Pro
2606:4700:20::681a:2a Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

96 %
HTTPS

73 %
IPv6

20
Domains

27
Subdomains

27
IPs

5
Countries

1557 kB
Transfer

3544 kB
Size

25
Cookies

89 HTTP transactions
3 data transactions