Submitted URL: http://znaj.ua/
Effective URL: https://znaj.ua/
Submission: On August 14 via api from GB — Scanned from GB

Summary

This website contacted 80 IPs in 12 countries across 66 domains to perform 216 HTTP transactions. The main IP is 2606:4700:20::ac43:44d1, located in United States and belongs to CLOUDFLARENET, US. The main domain is znaj.ua. The Cisco Umbrella rank of the primary domain is 329997.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2022. Valid for: 3 months.
This is the only time znaj.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
8 51.83.220.94 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a00:1450:400... 15169 (GOOGLE)
7 142.250.185.98 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 65.9.71.118 16509 (AMAZON-02)
1 212.102.43.81 60068 (CDN77 ^_^)
1 2a04:4e42:200... 54113 (FASTLY)
1 6 37.157.6.252 198622 (ADFORM)
3 9 185.89.210.212 29990 (ASN-APPNEX)
1 2602:803:c003... 26667 (RUBICONPR...)
1 178.250.2.131 44788 (ASN-CRITE...)
1 18.159.27.64 16509 (AMAZON-02)
1 2a0c:5c81:514... 55081 (24SHELLS)
2 104.18.19.126 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 9 172.217.18.2 15169 (GOOGLE)
2 11 104.18.18.126 13335 (CLOUDFLAR...)
3 37.157.2.249 198622 (ADFORM)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 142.250.184.194 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 151.101.1.108 54113 (FASTLY)
1 67.202.105.32 32748 (STEADFAST)
4 23.205.235.133 16625 (AKAMAI-AS)
1 23.35.236.247 16625 (AKAMAI-AS)
1 23.35.236.201 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 2 46.249.52.248 50673 (SERVERIUS-AS)
1 35.227.252.103 15169 (GOOGLE)
2 62.149.0.72 15497 (COLOCALL ...)
2 198.47.127.19 62713 (AS-PUBMATIC)
2 6 35.169.179.244 14618 (AMAZON-AES)
3 5.178.65.246 50673 (SERVERIUS-AS)
1 1 52.205.244.125 14618 (AMAZON-AES)
1 1 23.75.240.210 16625 (AKAMAI-AS)
1 205.234.175.175 23352 (SERVERCEN...)
1 51.89.9.252 16276 (OVH)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
2 5 69.173.144.138 26667 (RUBICONPR...)
3 3 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 5 52.46.155.104 16509 (AMAZON-02)
3 5 54.239.38.253 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
3 52.223.40.198 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
3 4 35.227.248.159 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f16:e61... ()
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 3.248.63.34 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
1 185.15.245.80 24961 (MYLOC-AS ...)
2 3 18.203.96.202 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.64.108.197 16509 (AMAZON-02)
2 46.137.145.59 16509 (AMAZON-02)
1 162.55.236.225 24940 (HETZNER-AS)
2 2 151.101.2.49 54113 (FASTLY)
1 1 2.18.233.201 ()
1 1 44.196.45.105 ()
1 104.111.215.191 ()
1 1 52.209.205.147 16509 (AMAZON-02)
1 185.89.210.20 29990 (ASN-APPNEX)
1 1 34.199.163.65 14618 (AMAZON-AES)
1 3.126.56.137 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 52.45.92.187 14618 (AMAZON-AES)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 52.50.170.21 16509 (AMAZON-02)
1 1 3.231.251.159 14618 (AMAZON-AES)
1 3.127.193.182 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 5.178.65.252 50673 (SERVERIUS-AS)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 65.9.66.97 16509 (AMAZON-02)
1 51.158.28.82 ()
1 2 3.125.70.222 ()
216 80
Apex Domain
Subdomains
Transfer
27 googlesyndication.com
4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
158 KB
19 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
206 KB
15 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1856
mwzeom.zeotap.com — Cisco Umbrella Rank: 1478
4 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
267 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
eus.rubiconproject.com — Cisco Umbrella Rank: 588
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
token.rubiconproject.com — Cisco Umbrella Rank: 707
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2288
24 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
s.amazon-adsystem.com — Cisco Umbrella Rank: 288
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264
50 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 560
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
ssum.casalemedia.com — Cisco Umbrella Rank: 1365
14 KB
13 znaj.ua
znaj.ua — Cisco Umbrella Rank: 329997
320 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
acdn.adnxs.com — Cisco Umbrella Rank: 584
secure.adnxs.com — Cisco Umbrella Rank: 462
23 KB
9 adform.net
adx.adform.net — Cisco Umbrella Rank: 3659
track.adform.net — Cisco Umbrella Rank: 3990
s1.adform.net — Cisco Umbrella Rank: 8958
dmp.adform.net — Cisco Umbrella Rank: 4473
93 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4971
u-ams02.e-planning.net — Cisco Umbrella Rank: 62489
i.e-planning.net — Cisco Umbrella Rank: 7366
s.e-planning.net — Cisco Umbrella Rank: 7332
4 KB
8 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8094
10 KB
6 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2305
10 KB
5 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 834
tags.crwdcntrl.net — Cisco Umbrella Rank: 1275
51 KB
5 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 2334
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
cms.analytics.yahoo.com — Cisco Umbrella Rank: 774
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
3 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 98
2 KB
5 aixcdn.com
aixcdn.com — Cisco Umbrella Rank: 362167
c.aixcdn.com — Cisco Umbrella Rank: 405871
12 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 469
1 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 732
gum.criteo.com — Cisco Umbrella Rank: 401
mug.criteo.com — Cisco Umbrella Rank: 2755
8 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 502
usermatch.krxd.net
942 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
793 B
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 496
image6.pubmatic.com — Cisco Umbrella Rank: 636
6 KB
3 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5331
sync.adtelligent.com — Cisco Umbrella Rank: 4266
2 KB
3 notsy.io
cdn-b.notsy.io — Cisco Umbrella Rank: 77760
182 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
115 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
40 KB
2 eyeota.net
ps.eyeota.net
2 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4226
563 B
2 mathtag.com
pixel.mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 623
854 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24215
683 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1201
751 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 592
cdn.indexww.com — Cisco Umbrella Rank: 1470
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
57 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 652
eb2.3lift.com — Cisco Umbrella Rank: 411
657 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5596
adservice.google.de — Cisco Umbrella Rank: 8117
1 KB
2 getstat.net
s.getstat.net — Cisco Umbrella Rank: 356867
8 KB
1 cookieless-data.com
js.cookieless-data.com
535 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 5347
17 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
757 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
220 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 749
578 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 494
430 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 791
425 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 736
380 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1715
546 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 103105
215 B
1 bluekai.com
tags.bluekai.com
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1972
359 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 451
531 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19732
220 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1669
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 118447
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7524
324 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 653
161 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 611
98 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2479
307 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
351 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4348
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
1 KB
1 b-cdn.net
ym-tack.b-cdn.net — Cisco Umbrella Rank: 81134
1 getpush.net
cdn.getpush.net — Cisco Umbrella Rank: 124772
18 KB
216 66
Domain Requested by
14 s0.2mdn.net znaj.ua
s0.2mdn.net
13 znaj.ua znaj.ua
12 mwzeom.zeotap.com ads.us.e-planning.net
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
10 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
um2.eqads.com
9 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
9 ib.adnxs.com 3 redirects cdn-b.notsy.io
googleads.g.doubleclick.net
acdn.adnxs.com
spl.zeotap.com
ssum.casalemedia.com
8 a4p.adpartner.pro znaj.ua
a4p.adpartner.pro
cdn-b.notsy.io
6 a.audrte.com 2 redirects ads.us.e-planning.net
a.audrte.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.us.e-planning.net
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 pixel.rubiconproject.com 2 redirects
4 eus.rubiconproject.com cdn-b.notsy.io
eus.rubiconproject.com
ads.us.e-planning.net
4 c.amazon-adsystem.com cdn-b.notsy.io
c.amazon-adsystem.com
4 www.google.com znaj.ua
4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 aixcdn.com znaj.ua
aixcdn.com
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 match.adsrvr.org spl.zeotap.com
ssum-sec.casalemedia.com
3 token.rubiconproject.com 3 redirects
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
3 s1.adform.net track.adform.net
s1.adform.net
3 track.adform.net 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
s1.adform.net
3 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn-b.notsy.io aixcdn.com
cdn-b.notsy.io
3 www.googletagservices.com aixcdn.com
4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
3 www.google-analytics.com znaj.ua
www.google-analytics.com
a4p.adpartner.pro
2 ps.eyeota.net 1 redirects
2 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
2 s.e-planning.net ads.us.e-planning.net
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 pr-bh.ybp.yahoo.com 1 redirects ssum.casalemedia.com
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 sync.adtelligent.com ads.us.e-planning.net
2 ads.us.e-planning.net 1 redirects cdn-b.notsy.io
2 gum.criteo.com 1 redirects static.criteo.net
2 googleads4.g.doubleclick.net znaj.ua
2 static.criteo.net cdn-b.notsy.io
static.criteo.net
2 googleads.g.doubleclick.net 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
znaj.ua
2 s.getstat.net znaj.ua
1 js.cookieless-data.com s.e-planning.net
1 vid.vidoomy.com ads.us.e-planning.net
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 p.rfihub.com 1 redirects
1 x.bidswitch.net ssum.casalemedia.com
1 sync.srv.stackadapt.com 1 redirects
1 match.prod.bidr.io ssum.casalemedia.com
1 ad.turn.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 bttrack.com ssum-sec.casalemedia.com
1 ups.analytics.yahoo.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 id.rlcdn.com
1 ads.yahoo.com
1 onetag-sys.com ads.us.e-planning.net
1 i.e-planning.net ads.us.e-planning.net
1 ssum.casalemedia.com ads.us.e-planning.net
1 secure-assets.rubiconproject.com 1 redirects
1 ssp.disqus.com 1 redirects
1 ssum-sec.casalemedia.com js-sec.indexww.com
1 rtb.openx.net
1 eb2.3lift.com cdn-b.notsy.io
1 ads.pubmatic.com cdn-b.notsy.io
1 js-sec.indexww.com cdn-b.notsy.io
1 ic.tynt.com cdn-b.notsy.io
1 acdn.adnxs.com cdn-b.notsy.io
1 mug.criteo.com
1 fonts.googleapis.com 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
1 c.aixcdn.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 htlb.casalemedia.com cdn-b.notsy.io
1 ghb.adtelligent.com cdn-b.notsy.io
1 tlx.3lift.com cdn-b.notsy.io
1 bidder.criteo.com cdn-b.notsy.io
1 fastlane.rubiconproject.com cdn-b.notsy.io
1 adx.adform.net cdn-b.notsy.io
1 cdn.jsdelivr.net cdn-b.notsy.io
1 ym-tack.b-cdn.net cdn-b.notsy.io
1 www.google.de znaj.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.getpush.net znaj.ua
216 106
Subject Issuer Validity Valid
znaj.ua
Cloudflare Inc ECC CA-3
2022-07-02 -
2022-09-30
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
adpartner.pro
R3
2022-06-14 -
2022-09-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
cdn-b.notsy.io
R3
2022-08-06 -
2022-11-04
3 months crt.sh
www.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
www.google.de
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA
2021-11-07 -
2022-11-11
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-21 -
2023-04-22
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-08-05 -
2022-11-03
3 months crt.sh
*.google.de
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
ads.us.e-planning.net
R3
2022-07-12 -
2022-10-10
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.audrte.com
Amazon
2022-02-24 -
2023-03-24
a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2022-02-23 -
2023-02-03
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-29 -
2022-12-30
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
dmp.theadex.com
R3
2022-06-27 -
2022-09-25
3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-07 -
2022-11-30
6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-21 -
2023-04-20
a year crt.sh
um3.eqads.com
Amazon
2022-06-11 -
2023-07-09
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.match.prod.bidr.io
Amazon
2022-01-27 -
2023-02-25
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.e-planning.net
R3
2022-07-25 -
2022-10-23
3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2021-08-06 -
2022-09-05
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-07-28 -
2022-10-26
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-23 -
2023-03-22
a year crt.sh

This page contains 34 frames:

Primary Page: https://znaj.ua/
Frame ID: 0134BF9032AB8079CD9501A31D551835
Requests: 63 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=0f653bd5-cbe4-43c8-9124-e8e247eb917d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Frame ID: DD7CF7B2AA5086A354E7C41EC1D27BAA
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=95567344567442290&apuid=82634a32-b368-43a8-95ab-3b1a8946350f&session_pageview=1&session_id=0f653bd5-cbe4-43c8-9124-e8e247eb917d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Frame ID: DD6E18598BC80BEB96BD40CE662D4101
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252282634a32-b368-43a8-95ab-3b1a8946350f%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Frame ID: 6F56E316E58CEFC29C5118FD966281B2
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252282634a32-b368-43a8-95ab-3b1a8946350f%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Frame ID: 950587E34FB375A1ED01BD63BF09748C
Requests: 1 HTTP requests in this frame

Frame: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84BF4B6FE3E170F3886502922E053AE9
Requests: 1 HTTP requests in this frame

Frame: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C286EF7648A459E214D26C3C27A81BCF
Requests: 3 HTTP requests in this frame

Frame: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B7A7500DCD06717BE9457220ADBCAB29
Requests: 15 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=54737416;rtbwp=YvhgBQAKEO8H_YheAAKV-M8EAlo4bRKG6oyC9Q;rtbdata=jMNqeDmYZHhBqBs-hMxriNw0HzEbO74zytJzXiV8gvzh-ddObndqEBCFVbY5SpXCoe5qPU31FJ8qHZO2GkguPINI0VsLSlsg0EcJMky9aXrzXqlXJQuqKnMZnJGuA6oxKYn8hTqZDzJn7hBXUSMau-q4yOT_vfOQ9CbqofWHJt70Eevugz5AB4wbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoU48BWD4Yu-hKN6Q9u8P-KuK-AnovpiUXKCls8n9CMCNtwEQASAAYJUCggEXY2EtcHViLTg0MTcxMjYxOTc1Mzc3NjKgAane3uECyAEJqQLyjmF41IOCPuACAKgDAaoE4gFP0LXbi59qJXQxq6CcQpRRVKTfbKMqpYxPA0JHl-di3kFWd02YUISLIsRt5o-7lqONTXRZ01UfqmvzZSPViXO5i-qwTRGaxX8a6cC5gYwPrC7VPB_tVsQywNEhV9Ulyx-7EwLZsaoAYLiJ9LFyG3d9bfYdEA-4KkFwhnrntCm2fgj6XL67SZ4rIjvtm2hEhpEA8R-gsAE55F8IfM-Zf3yPSm2AKGx6rvn1HEy7ZwlP81XSggtCd6fXO66H21ywRY1NMarqJxq7Squ043b4rFe8qU84dBO3Nlx6zsocTMnoJFr74AQBgAbSlsWavcaQwSegBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3WPL7ifZCNwr07TygcqptAiFiEpA&client=ca-pub-8417126197537762&adurl=
Frame ID: 98D0E8BF07BBA69E41CFEC43E44C5A0B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNXryQF-z5F0PYc1jTMnxK5UVSjY8sPdrdEqH2ZRITR0VhoULp0moNV6uVX0he8TorxEZmTHYwmFSbhMqbFxvT9t4ssjxJsOzrMQlZsYexJue9bc8c249Nx5T79tDchY_JRgFPVH6OEJ5QFVLdBiynMpdx4cINJZZ9O_U016qsaSfsMlbmo
Frame ID: 3844A39F3FB8DDCB4014794D1AE77EE8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33A67C2FE56F374CA667D8194DA235C7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E00431FD4F9B32252C4FC9ADE424EA00
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BACF7D275BC8475D8C386B5F2C6D103C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
Frame ID: 900B405A19BF3EB8EABBE1804F499BA7
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=znaj.ua
Frame ID: 377EE6A67B3F88F5B2086FA4591A2EF1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: DF402DF2250B9FCDE0435E313912C08D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1AA26F581379ECD4465E80C99329A002
Requests: 3 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: CE3FBE348DB05ED6489984B22F1A8E42
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 59573BB1FE5F4C490654C9561F1B77C3
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4D69AE49009F0405D52317F004736C22
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: F309F5AA3EA82F2602820111C7ACD867
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 56080EC533E0850CA45A26A1716D7681
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 597DA381AF65F0744A8E0C1201386CBA
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CC38F06B9F866039B182E78CDEFB7418
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: DEBDCE1B809369EC6BB46FB618F61158
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Frame ID: 82052399BF9FAD41C53B38A89AE1684A
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 4788B4DFF31AFA11B7143B6B3D404842
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 2BB6A41CD4829E9F02EF28C4E92BC92C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&cmp=0
Frame ID: 5AB619A1DB14E0CC4BD1E09E5C0FAD51
Requests: 30 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 84865390E7DD04C780D4835BF58B7C19
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 157046685A3670C5A248323FACB2B3A3
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 7D3B32162B4F095195FC44C480A4B7B6
Requests: 2 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Df526b5223009596f%26uid%3D%7B%7BVID%7D%7D
Frame ID: F66CFA5E503E89C6EE4DB73EBA4D372D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADYOAzviNh5JmKtk
Frame ID: 514BEF7D3600CA56BB65BEC39F8D73DF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Свіжі та актуальні новини України, Києва та світу. Znaj.ua

Page URL History Show full URLs

  1. http://znaj.ua/ HTTP 307
    https://znaj.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adrum

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

216
Requests

82 %
HTTPS

32 %
IPv6

66
Domains

106
Subdomains

80
IPs

12
Countries

1692 kB
Transfer

4021 kB
Size

73
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://znaj.ua/ HTTP 307
    https://znaj.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMN5G4K30ytjc0fMblhr-WY&google_cver=1
Request Chain 80
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvhgBiHDUd9b65XXo3f.YgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7Rq5Xngz66Op9TKc9joO8&google_cver=1&google_hm=2
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKcBL0XbmbQArQBdJAPDFUk&google_cver=1
Request Chain 82
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzNzA1NDMzOTQxMzQyODA3MA%3D%3D
Request Chain 110
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=znaj.ua&sn=ChromeSyncframe&so=0&topUrl=znaj.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=OLBWhnwzZm1WV2xUdFlOUTZkSXRBU0d1ellBOUM0Szd4YXRJK2ovNEJJbWErNGIwTnYwMGlFZ3dWdmVRdTdYbUxGMW9aaDRzdzBrUWdRZzBOQXAxejVqZVhEMTJGWDVGTFhqVnJRc3JmaGgxN2JEd0JHZ1N3cTNSSDVEcGxVRzE2MGNCYWJxSnpLOGVjUFVvTFlMNm9iSXN4QjZaT0FKd3hPT3ZwNVBYc3E4MWtzRTBOck9ML3ZjQW9iS09WMEZ3bWpvc0NiTTVkTWc1QVR0bTcvL3FJMTBjQ0JkVldBbEtxYlU2aWlBZE9wMzdKSUVkSUQ4V29USzdNY2pKekl4WVNxc0FIMUZQL01yR1cySlk1Vk1tRHJxMnlGdz09fA&cppv=2
Request Chain 131
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 133
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2337054339413428070
Request Chain 139
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df526b5223009596f%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f526b5223009596f&uid=2337054339413428070
Request Chain 140
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Df526b5223009596f%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=f526b5223009596f&uid=2bf0f39d-d5bd-e337-f8e6-5e356e20ee81
Request Chain 141
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG2gGbu2CvCfYL2Wg5atrJc&google_cver=1
Request Chain 147
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6SPW0V3-4-ITKV&sigv=1&esig=2~f4d3471d71d6b838ff49749c77f818915fa702c1
Request Chain 148
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDc1MjQ1YTRmZTBkODZlMDVhM2U0YjllNzc1MzI1YWM4OWU3MWQwNQ
Request Chain 149
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w5AKg1rgR6Kul2NW9BpuOA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w5AKg1rgR6Kul2NW9BpuOA
Request Chain 150
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZCNBaABiTiON1ft7ntaClA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZCNBaABiTiON1ft7ntaClA
Request Chain 153
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BS_AaqFrBMFRIpHd3ZO23Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=133492614442823692
Request Chain 156
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4ca60623-bba1-48d1-a613-de4c2be5a795&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Request Chain 162
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=82ee76b7-9eec-4c2f-a136-95e1fd76c6e2&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 163
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=5f6adb38-a742-49fe-667f-ec542641ec99&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=5f6adb38-a742-49fe-667f-ec542641ec99&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=03457506889707850633863625750090645577&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Request Chain 165
  • https://bn01.er.bemail.it/zeotap.php?_bid=5f6adb38-a742-49fe-667f-ec542641ec99&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022081411-34651-0.542835001660468012-4b8b5e86d92b925fdea443da7c4d9bd5&zdid=533&env=mWeb
Request Chain 166
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7131555601715427480&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Request Chain 167
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=5f6adb38-a742-49fe-667f-ec542641ec99 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=5f6adb38-a742-49fe-667f-ec542641ec99
Request Chain 168
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=5f6adb38-a742-49fe-667f-ec542641ec99&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=5f6adb38-a742-49fe-667f-ec542641ec99&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361&bounce=1&random=1496044497 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=W6TRlY96LxXkOcFpDSARNe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Request Chain 170
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=5f6adb38-a742-49fe-667f-ec542641ec99?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=5f6adb38-a742-49fe-667f-ec542641ec99?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Request Chain 171
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-d_vf_51E2oqPJIaCVT7qzA3ZPAGxNAj5SQ--~A&zpartnerid=570&env=mWeb
Request Chain 172
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lwS6x6TnrYpl91lAYWBAELqgO%2Bn1oAiQ%2BS41iYitP1U%3D
Request Chain 175
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361&_test=YvhgCQAGQ9tTiAA0 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YvhgCQAGQ9tTiAA0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&_test=YvhgCQAGQ9tTiAA0
Request Chain 176
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=c2b362f8-6009-4500-9e89-42919368eeee&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Request Chain 177
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Request Chain 178
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5f6adb38-a742-49fe-667f-ec542641ec99&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5f6adb38-a742-49fe-667f-ec542641ec99&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&dcc=t
Request Chain 180
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Request Chain 184
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB&dcc=t
Request Chain 186
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b5888cd0-e63e-492d-9539-a4b06176c200
Request Chain 190
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 192
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2b362f8-6009-4500-9e89-42919368eeee&gdpr=1&gdpr_consent=
Request Chain 193
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2933316057082016249
Request Chain 196
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vSB7Y9C5Tr5AFQ-fA4v_RVLHgiw
Request Chain 198
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084921531282596
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent=&google_gid=CAESEI3lNxyyNnVzD75iUVhlzvU&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 217
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent=
Request Chain 218
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3223811061005156735 HTTP 302
  • https://a.audrte.com/p

216 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
znaj.ua/
Redirect Chain
  • http://znaj.ua/
  • https://znaj.ua/
301 KB
61 KB
Document
General
Full URL
https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e66cc5c1e87984b81ca95783111f133719e6107ea3808e704ab935be49a6dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
HIT
cf-ray
73a64fbc3f1c0656-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Aug 2022 02:37:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sun, 14 Aug 2022 02:20:16 GMT
link
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONYWDzj0Y%2B7ZsgkNVjExcJrZ5oTTePh5zAqay3H8lMVzBVgQWmLU96iTtiwR%2BmSM3BLzpuHN6s0%2BGE7keSGsqTLBsam8cbCaTiyojY4NCSqGLaORFu4l74qcoRNp7eTeBRe51hE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-cache-status
MISS
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://znaj.ua/
Non-Authoritative-Reason
HSTS
ukraine.png
znaj.ua/img/
702 B
1 KB
Image
General
Full URL
https://znaj.ua/img/ukraine.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
238531
cf-polished
origFmt=png, origSize=992
content-disposition
inline; filename="ukraine.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
702
pragma
public
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Mon, 13 Jun 2022 21:17:50 GMT
server
cloudflare
etag
"62a7a97e-3e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kiZOFy75KNqapoAolIfkEQriXfBc0Qnr7U9D5hu8vTMRlNmlKZ4BU%2FXKFro9j6zT64sRmLGLcjpGkqvr%2B9z41cOsKy%2F9eJ50q02zwUVL9whGKAj431ricIP7xE6rLNKMkPeWgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
73a64fbccf840656-LHR
cf-bgj
imgq:100,h2pri
LWINHFUXTWfHod9IsK25gis1UO1HRhzRwHgb9hTF.jpg
znaj.ua/crops/b2f7d7/150x100/2/0/2022/08/13/
6 KB
6 KB
Image
General
Full URL
https://znaj.ua/crops/b2f7d7/150x100/2/0/2022/08/13/LWINHFUXTWfHod9IsK25gis1UO1HRhzRwHgb9hTF.jpg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bccb2f3c6d7766e404d96c0df667f3c5ecd48fe4f82e4ee3de6821f7ce33379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=6314, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6172
last-modified
Sat, 13 Aug 2022 13:31:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXvS1uu3inLdw38xux8iwZaED%2Ba%2FjeK0CVtbH06htLZKk5EKAEnHQl%2Bod1hV0PiO42H6DtrrM0W6jD3989b89Sqt4uEW0Eeh%2BggT99%2B6V1gZc1045TAAoZLjK1n0UAWIEULrNHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
73a64fbcdf860656-LHR
cf-bgj
imgq:100,h2pri
app.js
znaj.ua/desktop/js/
90 KB
26 KB
Script
General
Full URL
https://znaj.ua/desktop/js/app.js?id=f13d9d3b121596546fe3
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
235947
cf-polished
origSize=92589
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Mon, 13 Jun 2022 21:17:50 GMT
server
cloudflare
etag
W/"62a7a97e-169ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmEkQY4Y4tuNptU5bTKTwq337ij5TnUMguSEqerQg3TZRtxroNuRJNAfDGSZE3WoyQ0aonI%2BU5wpvvU0TWLOqJR%2BKbD3fMkEucVH85QThGxkZRjiV%2FwA2AAIOwdJd1zGhxWb%2F9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
max-age=315360000, public
cf-ray
73a64fbcef900656-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
client.js
aixcdn.com/
23 KB
9 KB
Script
General
Full URL
https://aixcdn.com/client.js?166045
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4507
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 01 Aug 2022 15:12:27 GMT
server
cloudflare
etag
W/"62e7ed5b-5a3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hneFQF4weDVHgIZFd80tVqHXfStBUgcO%2F2CPWEGngPwdfW%2FYK5WF8nlj1N874RypEwUInxbu2E8sty2Ol%2FFyKiD4FQaWYcqGSv0dZsNKShqXF61h3OZ2La%2FLE%2BYa%2Bg1oUo%2FLaYx%2Fn5u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
73a64fbd8ce776db-LHR
expires
Sun, 14 Aug 2022 03:44:41 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5519
date
Sun, 14 Aug 2022 01:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 14 Aug 2022 03:05:57 GMT
client.js
s.getstat.net/cdn/
16 KB
7 KB
Script
General
Full URL
https://s.getstat.net/cdn/client.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5652
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Apr 2022 15:15:08 GMT
server
cloudflare
etag
W/"6260237c-3e9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9f%2Fax2aGDwwLtm%2BeDAOKqjF%2F56pJYmCMVaaCsg7fDdstUtSh1VHguByv4PuwHyvJXonk13OWFo2eZA6jJ3H5psXCu2fhRSmCxL9PCiOPlewbZMft%2BcoVwfKPesr9j9t9bE4dm0kkEK9WM8Q1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
73a64fbd8f4b8885-LHR
cf-bgj
minify
client.js
cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/
58 KB
18 KB
Script
General
Full URL
https://cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/client.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
EXPIRED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 14 Aug 2022 01:50:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhzY4OiCqUqxhQ0YH3N5QHGbn63Pcp0XcSnE9sDEVTzlVHN1Sv4wgWsS2A6VB%2BsMbqsO5zs7rz6HQ9usS7IkBhLfwEE%2Fld9HdQOmxYaIY3U5ZctppToCH2torkCoVblauTkB3tLobnmoIfk68eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://znaj.ua
cache-control
max-age=14400, public
cf-ray
73a64fbd89ac74fd-LHR
cf-bgj
minify
truncated
/
125 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
125 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Mz5pan1SPOcGBXpU4CD9TdxXSLOpZZTGFmsa2rWR.png
znaj.ua/crops/28c071/150x100/2/0/2022/08/07/
5 KB
6 KB
Image
General
Full URL
https://znaj.ua/crops/28c071/150x100/2/0/2022/08/07/Mz5pan1SPOcGBXpU4CD9TdxXSLOpZZTGFmsa2rWR.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35f7b6c6edb41bb07d012cd80ae47d2b5f899acd498c727a81d22051d5338332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20677
cf-polished
origSize=5125, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4991
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Sun, 07 Aug 2022 10:43:22 GMT
server
cloudflare
etag
"62ef974a-1405"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynLveT%2FYr5hHuZAXDNFS1LtoWU7LjaXvD18mY2uuw6epIQC4GCedVLXYfK9CCNK35NSvL7VLCahuPrL%2B5iCqbVtaGmCqstJIk7cAlbPFyPWlHqLX%2FO2z8mOu%2BHDIqUlLUiVxqyA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
73a64fbd6ef372e2-LHR
cf-bgj
imgq:100,h2pri
iZ3LVtxzuNzze7KmOj5FYZY4srpVPTmkpOZItpsm.jpg
znaj.ua/crops/ea7476/150x100/2/0/2022/06/22/
4 KB
5 KB
Image
General
Full URL
https://znaj.ua/crops/ea7476/150x100/2/0/2022/06/22/iZ3LVtxzuNzze7KmOj5FYZY4srpVPTmkpOZItpsm.jpg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5030898120163ebe98c244e50374c0c8dc4684638d5c2e69eb635768beaa21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20674
cf-polished
origSize=4299, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4151
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Wed, 22 Jun 2022 16:14:43 GMT
server
cloudflare
etag
"62b33ff3-10cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmIC25BiiXuL%2FVVSjVcqAfgMqhQEW1%2BMS4SShwIbyaVP5ytv07uBUz0etVT%2Fx26U4on77csjKu%2BRjfqSk2VX9bfMm3bXKSD9d64c07HSB5diXeHq7I%2BLmvgmzRVYemJhz2Bho%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
73a64fbd6ef772e2-LHR
cf-bgj
imgq:100,h2pri
c45YiARiRQf9pevzjdiKKn9PidZLUGuRET86Gnmz.jpg
znaj.ua/crops/bc60ad/150x100/2/0/2022/08/12/
5 KB
6 KB
Image
General
Full URL
https://znaj.ua/crops/bc60ad/150x100/2/0/2022/08/12/c45YiARiRQf9pevzjdiKKn9PidZLUGuRET86Gnmz.jpg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706274edd139f36500dd470c1a295bf423383c924c5b278a064bb65fe9265675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20681
cf-polished
origSize=5204, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5071
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Fri, 12 Aug 2022 15:14:00 GMT
server
cloudflare
etag
"62f66e38-1454"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Fq4PIT4AI8krx52Skvi9qL8AoiVYryuZdOpgkSY0PSrJhx5dnP%2BpIpYdBCmJQCC7oKP0M0qv0VcmrryviNTIwB4a0QSC%2B%2FOX7%2BF17LPNSYuzjvj28XQAVQwtgxekZComj9g2oE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
73a64fbd6ef872e2-LHR
cf-bgj
imgq:100,h2pri
ug3DW17X9i1XNRn9v82yzoBXEmxzHYxYTJrXODCB.png
znaj.ua/crops/fca3d0/150x100/2/0/2020/06/16/
4 KB
5 KB
Image
General
Full URL
https://znaj.ua/crops/fca3d0/150x100/2/0/2020/06/16/ug3DW17X9i1XNRn9v82yzoBXEmxzHYxYTJrXODCB.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30a8c4c5e3d54526b78b1001f77155907f9ec6cc16f83a8ccefd26e106ea4172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19811
cf-polished
origSize=4540, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4409
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Tue, 16 Jun 2020 11:29:04 GMT
server
cloudflare
etag
"5ee8ad00-11bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUBlfbodKmqGXfdc5ZFWqyaV7ECbVRf6BmjjQrGoXoKr2rBfLJqEt6z3WO%2FluPI5Zn0BUseXFvU6YbH3sJwpy0R%2F%2BORZuNO6vNCIpQyo%2FUUKT1RVgw6IDsZR0n9SSKrtogavN1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
73a64fbd6ef972e2-LHR
cf-bgj
imgq:100,h2pri
wAWWemcLZgGsysd9GUg86AYuIPIUYpzr5GdbKryX.jpg
znaj.ua/crops/8dfc02/150x100/2/0/2022/08/12/
4 KB
4 KB
Image
General
Full URL
https://znaj.ua/crops/8dfc02/150x100/2/0/2022/08/12/wAWWemcLZgGsysd9GUg86AYuIPIUYpzr5GdbKryX.jpg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e788a87ac9c515a3ee37e0eb59f9c71a47460e0cfff307e0bc1266670fed67c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19811
cf-polished
origSize=3795, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3626
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Fri, 12 Aug 2022 09:48:01 GMT
server
cloudflare
etag
"62f621d1-ed3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEGOHpiRKxujoSgT%2BMyGlkumhTiqZlrvdYYWxGVhjw7Nu6D69C7SwgJoNJzJqmjFJewR2PvyPcTdkfzsXf60DfR4Z0KAk%2Bav8BlHbV3ZVi5OXto44hu4oaQeGR2YVHnKgjRpUHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
73a64fbd6efc72e2-LHR
cf-bgj
imgq:100,h2pri
LWINHFUXTWfHod9IsK25gis1UO1HRhzRwHgb9hTF.jpg
znaj.ua/crops/a00712/735x400/2/0/2022/08/13/
85 KB
86 KB
Image
General
Full URL
https://znaj.ua/crops/a00712/735x400/2/0/2022/08/13/LWINHFUXTWfHod9IsK25gis1UO1HRhzRwHgb9hTF.jpg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a8efa2f1f4b4d9f188f5fe61ed1dc1aba89d7d80af778bc00bd86b774b91150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3640
cf-polished
origSize=87418, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87196
last-modified
Sun, 14 Aug 2022 01:37:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T64BbbCH39qdJHeXQw58Er2ni43Jt2UkNDSL8b6WzcLeVciYTKqlchcUI0WhPF4P%2F09fgfkxC7W%2BeZmeAWKYNOrng1yHlkCaXkS3jgijidEwNMmmaHtG53hYkqqLvUICiN9kx84%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
73a64fbd6efd72e2-LHR
cf-bgj
imgq:100,h2pri
Mz5pan1SPOcGBXpU4CD9TdxXSLOpZZTGFmsa2rWR.png
znaj.ua/crops/ab3b26/735x400/2/0/2022/08/07/
39 KB
39 KB
Image
General
Full URL
https://znaj.ua/crops/ab3b26/735x400/2/0/2022/08/07/Mz5pan1SPOcGBXpU4CD9TdxXSLOpZZTGFmsa2rWR.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb4fad0fd40a311183664568c42dbdfb03d9b13813c7a1f3d4c4efb3674bd4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13316
cf-polished
origSize=40188, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39666
last-modified
Sat, 13 Aug 2022 20:51:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5%2BAALvE1s19FdO7ewE5qM%2BImTDbjO%2BTFkBh25xxFsmzoZKHgr38ZyjfdQB5swSoxk2EcKJC%2Fal%2BIavWoJxx9w1nazZwKgA8RMH8t339%2Blp9qoMRRSBlo8PcrkMM3DlbJa9oUCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
73a64fbd6efe72e2-LHR
cf-bgj
imgq:100,h2pri
pv
s.getstat.net/
42 B
786 B
Image
General
Full URL
https://s.getstat.net/pv?u=https%3A%2F%2Fznaj.ua%2F&d=znaj.ua&s=&t=&l=uk&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=1&r=0.5747539299169693
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8sXu8mroIx9Sd3ix3PHzPfd0Y%2FGIfYd4Sb6r2q7iog62pT32GNxf2AIPBrYUCxKC7lsAciIlGs7p%2Bc3n4i6zjJ3czXmS2sspCr4%2F5Rr%2BTPpwWj2eaKB%2Fne1hEKSZyl7PznStveeT4HtwpMN"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store
cf-ray
73a64fbe3b857702-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
121
aixcdn.com/p/
141 B
756 B
Script
General
Full URL
https://aixcdn.com/p/121
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?166045
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b5a87ef53435664c6f35b8654f39d223f0498bd55aa534b9a0d63789660cf51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 13 Aug 2022 07:59:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf4Tv6z8pMOC27MHBhxNtgKMEmCqH4CaYuSEN0pugJuG%2F84Ub1rgAX7ET%2B9OKQ6b77g8TjTt3FOG0nMiqGaBdg8kY756jQxJtnia1g8wy4ZobbE6ucByDTZCK5UxLDqCdVM1IPI67DNQ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray
73a64fbe3f5c75d1-LHR
97
aixcdn.com/p/
23 B
637 B
Script
General
Full URL
https://aixcdn.com/p/97
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?166045
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34532
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 13 Aug 2022 10:35:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFl%2B3%2FFEgtE75erc0IT4ZhdnxpJS8udOz8e0s6DpzbIpW2QvE9AHHs7lExhZUo1v%2FIc1%2BH6Vf529qKyw%2FrwG93MRumF5C7seUXgVWHgHq9GejlnZWiD3gPjzZxpytdYbvXQGQEpvmMeV"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray
73a64fbe3f5f75d1-LHR
194
aixcdn.com/p/
2 KB
2 KB
Script
General
Full URL
https://aixcdn.com/p/194
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?166045
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34532
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 13 Aug 2022 10:35:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVUK84Yw3%2BtnCcRlXoBa89KWd7Fk7%2FhVhCGm8CX3wZULdpKyWQ0INd8jyeThxTByRmX%2FadToo51e95nJwgCFtkIbE7%2Fclq%2FWIRkQIVjRfBQFAPXyu%2B8om5bwYPwnyG2gynsB1OMc3s3J"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray
73a64fbe3f5d75d1-LHR
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=556323356&t=pageview&_s=1&dl=https%3A%2F%2Fznaj.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B2%D1%96%D0%B6%D1%96%20%D1%82%D0%B0%20%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83.%20Znaj.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1694856193&gjid=156849051&cid=1711258073.1660444677&tid=UA-108263001-1&_gid=1251887812.1660444677&_r=1&_slc=1&z=1673199701
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
branding
a4p.adpartner.pro/
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/branding?id=1582&0.9207348751014386
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
d46ceb2bde60881fb19d81ed006513a18f1fa2428fe60af86e50e308a13f298f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
gpt.js
www.googletagservices.com/tag/js/
83 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?166045
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60eb12486bd244f9b2c77d851a209c7f1cf81a9a82bce5662efb019b50b6f56c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28772
x-xss-protection
0
server
sffe
etag
"1303 / 396 of 1000 / last-modified: 1660341990"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Aug 2022 02:37:57 GMT
ym.js
cdn-b.notsy.io/zna/
3 KB
2 KB
Script
General
Full URL
https://cdn-b.notsy.io/zna/ym.js
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?166045
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
b96ad8fa38e9a64fdcc9011586abdaa1569d347bc94813a1f0485368d6c0fc21

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
br
cdn-edgestorageid
883
cdn-fileserver
250
cdn-storageserver
DE-168
cdn-cachedat
08/10/2022 13:09:23
cdn-pullzone
139012
server
BunnyCDN-AMS-879
last-modified
Wed, 10 Aug 2022 13:07:44 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62f3ada0-b87"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
9dd29dbcfd2166cca42960df640de32f
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
truncated
/
279 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24ddbd6f1eb159364d8240931918dbc10eabc25d94b5e7ba13fb0ffa94cddaf3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
stats.g.doubleclick.net/j/
4 B
436 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-108263001-1&cid=1711258073.1660444677&jid=1694856193&gjid=156849051&_gid=1251887812.1660444677&_u=IEBAAEAAAAAAAC~&z=694389386
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 14 Aug 2022 02:37:57 GMT
content-type
text/plain
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ym.js
cdn-b.notsy.io/zna/b/
352 KB
111 KB
Script
General
Full URL
https://cdn-b.notsy.io/zna/b/ym.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
a0c108cdb38a9c8db527873ff9482d0f20de23c56132104906e514a9860bcb50

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
br
cdn-edgestorageid
879
cdn-fileserver
376
cdn-storageserver
DE-169
cdn-cachedat
08/12/2022 20:55:06
cdn-pullzone
139012
server
BunnyCDN-AMS-879
last-modified
Fri, 12 Aug 2022 20:54:15 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62f6bdf7-58157"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
6152db54219f9535c2d352cba76009db
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
pubads_impl_2022080901.js
securepubads.g.doubleclick.net/gpt/
385 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 18:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134589
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 08:35:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Aug 2023 18:49:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
297 B
778 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=znaj.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142
x-xss-protection
0
expires
Sun, 14 Aug 2022 02:37:57 GMT
branding.min.js
a4p.adpartner.pro/apstc/
13 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.9207348751014386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame DD7C
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=0f653bd5-cbe4-43c8-9124-e8e247eb917d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.9207348751014386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 14 Aug 2022 02:37:57 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame DD6E
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=95567344567442290&apuid=82634a32-b368-43a8-95ab-3b1a8946350f&session_pageview=1&session_id=0f653bd5-cbe4-43c8-9124-e8e247eb917d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.9207348751014386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
171dfe7291950e0181c3e51c5a739080b80879231fdf036fc5874d495bcae0dc

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 14 Aug 2022 02:37:57 GMT
server
nginx
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=1711258073.1660444677&jid=1694856193&_u=IEBAAEAAAAAAAC~&z=613356809
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=1711258073.1660444677&jid=1694856193&_u=IEBAAEAAAAAAAC~&z=613356809
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame DD6E
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=95567344567442290&apuid=82634a32-b368-43a8-95ab-3b1a8946350f&session_pageview=1&session_id=0f653bd5-cbe4-43c8-9124-e8e247eb917d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5520
date
Sun, 14 Aug 2022 01:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 14 Aug 2022 03:05:57 GMT
branding
a4p.adpartner.pro/ Frame DD6E
771 B
450 B
XHR
General
Full URL
https://a4p.adpartner.pro/branding?id=1582&session_id=0f653bd5-cbe4-43c8-9124-e8e247eb917d&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=95567344567442290&apuid=82634a32-b368-43a8-95ab-3b1a8946350f&session_pageview=1&session_id=0f653bd5-cbe4-43c8-9124-e8e247eb917d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c06c8ca6c8aaeff5c2502f15d795d39289495beccdadac100eef321db24758fe

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=95567344567442290&apuid=82634a32-b368-43a8-95ab-3b1a8946350f&session_pageview=1&session_id=0f653bd5-cbe4-43c8-9124-e8e247eb917d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
apstag.js
c.amazon-adsystem.com/aax2/
140 KB
39 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 14 Aug 2022 01:55:59 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 20:51:38 GMT
server
AmazonS3
age
2519
etag
W/"72916dde70b34122b394074010b382ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
x-amz-cf-id
ntykPniCAMr5Et7fhvsrjBJbIoFYj0F9UunU_kkMkH6Yy7p_pAy2rw==
page_view
ym-tack.b-cdn.net/
0
0
Ping
General
Full URL
https://ym-tack.b-cdn.net/page_view?ZNA;desktop;B;main_page_desktop;c667db|f0c2a0
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.43.81 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-212-102-43-81.cdn77.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

video.js
cdn-b.notsy.io/video/
213 KB
69 KB
Script
General
Full URL
https://cdn-b.notsy.io/video/video.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
e934d17212c389cb215be66ea64fd701918e3530cf2efdf4f6781f2a3669b097

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
br
cdn-edgestorageid
879
cdn-fileserver
224
cdn-storageserver
DE-165
cdn-cachedat
08/13/2022 10:19:33
cdn-pullzone
139012
server
BunnyCDN-AMS-879
last-modified
Sat, 13 Aug 2022 10:18:47 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62f77a87-354d5"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
1603beb8bcce092e2f67fdd1a34a6472
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220814
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1cd5288df5fc8baba45bf01790e2a932814cd836de0b6f96fa24d3402e7a39e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
41820
x-jsd-version
1.0.1431
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
912
etag
W/"66e-ur7zZQqCVtuVL5O5rlLNEC3xm0s"
x-served-by
cache-fra19122-FRA, cache-lhr7339-LHR
x-jsd-version-type
version
date
Sun, 14 Aug 2022 02:37:57 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
adx.adform.net/adx/
5 B
479 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzNDAxNTEmdHJhbnNhY3Rpb25JZD00OTg0ZDBjOC1jZDE3LTRmY2ItODJiOC0yOTg5NGQ4NDcxODQmcmN1cj1FVVI%3D&pt=gross&stid=6966d695-44ad-42fd-99f7-3470f27d31bc&fd=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://znaj.ua
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/
143 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8b805dcafa904b27c09e38486ecaefaceb344eb811c13d09c5921692de8e399e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:37:57 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b26af05-2e21-4bc5-914c-bd18933755d6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
260 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309704&size_id=2&alt_size_ids=55&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=4984d0c8-cd17-4fcb-82b8-29894d847184&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2765547390257246
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e28b93244e86d1e819060cf4385e6b9beed70c67db1d814a7e71e817ae31a078

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:37:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/
0
209 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=48559416300
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://znaj.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
auction
tlx.3lift.com/header/
19 B
517 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fznaj.ua%2F&tmax=1000
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.27.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-27-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:57 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status
17
content-type
application/json; charset=utf-8
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/
2 KB
957 B
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e29e030737bf0b66434c4da5e3186c10b57b49c2d53fc91d8360ed1bfdbf5271

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 14 Aug 2022 02:37:56 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://znaj.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
655
cygnus
htlb.casalemedia.com/
1 KB
1 KB
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=861202&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213fd6e352077241%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fznaj.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22c4193689-ccff-4240-b83b-892a8970bb47%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214eaa5b77d05d71%22%2C%22ext%22%3A%7B%22siteID%22%3A%22861202%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A970%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2214eaa5b77d05d71%22%2C%22ext%22%3A%7B%22siteID%22%3A%22861202%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%5D%7D
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
428bfad8f1cc0228f939dbebf8f7be45b66340a3544af83890db7e67cbe59294

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PUFEcLK6l%2FnRb5Sr5XLlBY3U8oK7ssFvijnUJgfzI6wIG6Hjy0I%2F53zIfBkARoMp%2FcBt4tui2S5cT1YSkwuafeeiuD2%2FnsZdhc42M5zrvcVd68iTk2%2FJT%2F6bGw17pSS4qrCoHET"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://znaj.ua
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73a64fc1ad2671bd-LHR
expires
0
bid
a4p.adpartner.pro/hb/
193 B
401 B
XHR
General
Full URL
https://a4p.adpartner.pro/hb/bid?tag=8217&sizes=970x90|728x90&referer=https%3A%2F%2Fznaj.ua%2F
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
a2266e14974ecddf601d7f7ffc1fbfdab173d4618ec4edc9dc93e88d2da79ee1

Request headers

Referer
https://znaj.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://znaj.ua
date
Sun, 14 Aug 2022 02:37:57 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/json
if
a4p.adpartner.pro/tracker/ Frame 6F56
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252282634a32-b368-43a8-95ab-3b1a8946350f%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 14 Aug 2022 02:37:57 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 9505
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252282634a32-b368-43a8-95ab-3b1a8946350f%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 14 Aug 2022 02:37:57 GMT
expires
0
pragma
no-cache
server
nginx
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=znaj.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=znaj.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
50 KB
15 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1243287567280596&correlator=1454543356639630&eid=31068457%2C31068500%2C31068915%2C44761478&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_WEB_INTERSTITIAL&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3438404882&sfv=1-0-38&fsbs=1&ists=1&fas=8&fsapi=false&eri=1&cust_params=page_id%3Dmain_page_desktop%26variation%3DB%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1660444677489&lmt=1660443616&dlt=1660444676562&idt=899&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1711258073.1660444677&ga_sid=1660444677&ga_hid=556323356&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
fcb916a648bcc183960c9b372cb79c40664390b65fadcf20a985633fbd7b567c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15409
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 84BF
6 KB
4 KB
Document
General
Full URL
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 02:37:57 GMT
expires
Mon, 14 Aug 2023 02:37:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022080901.js
securepubads.g.doubleclick.net/gpt/
36 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080901.js?cb=31068915
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
43e08bfd6875e8d464d705bd0801528ce3b2138ddcebf2f2b969c7c7b0326f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13586
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 08:35:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Aug 2023 13:22:11 GMT
config
c.amazon-adsystem.com/cdn/prod/
0
305 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fznaj.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 22:17:14 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
server
Server
age
15643
x-cache
Hit from cloudfront
access-control-allow-origin
https://znaj.ua
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
0LjXymxRJC63qmYbN9jOhK82eaPNV_hRFjUti2Iv_pWOLvBv7XmF4g==
bid
c.amazon-adsystem.com/e/dtb/
23 B
485 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fznaj.ua%2F&pid=e34piF2gnrDkr&cb=0&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3Anull%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x480%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_WEB_INTERSTITIAL%22%7D%2C%7B%22sd%22%3A%22notsy_container_137042859%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ATC_970%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
TWPMKHG84Q2SEYTAKD1P
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://znaj.ua
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
yGSwfoFgWAzLh93OCKXm2nz_stN-HLc1iYARfWu6ZOR3Jnt7dt6KRw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
84825
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
date
Sat, 13 Aug 2022 03:05:20 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
jxlcJ9G0aKpuLjH2BRWdzCy1v4yxWLtdYyqvvjTs92JqbBzTx-60Mw==
ads
securepubads.g.doubleclick.net/gampad/
15 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1243287567280596&correlator=422311303585587&eid=31068457%2C31068500%2C31068915%2C44761478&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_ATC_970&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&fluid=height&ifi=2&adks=1036492275&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D728x90%26hb_pb_ix%3D0.01%26hb_adid_ix%3D188f5c7cc50448a%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D188f5c7cc50448a%26hb_bidder%3Dix%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=page_id%3Dmain_page_desktop%26variation%3DB%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1660444677623&lmt=1660443616&dlt=1660444676562&idt=899&adxs=315&adys=205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&psz=1600x100&msz=970x0&fws=4&ohw=1600&ga_vid=1711258073.1660444677&ga_sid=1660444677&ga_hid=556323356&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ceeb4cd2d3c122f85631ff93dc6e1f6024b27838019502bc9bb25dbe9c7de11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7981
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
066020aaa01a28f39d73ad31167b0d13584a8b9e2aedb7af5b3ca17a4507d4a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Aug 2022 02:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11082
x-xss-protection
0
/
c.aixcdn.com/
42 B
398 B
Image
General
Full URL
https://c.aixcdn.com/?2120&3224&4137&4166&r=2197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab037c2cbbde510127db317534973d375a4a142c4bae4fbe3a42b3dfe420cc3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTS92r%2BFMMTz0dca%2BZSkea5ZF6aJEkWWgGmETExGbcOuUlhiwNos5zBaxS%2FoPpsY5kO6o%2B2GNsUU2h7iS49XOOm1wvY6tJKLlGAaJWw8A59hlmfNX2tNPUrT8bxxjW7%2FCjNCeOZejhGslFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73a64fc43ad176db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
container.html
4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C286
6 KB
3 KB
Document
General
Full URL
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 02:37:57 GMT
expires
Mon, 14 Aug 2023 02:37:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B7A7
6 KB
3 KB
Document
General
Full URL
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 02:37:57 GMT
expires
Mon, 14 Aug 2023 02:37:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Aug 2022 02:37:58 GMT
css2
fonts.googleapis.com/ Frame C286
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 14 Aug 2022 01:30:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 14 Aug 2022 02:37:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Aug 2022 02:37:58 GMT
/
track.adform.net/adfscript/ Frame 98D0
2 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=54737416;rtbwp=YvhgBQAKEO8H_YheAAKV-M8EAlo4bRKG6oyC9Q;rtbdata=jMNqeDmYZHhBqBs-hMxriNw0HzEbO74zytJzXiV8gvzh-ddObndqEBCFVbY5SpXCoe5qPU31FJ8qHZO2GkguPINI0VsLSlsg0EcJMky9aXrzXqlXJQuqKnMZnJGuA6oxKYn8hTqZDzJn7hBXUSMau-q4yOT_vfOQ9CbqofWHJt70Eevugz5AB4wbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoU48BWD4Yu-hKN6Q9u8P-KuK-AnovpiUXKCls8n9CMCNtwEQASAAYJUCggEXY2EtcHViLTg0MTcxMjYxOTc1Mzc3NjKgAane3uECyAEJqQLyjmF41IOCPuACAKgDAaoE4gFP0LXbi59qJXQxq6CcQpRRVKTfbKMqpYxPA0JHl-di3kFWd02YUISLIsRt5o-7lqONTXRZ01UfqmvzZSPViXO5i-qwTRGaxX8a6cC5gYwPrC7VPB_tVsQywNEhV9Ulyx-7EwLZsaoAYLiJ9LFyG3d9bfYdEA-4KkFwhnrntCm2fgj6XL67SZ4rIjvtm2hEhpEA8R-gsAE55F8IfM-Zf3yPSm2AKGx6rvn1HEy7ZwlP81XSggtCd6fXO66H21ywRY1NMarqJxq7Squ043b4rFe8qU84dBO3Nlx6zsocTMnoJFr74AQBgAbSlsWavcaQwSegBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3WPL7ifZCNwr07TygcqptAiFiEpA&client=ca-pub-8417126197537762&adurl=
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e65632f191a445b819e960503fb15e4e6a3a524b8c8bc0cbcb535cd294538f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1660
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 98D0
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 02:17:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 98D0
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Aug 2022 02:37:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 98D0
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 02:16:44 GMT
l
www.google.com/ads/measurement/ Frame 98D0
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTngQAduaUGzW8biIomG_6tGalajqSW5S2rIuHfYT9IkLN6N-aP4nVZvM6xZaxG3mfF6ekUViLM39yamV_TahJi4V1CHg
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 98D0
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:20:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 11 Aug 2023 17:20:51 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame C286
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 01:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
14969459707636190018
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 01:06:12 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3844
624 B
747 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNXryQF-z5F0PYc1jTMnxK5UVSjY8sPdrdEqH2ZRITR0VhoULp0moNV6uVX0he8TorxEZmTHYwmFSbhMqbFxvT9t4ssjxJsOzrMQlZsYexJue9bc8c249Nx5T79tDchY_JRgFPVH6OEJ5QFVLdBiynMpdx4cINJZZ9O_U016qsaSfsMlbmo
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 02:37:58 GMT
expires
Sun, 14 Aug 2022 02:37:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B7A7
79 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZIUr3UJoTFvI6-OBDbM_H9gSU0zV4CMw-KLPZ6xtSjaDCUb194qQafQs7gWfmDrZfIWlxr7ijpgCWprDullFiECcfpA&cry=1&dbm_d=AKAmf-Cexwt1UO8eaGvH0yBTo3Vs746FaHf4mjCHUyeKNZ8PEB7Mw9ja8WMoI8FLM5v_p_3NjeC3i4uCZRvRyDIlhaJc5qgotLbqam6Ypo4wj3cMYEz1rocIAi29wr5uHkPHqxO_dTsdvMwAfbd6XWNDGvPcPoapgP9GiN0LCdo_YIx_ruNvhW1SXg774-HnFQhXFroEFB030n8f4FnuuptuR97vVhn1yvBg9bBJv9ay9FCp9juyl0a4lkuSeEva597XPOg18hgVl2vQM_lBm9QKM0tjN0qvg-TfUZOHJuX5WQ-vd4depchbHoxJaGsHVeOthiFIaetvVv2THkxqL35EWkHqtpi729edK1vDXhcfbQ5uRMs0QIy2IRTMColeRFsMr0e-SlTjfZRwBNfBhsJEqUv65pqiSIcIYJh2z8HiFzod1KwqDAZhKGF6ip96D7co24HW1t-uVrUE7MJF_ObnJySuXSTmj8ox3Jnl6fx_WYSpTqSNNHYsx6JdKFnG1RRJ9UpWFZdHofk105mONUyqrV8uWz4QPOXmV7KJjkUWTYTASByRhciuf4XmaxjvxFvsy6wS9VBvDdNlWh6xY3OfeBY0x22Fo4Ar_d-IjdLW2haHboDrelVQO4Tvw-OiMeje9scKnYUEtHXLkxktqaw7Zj0LOb4qngA_nrvhncPaZ7y9sWVB-YaX-nkxpkbauc1e2cGistYla4jnuXFiCyvPT28BueYmUor9m6YOpZUF3NHwIZhcW2C43Xqu4NMLkMibRmnCN3r1AQnNbZ2y12avWV0lCL_G5TIT5F4uBRFpx5vZOyHxnfhuwLyIU7pU4_OGdBaWWfkqngOR9RDpbHYJj05ASXD2DvBaWWWCvnlB1i59m6_NTEjCPlZBetnpNn-bgkMQmBsqiM29yGb68NQ4_9YHs1IMxNgwV-LCzqrOI4wopRnEcu8-bLw5iFEUylQGM8fRmI2atHtiEDVDs61kV5ttvzbIzz4ntU3nl3QF9UxqPi40yZPleNvBEzeSpz29FEVXEosCo_otJkh3DYw1ACps9n0T05Q_9DaAVXztmoIWYbPDPT5p9NdvXsMAMycB1aVt0CCdE2kR5LKENqPWSZg-a_dtiPgrzDGlEab3Eij4_Qf0Bo0BdB5IJ18sTxgXPKubwRnpkD0hUdwwGN40EYrOqBRfhWKiD6EtJSyryBhYhwWrHP4cx4Lr4ytdBzT6qwA73wx2oXq291KqZgrzmyyEIBBZXpVOitb7mmux2R1m6UWmf2ocI9BxboZAHT9ipIrULA0_3B6f3TUP_JyCCl4WRT8RRUwOXtlWWEJ47XzcG2fEJGf59X8A9lOIsOOLZqSgKFXDTijOEqUd2ATmRBXm_mrvAQ4BiO989EEDcvC6PaeeWcAq357BEP0jgYBCwsQdDewa5wjwZ5DU-WchxdcA4PJstc6LKxRTijoMZARo5JaV_RMVH4r18I35AGSdsPkhgzxqeaoCpLpqqcCbxczB4EZrxmlO8re0ZfgDFGwAzx_vdxa4n2wYAYvjVadnCF0kK4uP695eKkjrb-cDDfrtwbNQGFu6cxZ0qEIqX8_ee0MAJo4yHprY7wEIZdKXlSHo9CO3tbN-2uBW-NwQ1PHfaDuln2Lu2ocJKoIdB3QAZJSQH51thqMs8WO-a-_WqfXxtSryuZvk69ConlGQn8kf7neqNJ77Zd_-U1q4POyrGDm4WhWC318ZfKcRQwj3Ll-AaFRrny_PQhGqD3V32EiwtNQEr0R3SXIzG_v54LnckWel6rQAA5ACqdN8gBAZiJK-i226QDQYlNTNqHZoFloO_L18n5CFc4r4WfIHVwUBMFpR7heT4LwOP23CJ6u_ZSG5bibdPrtJ0VBu8iWf9q74mVSy7Bgfg06df2ReKIUiZHP0hDoKKgcDdYFOW9bJvtMjs5NUucgbPD34Xkk4yrPBXFxG74iYNdIqy8lP5TtNNoQDl3PiQsq9OnRXTpmyv7gJ9UEvEkfr3NTarwVN_I8cDafww6UWzx_cN3YKsozBRggZURUz7JJjd81hOyHhnZIUezoN6ngSQu2QaD2M8FnEph_1-7jcB8jOiis1fHBAAsEFYXRRs86StjiB-GPa766EjBj3FbaZ2QnA0S4E0x31qGKEUdPQX4vTgtk5o-ZqMeDDzyfeCwwRPDsGAQcrlinID_K6K7PpQs4w6A4PYjrBH-EVWOWdjzgDqisWLXhqBzsPiudwstFXRymJb2T88IsqL1Uw5wDfDsgdcilztFKhUPKimhR0BAqAiWkiPF8k0gAvilkrq6tTezdiGdSTdjAKtnKY1YAWsipnde_ycRIBdBeUyXqZdNwWWA4XNYvYTkscduKe7_A9qXrblyPbD53ixPWSn3tJ3t_ejZbn1gQyMVjZpbmoFn7b4dzkcB9IFrCoYMKB5wWYseROlO8mbUX1t8SM1lpb7sQ1Byp3kLP9wwg648y9m88wMEtf1Faq5bBIq_wdo4Kc2Ct3xnD2orDAOzkUFurdUi5HePxYMpbiwhzaC41rdAW03JA-_I-CeTmu_NKEbhugEwxUtoWpKPx-Wph4bsuo2PMDZvofs23cP6c99_dZ42IyD9TFzKpQa_607gOmLrNYb_1jLNJTTq3T-L4YxBqYbpJ-qiy4eyzK5pO_FzPxyPkiqzXPN8fn5SiMwotmS1GUl5NRjHq0IE3_M8vn9x-lYZEVyIgKoy0DF5xpCcRVQ3R_kgWW9HVyvJFgZrmmooU__bZD00W4w9B9eCY1axsMuwKeCkIDokv5sY-SWR0UWpzXT9OBIczkO03tyvxv9fsgxrPWoKlxi2w9Hs436SCF4SBUySlyNRgABTv6C4sgin0KlT0dKn33OiSkYn3kmmV5ygzayjA8kp_kVfdkTxpscEfhy4YAvooVISOEE0ble0wTUHS3aedBDC8PDNBPp1Xe2IxwK0diOPbnL9J9_J7x99KO97cfFqWwPVFJgc10XSO_DUeasDjJn8TP9oZEHoUnL1W2FqEB2kP2qcgWocxQxe5sST4GY8zIbB26EYgDnoa1L19-aCHxxIyz3OFCU6A2gAf2UQGrpB4UqpJtxnPsUU-6a7kepFaGNaYvPV2CVigRsOyaVOdhEcL7EWlm3A5-gpymNUqWUpCdIOaqnm7Bm_QZKXrOv2F4BpbbLEOk75X3ucw-9d-OkqVMnfNjJyCP9yo6g_g2dIDn35H0TW3tErs49uNJwNNoxRH-I99EiL47gUsrAbGoijumpYorbvI-Rk-NwgZ8Fr4amIuVT2gv8x-DyLTmEfbg2s8O6yBoEnsLYKA00k5ps8wMzlM9jZe3YpI06kh0F-8JC5Wc&cid=CAASKORon2i53yN0jhvV84Ic0yYo1hNgraC05qfWqJCevbk_P8c2tg46LbA&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ccbfe3b5e6965dd6f747401973818edc285b773ba65b5365b64dfddbe8b78635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33902
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7A7
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWcQx_9FcE6RnHvPBqThaNGMMj061Fh0n1w2nRwO4exBdUmcuYVL_un3jTrachK4NQSUr7omYL4yRIioPCaJsD2oqB2SfG92St1-tOlEPdy0NasbE
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame B7A7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 02:17:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7A7
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Aug 2022 02:37:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame B7A7
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 02:16:44 GMT
l
www.google.com/ads/measurement/ Frame B7A7
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnuU-1QoHgNiXXyG-EVf5eLsW9HbPVruN1RtfQ0gBRYYah0igDVrWEXjXFM2PzeOSUmlti1dKJE249HEIfGTy2agGCvw
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rum
dsum-sec.casalemedia.com/ Frame 3844
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMN5G4K30ytjc0fMblhr-WY&google_cver=1
43 B
911 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMN5G4K30ytjc0fMblhr-WY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNXryQF-z5F0PYc1jTMnxK5UVSjY8sPdrdEqH2ZRITR0VhoULp0moNV6uVX0he8TorxEZmTHYwmFSbhMqbFxvT9t4ssjxJsOzrMQlZsYexJue9bc8c249Nx5T79tDchY_JRgFPVH6OEJ5QFVLdBiynMpdx4cINJZZ9O_U016qsaSfsMlbmo
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fc7cdf306a6-LHR
pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTS%2F0dLpFkJNBBEO%2FHn9TEmBNfUkPYYrpcjzgFSUdI9BLRxigO0nYdlPc%2BJv%2Fn6IRFbqfZ2csnCbqx92Z89TTreKRrMHE1jG4aWc1P1M4KcrSafnwYqJ9DvZiXOfWs4m%2FFy1WpZxAm1Rxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMN5G4K30ytjc0fMblhr-WY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3844
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvhgBiHDUd9b65XXo3f.YgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7Rq5Xngz66Op9TKc9joO8&google_cver=1&google_hm=2
43 B
919 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7Rq5Xngz66Op9TKc9joO8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNXryQF-z5F0PYc1jTMnxK5UVSjY8sPdrdEqH2ZRITR0VhoULp0moNV6uVX0he8TorxEZmTHYwmFSbhMqbFxvT9t4ssjxJsOzrMQlZsYexJue9bc8c249Nx5T79tDchY_JRgFPVH6OEJ5QFVLdBiynMpdx4cINJZZ9O_U016qsaSfsMlbmo
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fc98f0406a6-LHR
pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkrNayM%2BpKmAFT5UdFkmVTTQxdZnF8xskJGQ2Y%2BtXU%2BQlbLefy52pHzhvCns9Ibrv0oQ%2Fpde294Yi%2B2z5%2Flw4%2FPwKeVvnwYOSBL3gDFtP9%2FYWYbqe%2BvqMbMDTJYAHx%2BQlRMAuzkUOLxwYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7Rq5Xngz66Op9TKc9joO8&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3844
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKcBL0XbmbQArQBdJAPDFUk&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKcBL0XbmbQArQBdJAPDFUk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNXryQF-z5F0PYc1jTMnxK5UVSjY8sPdrdEqH2ZRITR0VhoULp0moNV6uVX0he8TorxEZmTHYwmFSbhMqbFxvT9t4ssjxJsOzrMQlZsYexJue9bc8c249Nx5T79tDchY_JRgFPVH6OEJ5QFVLdBiynMpdx4cINJZZ9O_U016qsaSfsMlbmo
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:37:58 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
83f877ce-b9fb-43ab-8872-dc26e86892a9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKcBL0XbmbQArQBdJAPDFUk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3844
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzNzA1NDMzOTQxMzQyODA3MA%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzNzA1NDMzOTQxMzQyODA3MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNXryQF-z5F0PYc1jTMnxK5UVSjY8sPdrdEqH2ZRITR0VhoULp0moNV6uVX0he8TorxEZmTHYwmFSbhMqbFxvT9t4ssjxJsOzrMQlZsYexJue9bc8c249Nx5T79tDchY_JRgFPVH6OEJ5QFVLdBiynMpdx4cINJZZ9O_U016qsaSfsMlbmo
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:37:58 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
adac51ba-8c80-4653-82b4-ab407e0d642e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzNzA1NDMzOTQxMzQyODA3MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 98D0
33 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54737416;rtbwp=YvhgBQAKEO8H_YheAAKV-M8EAlo4bRKG6oyC9Q;rtbdata=jMNqeDmYZHhBqBs-hMxriNw0HzEbO74zytJzXiV8gvzh-ddObndqEBCFVbY5SpXCoe5qPU31FJ8qHZO2GkguPINI0VsLSlsg0EcJMky9aXrzXqlXJQuqKnMZnJGuA6oxKYn8hTqZDzJn7hBXUSMau-q4yOT_vfOQ9CbqofWHJt70Eevugz5AB4wbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoU48BWD4Yu-hKN6Q9u8P-KuK-AnovpiUXKCls8n9CMCNtwEQASAAYJUCggEXY2EtcHViLTg0MTcxMjYxOTc1Mzc3NjKgAane3uECyAEJqQLyjmF41IOCPuACAKgDAaoE4gFP0LXbi59qJXQxq6CcQpRRVKTfbKMqpYxPA0JHl-di3kFWd02YUISLIsRt5o-7lqONTXRZ01UfqmvzZSPViXO5i-qwTRGaxX8a6cC5gYwPrC7VPB_tVsQywNEhV9Ulyx-7EwLZsaoAYLiJ9LFyG3d9bfYdEA-4KkFwhnrntCm2fgj6XL67SZ4rIjvtm2hEhpEA8R-gsAE55F8IfM-Zf3yPSm2AKGx6rvn1HEy7ZwlP81XSggtCd6fXO66H21ywRY1NMarqJxq7Squ043b4rFe8qU84dBO3Nlx6zsocTMnoJFr74AQBgAbSlsWavcaQwSegBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3WPL7ifZCNwr07TygcqptAiFiEpA&client=ca-pub-8417126197537762&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0ce978a7907fdf3a7b393ff68e8c0c17703c7f2eae4772b4bdce769668118dda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 07:02:09 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 15 Aug 2022 06:12:25 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B7A7
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
Origin
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 07:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Aug 2022 07:50:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame B7A7
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZIUr3UJoTFvI6-OBDbM_H9gSU0zV4CMw-KLPZ6xtSjaDCUb194qQafQs7gWfmDrZfIWlxr7ijpgCWprDullFiECcfpA&cry=1&dbm_d=AKAmf-Cexwt1UO8eaGvH0yBTo3Vs746FaHf4mjCHUyeKNZ8PEB7Mw9ja8WMoI8FLM5v_p_3NjeC3i4uCZRvRyDIlhaJc5qgotLbqam6Ypo4wj3cMYEz1rocIAi29wr5uHkPHqxO_dTsdvMwAfbd6XWNDGvPcPoapgP9GiN0LCdo_YIx_ruNvhW1SXg774-HnFQhXFroEFB030n8f4FnuuptuR97vVhn1yvBg9bBJv9ay9FCp9juyl0a4lkuSeEva597XPOg18hgVl2vQM_lBm9QKM0tjN0qvg-TfUZOHJuX5WQ-vd4depchbHoxJaGsHVeOthiFIaetvVv2THkxqL35EWkHqtpi729edK1vDXhcfbQ5uRMs0QIy2IRTMColeRFsMr0e-SlTjfZRwBNfBhsJEqUv65pqiSIcIYJh2z8HiFzod1KwqDAZhKGF6ip96D7co24HW1t-uVrUE7MJF_ObnJySuXSTmj8ox3Jnl6fx_WYSpTqSNNHYsx6JdKFnG1RRJ9UpWFZdHofk105mONUyqrV8uWz4QPOXmV7KJjkUWTYTASByRhciuf4XmaxjvxFvsy6wS9VBvDdNlWh6xY3OfeBY0x22Fo4Ar_d-IjdLW2haHboDrelVQO4Tvw-OiMeje9scKnYUEtHXLkxktqaw7Zj0LOb4qngA_nrvhncPaZ7y9sWVB-YaX-nkxpkbauc1e2cGistYla4jnuXFiCyvPT28BueYmUor9m6YOpZUF3NHwIZhcW2C43Xqu4NMLkMibRmnCN3r1AQnNbZ2y12avWV0lCL_G5TIT5F4uBRFpx5vZOyHxnfhuwLyIU7pU4_OGdBaWWfkqngOR9RDpbHYJj05ASXD2DvBaWWWCvnlB1i59m6_NTEjCPlZBetnpNn-bgkMQmBsqiM29yGb68NQ4_9YHs1IMxNgwV-LCzqrOI4wopRnEcu8-bLw5iFEUylQGM8fRmI2atHtiEDVDs61kV5ttvzbIzz4ntU3nl3QF9UxqPi40yZPleNvBEzeSpz29FEVXEosCo_otJkh3DYw1ACps9n0T05Q_9DaAVXztmoIWYbPDPT5p9NdvXsMAMycB1aVt0CCdE2kR5LKENqPWSZg-a_dtiPgrzDGlEab3Eij4_Qf0Bo0BdB5IJ18sTxgXPKubwRnpkD0hUdwwGN40EYrOqBRfhWKiD6EtJSyryBhYhwWrHP4cx4Lr4ytdBzT6qwA73wx2oXq291KqZgrzmyyEIBBZXpVOitb7mmux2R1m6UWmf2ocI9BxboZAHT9ipIrULA0_3B6f3TUP_JyCCl4WRT8RRUwOXtlWWEJ47XzcG2fEJGf59X8A9lOIsOOLZqSgKFXDTijOEqUd2ATmRBXm_mrvAQ4BiO989EEDcvC6PaeeWcAq357BEP0jgYBCwsQdDewa5wjwZ5DU-WchxdcA4PJstc6LKxRTijoMZARo5JaV_RMVH4r18I35AGSdsPkhgzxqeaoCpLpqqcCbxczB4EZrxmlO8re0ZfgDFGwAzx_vdxa4n2wYAYvjVadnCF0kK4uP695eKkjrb-cDDfrtwbNQGFu6cxZ0qEIqX8_ee0MAJo4yHprY7wEIZdKXlSHo9CO3tbN-2uBW-NwQ1PHfaDuln2Lu2ocJKoIdB3QAZJSQH51thqMs8WO-a-_WqfXxtSryuZvk69ConlGQn8kf7neqNJ77Zd_-U1q4POyrGDm4WhWC318ZfKcRQwj3Ll-AaFRrny_PQhGqD3V32EiwtNQEr0R3SXIzG_v54LnckWel6rQAA5ACqdN8gBAZiJK-i226QDQYlNTNqHZoFloO_L18n5CFc4r4WfIHVwUBMFpR7heT4LwOP23CJ6u_ZSG5bibdPrtJ0VBu8iWf9q74mVSy7Bgfg06df2ReKIUiZHP0hDoKKgcDdYFOW9bJvtMjs5NUucgbPD34Xkk4yrPBXFxG74iYNdIqy8lP5TtNNoQDl3PiQsq9OnRXTpmyv7gJ9UEvEkfr3NTarwVN_I8cDafww6UWzx_cN3YKsozBRggZURUz7JJjd81hOyHhnZIUezoN6ngSQu2QaD2M8FnEph_1-7jcB8jOiis1fHBAAsEFYXRRs86StjiB-GPa766EjBj3FbaZ2QnA0S4E0x31qGKEUdPQX4vTgtk5o-ZqMeDDzyfeCwwRPDsGAQcrlinID_K6K7PpQs4w6A4PYjrBH-EVWOWdjzgDqisWLXhqBzsPiudwstFXRymJb2T88IsqL1Uw5wDfDsgdcilztFKhUPKimhR0BAqAiWkiPF8k0gAvilkrq6tTezdiGdSTdjAKtnKY1YAWsipnde_ycRIBdBeUyXqZdNwWWA4XNYvYTkscduKe7_A9qXrblyPbD53ixPWSn3tJ3t_ejZbn1gQyMVjZpbmoFn7b4dzkcB9IFrCoYMKB5wWYseROlO8mbUX1t8SM1lpb7sQ1Byp3kLP9wwg648y9m88wMEtf1Faq5bBIq_wdo4Kc2Ct3xnD2orDAOzkUFurdUi5HePxYMpbiwhzaC41rdAW03JA-_I-CeTmu_NKEbhugEwxUtoWpKPx-Wph4bsuo2PMDZvofs23cP6c99_dZ42IyD9TFzKpQa_607gOmLrNYb_1jLNJTTq3T-L4YxBqYbpJ-qiy4eyzK5pO_FzPxyPkiqzXPN8fn5SiMwotmS1GUl5NRjHq0IE3_M8vn9x-lYZEVyIgKoy0DF5xpCcRVQ3R_kgWW9HVyvJFgZrmmooU__bZD00W4w9B9eCY1axsMuwKeCkIDokv5sY-SWR0UWpzXT9OBIczkO03tyvxv9fsgxrPWoKlxi2w9Hs436SCF4SBUySlyNRgABTv6C4sgin0KlT0dKn33OiSkYn3kmmV5ygzayjA8kp_kVfdkTxpscEfhy4YAvooVISOEE0ble0wTUHS3aedBDC8PDNBPp1Xe2IxwK0diOPbnL9J9_J7x99KO97cfFqWwPVFJgc10XSO_DUeasDjJn8TP9oZEHoUnL1W2FqEB2kP2qcgWocxQxe5sST4GY8zIbB26EYgDnoa1L19-aCHxxIyz3OFCU6A2gAf2UQGrpB4UqpJtxnPsUU-6a7kepFaGNaYvPV2CVigRsOyaVOdhEcL7EWlm3A5-gpymNUqWUpCdIOaqnm7Bm_QZKXrOv2F4BpbbLEOk75X3ucw-9d-OkqVMnfNjJyCP9yo6g_g2dIDn35H0TW3tErs49uNJwNNoxRH-I99EiL47gUsrAbGoijumpYorbvI-Rk-NwgZ8Fr4amIuVT2gv8x-DyLTmEfbg2s8O6yBoEnsLYKA00k5ps8wMzlM9jZe3YpI06kh0F-8JC5Wc&cid=CAASKORon2i53yN0jhvV84Ic0yYo1hNgraC05qfWqJCevbk_P8c2tg46LbA&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 01:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 01:25:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame B7A7
30 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZIUr3UJoTFvI6-OBDbM_H9gSU0zV4CMw-KLPZ6xtSjaDCUb194qQafQs7gWfmDrZfIWlxr7ijpgCWprDullFiECcfpA&cry=1&dbm_d=AKAmf-Cexwt1UO8eaGvH0yBTo3Vs746FaHf4mjCHUyeKNZ8PEB7Mw9ja8WMoI8FLM5v_p_3NjeC3i4uCZRvRyDIlhaJc5qgotLbqam6Ypo4wj3cMYEz1rocIAi29wr5uHkPHqxO_dTsdvMwAfbd6XWNDGvPcPoapgP9GiN0LCdo_YIx_ruNvhW1SXg774-HnFQhXFroEFB030n8f4FnuuptuR97vVhn1yvBg9bBJv9ay9FCp9juyl0a4lkuSeEva597XPOg18hgVl2vQM_lBm9QKM0tjN0qvg-TfUZOHJuX5WQ-vd4depchbHoxJaGsHVeOthiFIaetvVv2THkxqL35EWkHqtpi729edK1vDXhcfbQ5uRMs0QIy2IRTMColeRFsMr0e-SlTjfZRwBNfBhsJEqUv65pqiSIcIYJh2z8HiFzod1KwqDAZhKGF6ip96D7co24HW1t-uVrUE7MJF_ObnJySuXSTmj8ox3Jnl6fx_WYSpTqSNNHYsx6JdKFnG1RRJ9UpWFZdHofk105mONUyqrV8uWz4QPOXmV7KJjkUWTYTASByRhciuf4XmaxjvxFvsy6wS9VBvDdNlWh6xY3OfeBY0x22Fo4Ar_d-IjdLW2haHboDrelVQO4Tvw-OiMeje9scKnYUEtHXLkxktqaw7Zj0LOb4qngA_nrvhncPaZ7y9sWVB-YaX-nkxpkbauc1e2cGistYla4jnuXFiCyvPT28BueYmUor9m6YOpZUF3NHwIZhcW2C43Xqu4NMLkMibRmnCN3r1AQnNbZ2y12avWV0lCL_G5TIT5F4uBRFpx5vZOyHxnfhuwLyIU7pU4_OGdBaWWfkqngOR9RDpbHYJj05ASXD2DvBaWWWCvnlB1i59m6_NTEjCPlZBetnpNn-bgkMQmBsqiM29yGb68NQ4_9YHs1IMxNgwV-LCzqrOI4wopRnEcu8-bLw5iFEUylQGM8fRmI2atHtiEDVDs61kV5ttvzbIzz4ntU3nl3QF9UxqPi40yZPleNvBEzeSpz29FEVXEosCo_otJkh3DYw1ACps9n0T05Q_9DaAVXztmoIWYbPDPT5p9NdvXsMAMycB1aVt0CCdE2kR5LKENqPWSZg-a_dtiPgrzDGlEab3Eij4_Qf0Bo0BdB5IJ18sTxgXPKubwRnpkD0hUdwwGN40EYrOqBRfhWKiD6EtJSyryBhYhwWrHP4cx4Lr4ytdBzT6qwA73wx2oXq291KqZgrzmyyEIBBZXpVOitb7mmux2R1m6UWmf2ocI9BxboZAHT9ipIrULA0_3B6f3TUP_JyCCl4WRT8RRUwOXtlWWEJ47XzcG2fEJGf59X8A9lOIsOOLZqSgKFXDTijOEqUd2ATmRBXm_mrvAQ4BiO989EEDcvC6PaeeWcAq357BEP0jgYBCwsQdDewa5wjwZ5DU-WchxdcA4PJstc6LKxRTijoMZARo5JaV_RMVH4r18I35AGSdsPkhgzxqeaoCpLpqqcCbxczB4EZrxmlO8re0ZfgDFGwAzx_vdxa4n2wYAYvjVadnCF0kK4uP695eKkjrb-cDDfrtwbNQGFu6cxZ0qEIqX8_ee0MAJo4yHprY7wEIZdKXlSHo9CO3tbN-2uBW-NwQ1PHfaDuln2Lu2ocJKoIdB3QAZJSQH51thqMs8WO-a-_WqfXxtSryuZvk69ConlGQn8kf7neqNJ77Zd_-U1q4POyrGDm4WhWC318ZfKcRQwj3Ll-AaFRrny_PQhGqD3V32EiwtNQEr0R3SXIzG_v54LnckWel6rQAA5ACqdN8gBAZiJK-i226QDQYlNTNqHZoFloO_L18n5CFc4r4WfIHVwUBMFpR7heT4LwOP23CJ6u_ZSG5bibdPrtJ0VBu8iWf9q74mVSy7Bgfg06df2ReKIUiZHP0hDoKKgcDdYFOW9bJvtMjs5NUucgbPD34Xkk4yrPBXFxG74iYNdIqy8lP5TtNNoQDl3PiQsq9OnRXTpmyv7gJ9UEvEkfr3NTarwVN_I8cDafww6UWzx_cN3YKsozBRggZURUz7JJjd81hOyHhnZIUezoN6ngSQu2QaD2M8FnEph_1-7jcB8jOiis1fHBAAsEFYXRRs86StjiB-GPa766EjBj3FbaZ2QnA0S4E0x31qGKEUdPQX4vTgtk5o-ZqMeDDzyfeCwwRPDsGAQcrlinID_K6K7PpQs4w6A4PYjrBH-EVWOWdjzgDqisWLXhqBzsPiudwstFXRymJb2T88IsqL1Uw5wDfDsgdcilztFKhUPKimhR0BAqAiWkiPF8k0gAvilkrq6tTezdiGdSTdjAKtnKY1YAWsipnde_ycRIBdBeUyXqZdNwWWA4XNYvYTkscduKe7_A9qXrblyPbD53ixPWSn3tJ3t_ejZbn1gQyMVjZpbmoFn7b4dzkcB9IFrCoYMKB5wWYseROlO8mbUX1t8SM1lpb7sQ1Byp3kLP9wwg648y9m88wMEtf1Faq5bBIq_wdo4Kc2Ct3xnD2orDAOzkUFurdUi5HePxYMpbiwhzaC41rdAW03JA-_I-CeTmu_NKEbhugEwxUtoWpKPx-Wph4bsuo2PMDZvofs23cP6c99_dZ42IyD9TFzKpQa_607gOmLrNYb_1jLNJTTq3T-L4YxBqYbpJ-qiy4eyzK5pO_FzPxyPkiqzXPN8fn5SiMwotmS1GUl5NRjHq0IE3_M8vn9x-lYZEVyIgKoy0DF5xpCcRVQ3R_kgWW9HVyvJFgZrmmooU__bZD00W4w9B9eCY1axsMuwKeCkIDokv5sY-SWR0UWpzXT9OBIczkO03tyvxv9fsgxrPWoKlxi2w9Hs436SCF4SBUySlyNRgABTv6C4sgin0KlT0dKn33OiSkYn3kmmV5ygzayjA8kp_kVfdkTxpscEfhy4YAvooVISOEE0ble0wTUHS3aedBDC8PDNBPp1Xe2IxwK0diOPbnL9J9_J7x99KO97cfFqWwPVFJgc10XSO_DUeasDjJn8TP9oZEHoUnL1W2FqEB2kP2qcgWocxQxe5sST4GY8zIbB26EYgDnoa1L19-aCHxxIyz3OFCU6A2gAf2UQGrpB4UqpJtxnPsUU-6a7kepFaGNaYvPV2CVigRsOyaVOdhEcL7EWlm3A5-gpymNUqWUpCdIOaqnm7Bm_QZKXrOv2F4BpbbLEOk75X3ucw-9d-OkqVMnfNjJyCP9yo6g_g2dIDn35H0TW3tErs49uNJwNNoxRH-I99EiL47gUsrAbGoijumpYorbvI-Rk-NwgZ8Fr4amIuVT2gv8x-DyLTmEfbg2s8O6yBoEnsLYKA00k5ps8wMzlM9jZe3YpI06kh0F-8JC5Wc&cid=CAASKORon2i53yN0jhvV84Ic0yYo1hNgraC05qfWqJCevbk_P8c2tg46LbA&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 02:17:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33A6
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
18485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 21:29:53 GMT
expires
Sun, 13 Aug 2023 21:29:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E004
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
355a98ee1b514242d56bb686b9e87494c1033355c27cdde912bc7cf5ed44bdf7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1ijitAMI0Hd_Nu7jCqDp4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-1ijitAMI0Hd_Nu7jCqDp4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 02:37:58 GMT
expires
Sun, 14 Aug 2022 02:37:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B7A7
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:19:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E004
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080901&jk=1243287567280596&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:23 GMT
server
nginx
etag
W/"62e91dcb-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Aug 2022 02:37:58 GMT
truncated
/ Frame B7A7
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22f76ec98ee350f547646e3fdbb8fe508b2c6570d0ceb71f98a4e8974fff967c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 33A6
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
413836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BACF
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
206332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:19:06 GMT
expires
Fri, 11 Aug 2023 17:19:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfserve/ Frame 98D0
7 KB
4 KB
Script
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=54737416;rtbwp=YvhgBQAKEO8H_YheAAKV-M8EAlo4bRKG6oyC9Q;rtbdata=jMNqeDmYZHhBqBs-hMxriNw0HzEbO74zytJzXiV8gvzh-ddObndqEBCFVbY5SpXCoe5qPU31FJ8qHZO2GkguPINI0VsLSlsg0EcJMky9aXrzXqlXJQuqKnMZnJGuA6oxKYn8hTqZDzJn7hBXUSMau-q4yOT_vfOQ9CbqofWHJt70Eevugz5AB4wbnvX5EA_TWZbZjAX34Uc20uNNXZ-TbN6w_rTfDh8ACEP_-d3uqBzlrx1Cq809bGR1s4IRJYdCBlUf8aOA9ndJLcXe_ynf6y_ADMqtlTVBgIjETMfMv581;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoU48BWD4Yu-hKN6Q9u8P-KuK-AnovpiUXKCls8n9CMCNtwEQASAAYJUCggEXY2EtcHViLTg0MTcxMjYxOTc1Mzc3NjKgAane3uECyAEJqQLyjmF41IOCPuACAKgDAaoE4gFP0LXbi59qJXQxq6CcQpRRVKTfbKMqpYxPA0JHl-di3kFWd02YUISLIsRt5o-7lqONTXRZ01UfqmvzZSPViXO5i-qwTRGaxX8a6cC5gYwPrC7VPB_tVsQywNEhV9Ulyx-7EwLZsaoAYLiJ9LFyG3d9bfYdEA-4KkFwhnrntCm2fgj6XL67SZ4rIjvtm2hEhpEA8R-gsAE55F8IfM-Zf3yPSm2AKGx6rvn1HEy7ZwlP81XSggtCd6fXO66H21ywRY1NMarqJxq7Squ043b4rFe8qU84dBO3Nlx6zsocTMnoJFr74AQBgAbSlsWavcaQwSegBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3WPL7ifZCNwr07TygcqptAiFiEpA&client=ca-pub-8417126197537762&adurl=;js=1;adfxid=1x;7607;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fznaj.ua
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
22cb083f4b0b4ae6cb1e74514e4a1f9701a8d6ee1824f2e6c57efc8029041ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3126
expires
-1
index.html
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
4 KB
1 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c932c1107432f3d5fe7cc4a268e573b3cf9a9d1aa74275955f70d062ce8d19c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1133
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 02:37:58 GMT
expires
Mon, 14 Aug 2023 02:37:58 GMT
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B7A7
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoLGvtYfUpBBlHw4TFGg5ctQJB2upHqcj-Z_Ne00-ZVT7BtoDDLw3Z5ltFjgFHHa9PKC3-jhnttf4n9Y6_wfIRTGidSuzQl_CNyBIBG6EKCUOH0pIVEZBSeU6Zyt2Ok11itUt-AIw1r0I1JZH5coecqpeSn-VHtlL5LzWN4P2LY3hjGGGpvIIhRjexlpGFc3lHDoKNFnWMOKXZR4ao7D4gAwCrK1Wtlgw3N3stBCAyMTjzz9fuPAkJGxb0e23nMVsgO469zelDVeYLyzHtIyFRQs-dg59dmPGIyfwhUv4QUK1arZXg1TTRQJjPdwZybugF1kiPlxFuUWVlxj5FwHXUTHrRQN8R--txz-Q9TW4SteIRNPXNCpb7jbXkrpAuZMdNNIRol48lAKba4ClhRPGC8Czim4hgAVFJ3frdsVUdXMrYTjPphOL_RdbF2gFeRZ97uVAr0tygxR8YtaENLQjQpooICl__GpYzC3AgaA0WKZAY9iJzNfjZMPEEfeFzAsW_OV35U89FH-xNnI5p9aiWe9osh3N55eE553kBcAgPlJiwlcVAOwAWuWxYFaSNPuksXodEmLF-g0jjWUd8e2s3yT_zCwFrbq-8OBTFV4wNkwbhsk9Te12Hn0TzJLV5FcccjTuDlSq6ITA7IyDB9JQtdoPV8DqdXa6f6ZImMgr6ri6jO6BsRsEZLvGYb9QcvH9IvvEtDdZhCa8NaPG--AjaC-aaoISitriXfwEfbRBbGDnLsFLODoT42AA6UsebkHA0_SwrNzNzzSaP5RHCa1xIZl2TbTZMPb-trGHC1peJ-m4pIaFztSZ1OhzUgnzD7T64twzLt6u6V002FBPdGHI2Ap4n6vwMHQmK-CakefMGec5UjEAVe0SFQgHMtP-RqeYHJdgDLP3VglgbraKQ8sqDmPKW0eU-yZeLyVgtSi15CbFPjsjF179r9Pj0yypMvg0lu5B33P6e60yECNyNGLSZ9hWEZHXekYmrcXWY2_F2j-u1NuYfc6FyPnfvh533AsgdF0P9jve5Pul8dQjxR9vVcPjwQmnTCdw9wyK3h-JVZpGj0xwRPstkxm-1Jd82h88mFUl-WeWM0rgOmLbn3mv2OXSHl3xUIl0NE0XlyCdWwlMcV48aHQMwXOQaRWD-QHR3p6UOT9ckt21QG_g&sai=AMfl-YT6D9fJhUqtG0kNtZSMHlq24Ntxq6AvBBEzXcgna6IHkeK1idnv7d41xC5h3OkNviddEd2Jfr2gGAl70hyKT-TNyaidNNS8Wiz1OnzdS04ogMUwm4n7XO610k-Om4vlOP6gAWmRM7Jc7f0dN4GHr89LkMMj81bAwxgNCatGs-DlxBItFqPbiI8i1ukzr8LJxLEiMntqzHF6x1i6m6DWFuoYcvjge49_Bg&sig=Cg0ArKJSzHY3q7yQgRWSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&cbvp=1&cstd=323&cisv=r20220810.30705&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 14 Aug 2022 02:37:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame BACF
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 19:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
25138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 19:39:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 33A6
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?QDLyVQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 98D0
85 KB
36 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.221/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
218adede21e3502e8e18a8cc22ae1b170f5c4a522ec92ec08c0b67102d87394a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 07:02:09 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 15 Aug 2022 06:15:53 GMT
syncframe
gum.criteo.com/ Frame 377E
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=znaj.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 02:37:57 GMT
server-processing-duration-in-ticks
2942
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:23 GMT
server
nginx
etag
W/"62e91dcb-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Aug 2022 02:37:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BACF
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBXWvBmD4YpLXAtPc7_UP4YuXqA4AAAAAOAHgBAI&bg=!ysmlyY3NAAa4hXTbmIU7ACkAdvg8Wg6Ppl8N_XOZuYKzeiHh-6uY7eMy4WnmOD7z_p4L40IXNUDt6gIAAABIUgAAAAJoAQeZAub4l7Wwjl6WLhNKs-nM-6qgQ7N29oWW3LrYfETkj9uSNzlcGRBTQuyE1GWYpLIFuI1Cc8D8-H40v_zDeYaLMscOwO9OfdwfmseNHvHf2QS75VYorY25fNn7_gAYDjVUydimRVvRXII4zRSIAfUf-yUwW8kuwr4eGDfOhPJ_wI_fBYlFBt-pCkZfdGD3adzA4TAnhvx5cDhibSMuifSa8dgJ-mNpFBP145nAea-1UJUOQRCcq0PiyjFedafQmot3W-PshOWcdMJn6LeX51CVBucekvTfljlbxW2kNe69XQd6SL8PtoSBmCjVtTavaubW6Th9yn1nLZmaTZvIriZS5RDAf0_IuzV6ZAyXi6cdd2dxSaayH_Ygp2dlr5ueMdqjS-RD1eJuNUDRVuOiLfEWlITbaHA_nrqqW8PeoZ-fRO5BrdXGzp-BqQK2iwSKuTjDnmLGAFHu1AjWAGDrgFjROQSbMzTgrpKnx_poF-y-foIithTTKzuF0BOCWWZfRxaYZFtGS6uYo5fmWoNWzoAsYZrbE59FXFLe2KKOoUVwRJF62fesC3QEgrJ9SHIaasCFOA5TGzSP9Ket3FW8tb9BCZspqXOC_O50BhnJxBf9IBl65IHN_5O7qFQtckJ5wc66KyAHYreLB6uZVYWuLXzRSJCItKtB5SoosUOsK2gpmIxD5c_yg14LwSAyXYWDD8XjwSJ6Op7xvxkYbDCUEGESnAumm7z_ss_sTYYqLqK59DywEdSTO6SrJz8GumZmA_3EUYJV0B2r64OEoJZkn30fhTzUNQ0noXHKwLFAuaCpxIXs8u2d8Q0Z-o_RN7DseNgSaDubIhzsIIf5aQ_9k1w7osr4DEHUp1pC2DKOUw3FMLXxzExkuGO1k5P0p2HQqCZ_8dLiIpVEq9FkE9d1Rdt9i6pv4z0JucCE-cggrHI8J7UJHAvIIskRqaegpzMWmBfBB_SaMsml508N5f4pv56FjhptTemxJ2s_
Requested by
Host: 4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
URL: https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hp_styles.css
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
2 KB
856 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50e8a52b27bad7da42a305a2e42aef96f6d9e745e0b98c01db9e08ae0c1901d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455106
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
827
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 20:12:52 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 900B
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Aug 2022 02:37:58 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 900B
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 07:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Aug 2022 07:51:00 GMT
hp_main.js
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
5 KB
987 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f95ac04607c6e193e7e6a7cdc33c29681be7485f29f045c162170cd6cf09559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=mj0oywFksH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455106
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
958
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 20:12:52 GMT
/
track.adform.net/csimpr/ Frame 98D0
35 B
503 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=54737416&csi=34-nMgj1ocv7BC8Tlq4-gKZh5D6VQ-s2uzOJYom2HRLrygPkIxxfk5jM1vvndaaQYLWfUop_jUwPScTzjYwksGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
52957014.png
s1.adform.net/Banners/52957014/ Frame 98D0
33 KB
33 KB
Image
General
Full URL
https://s1.adform.net/Banners/52957014/52957014.png?bv=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8c8e81df5427b9b7f73add36689843045be4b761c1e9be438200b041925551a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:58 GMT
last-modified
Tue, 24 May 2022 14:04:47 GMT
server
nginx
x-amz-request-id
tx0000000000000c12ea44a-0062f85993-3233e7e3-default
etag
"3f0cc86e84a261225e50782d4236683c"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33710
sid
mug.criteo.com/ Frame 377E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=znaj.ua&sn=ChromeSyncframe&so=0&topUrl=znaj.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=OLBWhnwzZm1WV2xUdFlOUTZkSXRBU0d1ellBOUM0Szd4YXRJK2ovNEJJbWErNGIwTnYwMGlFZ3dWdmVRdTdYbUxGMW9aaDRzdzBrUWdRZzBOQXAxejVqZVhEMTJGWDVGTFhqVnJRc3JmaGgxN2JEd0JHZ1N3cTNSSDVEcG...
428 B
636 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=OLBWhnwzZm1WV2xUdFlOUTZkSXRBU0d1ellBOUM0Szd4YXRJK2ovNEJJbWErNGIwTnYwMGlFZ3dWdmVRdTdYbUxGMW9aaDRzdzBrUWdRZzBOQXAxejVqZVhEMTJGWDVGTFhqVnJRc3JmaGgxN2JEd0JHZ1N3cTNSSDVEcGxVRzE2MGNCYWJxSnpLOGVjUFVvTFlMNm9iSXN4QjZaT0FKd3hPT3ZwNVBYc3E4MWtzRTBOck9ML3ZjQW9iS09WMEZ3bWpvc0NiTTVkTWc1QVR0bTcvL3FJMTBjQ0JkVldBbEtxYlU2aWlBZE9wMzdKSUVkSUQ4V29USzdNY2pKekl4WVNxc0FIMUZQL01yR1cySlk1Vk1tRHJxMnlGdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
09c8db08fbb4a7fa8d0af6204fe78101572d86bfd8b14c78e7eb9dfdd729658e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4978
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:58 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=OLBWhnwzZm1WV2xUdFlOUTZkSXRBU0d1ellBOUM0Szd4YXRJK2ovNEJJbWErNGIwTnYwMGlFZ3dWdmVRdTdYbUxGMW9aaDRzdzBrUWdRZzBOQXAxejVqZVhEMTJGWDVGTFhqVnJRc3JmaGgxN2JEd0JHZ1N3cTNSSDVEcGxVRzE2MGNCYWJxSnpLOGVjUFVvTFlMNm9iSXN4QjZaT0FKd3hPT3ZwNVBYc3E4MWtzRTBOck9ML3ZjQW9iS09WMEZ3bWpvc0NiTTVkTWc1QVR0bTcvL3FJMTBjQ0JkVldBbEtxYlU2aWlBZE9wMzdKSUVkSUQ4V29USzdNY2pKekl4WVNxc0FIMUZQL01yR1cySlk1Vk1tRHJxMnlGdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3398
content-length
541
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame B7A7
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoLGvtYfUpBBlHw4TFGg5ctQJB2upHqcj-Z_Ne00-ZVT7BtoDDLw3Z5ltFjgFHHa9PKC3-jhnttf4n9Y6_wfIRTGidSuzQl_CNyBIBG6EKCUOH0pIVEZBSeU6Zyt2Ok11itUt-AIw1r0I1JZH5coecqpeSn-VHtlL5LzWN4P2LY3hjGGGpvIIhRjexlpGFc3lHDoKNFnWMOKXZR4ao7D4gAwCrK1Wtlgw3N3stBCAyMTjzz9fuPAkJGxb0e23nMVsgO469zelDVeYLyzHtIyFRQs-dg59dmPGIyfwhUv4QUK1arZXg1TTRQJjPdwZybugF1kiPlxFuUWVlxj5FwHXUTHrRQN8R--txz-Q9TW4SteIRNPXNCpb7jbXkrpAuZMdNNIRol48lAKba4ClhRPGC8Czim4hgAVFJ3frdsVUdXMrYTjPphOL_RdbF2gFeRZ97uVAr0tygxR8YtaENLQjQpooICl__GpYzC3AgaA0WKZAY9iJzNfjZMPEEfeFzAsW_OV35U89FH-xNnI5p9aiWe9osh3N55eE553kBcAgPlJiwlcVAOwAWuWxYFaSNPuksXodEmLF-g0jjWUd8e2s3yT_zCwFrbq-8OBTFV4wNkwbhsk9Te12Hn0TzJLV5FcccjTuDlSq6ITA7IyDB9JQtdoPV8DqdXa6f6ZImMgr6ri6jO6BsRsEZLvGYb9QcvH9IvvEtDdZhCa8NaPG--AjaC-aaoISitriXfwEfbRBbGDnLsFLODoT42AA6UsebkHA0_SwrNzNzzSaP5RHCa1xIZl2TbTZMPb-trGHC1peJ-m4pIaFztSZ1OhzUgnzD7T64twzLt6u6V002FBPdGHI2Ap4n6vwMHQmK-CakefMGec5UjEAVe0SFQgHMtP-RqeYHJdgDLP3VglgbraKQ8sqDmPKW0eU-yZeLyVgtSi15CbFPjsjF179r9Pj0yypMvg0lu5B33P6e60yECNyNGLSZ9hWEZHXekYmrcXWY2_F2j-u1NuYfc6FyPnfvh533AsgdF0P9jve5Pul8dQjxR9vVcPjwQmnTCdw9wyK3h-JVZpGj0xwRPstkxm-1Jd82h88mFUl-WeWM0rgOmLbn3mv2OXSHl3xUIl0NE0XlyCdWwlMcV48aHQMwXOQaRWD-QHR3p6UOT9ckt21QG_g&sai=AMfl-YT6D9fJhUqtG0kNtZSMHlq24Ntxq6AvBBEzXcgna6IHkeK1idnv7d41xC5h3OkNviddEd2Jfr2gGAl70hyKT-TNyaidNNS8Wiz1OnzdS04ogMUwm4n7XO610k-Om4vlOP6gAWmRM7Jc7f0dN4GHr89LkMMj81bAwxgNCatGs-DlxBItFqPbiI8i1ukzr8LJxLEiMntqzHF6x1i6m6DWFuoYcvjge49_Bg&sig=Cg0ArKJSzHY3q7yQgRWSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=658&vt=11&dtpt=330&dett=3&cstd=323&cisv=r20220810.30705&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Aug 2022 02:37:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 900B
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5330cd39153acd1a37ee3f99c47b0835f49f5d1c25d9819d947a68b0e0acd4e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Aug 2022 02:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5675
x-xss-protection
0
rtl-logo.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
13 KB
13 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/rtl-logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c36ec54f79d9d21534b7bb97daffe7cfe6edbf9bfdc732edb9304c0c6c10f06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 05:24:08 GMT
x-content-type-options
nosniff
age
422030
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12977
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 05:24:08 GMT
bgImg1.jpg
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
39 KB
39 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/bgImg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
524630206927a3b2f1705266961d384b8fe4af7cc12fa5c25c07d36f85a9c7af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 09:38:06 GMT
x-content-type-options
nosniff
age
493192
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39920
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 09:38:06 GMT
txt_sprite.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
20 KB
20 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/txt_sprite.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d87a78782eb26b298fa4ed9a14b1e0c2bc129eaf03f242c043b2c8236569959b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 11:19:16 GMT
x-content-type-options
nosniff
age
400722
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20035
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 11:19:16 GMT
cta_01.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/cta_01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c76abccec2c944237f2ddf9c616cd1af51b878743605572aad81816f2eaea44c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 22:00:13 GMT
x-content-type-options
nosniff
age
189465
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7139
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 22:00:13 GMT
cta_02.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/cta_02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561da8b731946433d34677a5c6b6e828319eee37399630e44b101179cc4f7155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 19:55:34 GMT
x-content-type-options
nosniff
age
283344
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7015
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 19:55:34 GMT
logo_xoxo.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
43 B
64 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/logo_xoxo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:59 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 14 Aug 2022 02:37:59 GMT
gg_logo.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
35 KB
35 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/gg_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b07888df4f7d3237c8aea5ab2a297473830386801f5f991d870f0cb362a48c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:49:26 GMT
x-content-type-options
nosniff
age
272912
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35578
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:49:26 GMT
logo_ende.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame 900B
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/logo_ende.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2aaeca55203512f83f3bf33efb2628dec705778a4bf171b5da33b71047321160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 09:11:39 GMT
x-content-type-options
nosniff
age
408379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5278
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 09:11:39 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080901&jk=1243287567280596&bg=!trWltfHNAAa4hXTbmIU7ACkAdvg8WqvK4UOGMvg2-ZRtpAkvaOkTq1NBNnB1gIfXV7Hi4yDzLwVr4AIAAABYUgAAAARoAQeZAo0z5YA95IcKz80GJGywjSXzCaAQzR0wqIk8d6BdXi16IZGmNa4AV5S5V5FMtx_z1YAsSt0hKzUOa7XOmuy66ztWdGzObYA77jOgdys1ZZIVNXwWX66OSPIjunm5rOTKHDFKv6QwK2MEwLFAPO0F3fAt1Zj-ZtihhVcrcJ3Qo7c9IisVuIzTnmmInQuh7v0kCAjveDh5QtRR1HyXjDzkrMKAXcx0tdayBVw2QNI-DvD6MDF84fsgrckKnIr42ECNeU6y6vuRmltrRCuyzQDolIigOVaFrfiVPiMBzycVlHqfZz18vdHeRScTzqtc9ig7Vujb2l0_NzhvyPSjVjy8p2FAHfhO-HhHADhNDLHZCpbsDHNq2XALWy9y5EVxz1UNdkmT7Qpt3UTTe8HrDIsxTBrfHgLlqOnWOmakpsPP_07F_2sTtaYlDGM9m52keJAuoVRdfWr4wfYVSN6ao14TfqZehT2YORnHHqrv3J-ijwtWCzw5yBpHnyccUdKBSboF-qBnnuvH8bLBbKHanlK93CFcDt2N-0LT5pVWubtp1pkn6yASVxkMCi3aDRUm_29PeUXGDq2pjtbTwxJ2a7DFs5B3US0bjmGUSFb1bb2wvisPQ3q1V5btD7gRQn8phnNN-DB7SLS_4bFUibZ9nw4vmCo6Sk9coPp-QRj2yTYIwKu1RTzQCt3EK4eh25ad5v6gr6kaN-t04EwQOToaR5PERj-RGUxqeRC14oZE_x9qY3nswaRoDK4Is45Ml4glPVIwbdsFCYgNG6K3R7I_NRkodo6tYRRvoQMFWPulsOU8jtfsQeqlSy-s1_XVEJ_S6249Uzskwd_OOsTKeVfEoxrBRdhkpdy_G7sAhgOdWkzP8A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar2.js
tpc.googlesyndication.com/sodar/ Frame 900B
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Aug 2022 02:38:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B7A7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmrvagaEpOJV-WN_QeKyMlqIUYKQ3FCxT0mCFWihhOb319qEqvg243bRBR1lg-YP9JKjTsilLEiW4RZDmQaDYat679iOddL2YWQf5SZMTQPxSdo-gdn1QnuTZmqHauHeNG8KkHpQ9J-ceW6A&sai=AMfl-YQWBsyvre5ajPvYmqFf54zpsdeAnNkum96XnyizXpybDrJG_0bkcRTHnvK8k-Cv4dla9fpeuhtcEcdR92sv8mWyfKz5YF6Rworh_rMNEbANv19zCEQjNCRsGm4mAiP8&sig=Cg0ArKJSzIZBjRTIGZxDEAE&cid=CAASKORon2i53yN0jhvV84Ic0yYo1hNgraC05qfWqJCevbk_P8c2tg46LbA&id=lidar2&mcvt=1000&p=162,436,252,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1036492275&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660444677883&rpt=396&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:37:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame DF40
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
413838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1AA2
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
78990
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 14 Aug 2022 02:38:00 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
218105, 833601
X-Served-By
cache-lga21969-LGA, cache-hhn4074-HHN
X-Timer
S1660444681.772475,VS0,VE0
d
ic.tynt.com/r/ Frame CE3F
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Sun, 14 Aug 2022 02:38:00 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
usync.html
eus.rubiconproject.com/ Frame 5957
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Aug 2022 02:38:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4D69
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Aug 2022 02:38:00 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F309
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86994
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 14 Aug 2022 02:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 15 Aug 2022 02:47:54 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 5608
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 14 Aug 2022 02:38:00 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 597D
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/b/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b5b259f27127f39d9cc9a2a4292f5e588930c09d96d08f21fd991ae6b6d7ecee

Request headers

Referer
https://znaj.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 14 Aug 2022 02:38:00 GMT
expires
Sun, 14 Aug 2022 02:38:00 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-731

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sun, 14 Aug 2022 02:38:00 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-731
prebid
rtb.openx.net/sync/
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
nnqd53qh2uq34oipdueg7mbhf3psg3bn
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2337054339413428070
0
387 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2337054339413428070
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:01 GMT
Server
Adtelligent
Etag
ced47ee292a1bd2e
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:00 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b28f507-ee44-4c35-a4c4-1a0427b1ec8f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2337054339413428070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F309
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79334550&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:59 GMT
content-length
0
async_usersync
ib.adnxs.com/ Frame 1AA2
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:00 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
01b732f9-05e0-4165-8be2-ecee01b22087
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5957
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14915
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Sun, 14 Aug 2022 06:46:35 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CC38
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9df4f710cf633b94d301ffdd2567dfd90bea64e397d4f8dec6c4ba16ebf1fc9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73a64fd81f4671c3-LHR
content-encoding
br
content-type
text/html
date
Sun, 14 Aug 2022 02:38:01 GMT
dropped-udsids
39|230|241|46|152|206|40|156
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0mhlJbJSbhtCUm9CQkg9%2BF9wV1Qk%2B0hNBf%2FDwl7MegQe6edj9Xo3vfpgo9JIbfNLUxg%2BClhAhLhwelwoJ%2FGvhailsKQBaqthQ%2Fq5ydfl%2FbpNodyj29tEY30rpNlxd%2BRX416EiwJFD5suw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
ptag
a.audrte.com/ Frame 597D
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d4642a48e119c9ad59ab2401574960008b487b2c13717f9bdb07305764eede4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:01 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
um
u-ams02.e-planning.net/ Frame 597D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df526b5223009596f%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f526b5223009596f&uid=2337054339413428070
42 B
104 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f526b5223009596f&uid=2337054339413428070
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:00 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ce7916ec-deff-4d27-8e63-b24f9b54fcb7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=f526b5223009596f&uid=2337054339413428070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame 597D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Df526b5223009596f%26uid%3D%24UID&partner=eplanning
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=f526b5223009596f&uid=2bf0f39d-d5bd-e337-f8e6-5e356e20ee81
42 B
103 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=f526b5223009596f&uid=2bf0f39d-d5bd-e337-f8e6-5e356e20ee81
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=f526b5223009596f&uid=2bf0f39d-d5bd-e337-f8e6-5e356e20ee81
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
usync.html
eus.rubiconproject.com/ Frame DEBD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Aug 2022 02:38:01 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 14 Aug 2022 02:38:01 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 8205
1 KB
2 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadcad3955a59f8e2ed212c2d2e66db0ed7db8042d47dbd2e30f8752bfbfbb47

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73a64fd83b6371d5-LHR
content-encoding
br
content-type
text/html
date
Sun, 14 Aug 2022 02:38:01 GMT
dropped-udsids
73|3|4|130|190|123|51|57
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omvQgRQ%2Fo6FIt0WJOxDRvAy3dxndrtX7Dk7sLeZzXx1IKFZKvC0pKG8FytmwkykS%2BvJy9ZsvxVAioftrRAaM1R%2BqyAIW%2FS35EUzZOJgMSoNhQU6xQW7cRuJ9H5Gv5PXtBd2q7Xd%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 4788
1 KB
1002 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 14 Aug 2022 02:38:01 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
6ed9b649a758b3c88a112b04b74bb28d
x-cf-tsc
1653097306
x-cf1
29080:fA.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 2BB6
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 5AB6
8 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbaf6a835d3618913aebf8df5178491143cf453fb58981782b9c9c17c34a4f1

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
73a64fd8394d7755-LHR
content-encoding
br
content-type
text/html
date
Sun, 14 Aug 2022 02:38:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
tap.php
pixel.rubiconproject.com/ Frame 5957
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG2gGbu2CvCfYL2Wg5atrJc&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG2gGbu2CvCfYL2Wg5atrJc&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG2gGbu2CvCfYL2Wg5atrJc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 5957
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6SPW0V3-4-ITKV&sigv=1&esig=2~f4d3471d71d6b838ff49749c77f818915fa702c1
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6SPW0V3-4-ITKV&sigv=1&esig=2~f4d3471d71d6b838ff49749c77f818915fa702c1
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6SPW0V3-4-ITKV&sigv=1&esig=2~f4d3471d71d6b838ff49749c77f818915fa702c1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5957
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDc1MjQ1YTRmZTBkODZlMDVhM2U0YjllNzc1MzI1YWM4OWU3MWQwNQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDc1MjQ1YTRmZTBkODZlMDVhM2U0YjllNzc1MzI1YWM4OWU3MWQwNQ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDc1MjQ1YTRmZTBkODZlMDVhM2U0YjllNzc1MzI1YWM4OWU3MWQwNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 5957
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w5AKg1rgR6Kul2NW9BpuOA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w5AKg1rgR6Kul2NW9BpuOA
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w5AKg1rgR6Kul2NW9BpuOA
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6WFM4ADNP486ZD61RVRB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w5AKg1rgR6Kul2NW9BpuOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5957
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZCNBaABiTiON1ft7ntaClA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZCNBaABiTiON1ft7ntaClA
43 B
556 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZCNBaABiTiON1ft7ntaClA
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T2VJA7Y3HZNEN5TX2A7F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZCNBaABiTiON1ft7ntaClA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 5957
0
98 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 5957
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 5957
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BS_AaqFrBMFRIpHd3ZO23Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=133492614442823692
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=133492614442823692
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Sun, 14 Aug 2022 02:38:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=133492614442823692
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
getuid
ib.adnxs.com/ Frame 5AB6
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 5AB6
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=4ca60623-bba1-48d1-a613-de4c2be5a795&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=4ca60623-bba1-48d1-a613-de4c2be5a795&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fda9b707755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=4ca60623-bba1-48d1-a613-de4c2be5a795&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 5AB6
0
330 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 5AB6
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 5AB6
0
161 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1660444681.192609,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lhr7364-LHR
u
dmp.v.fwmrm.net/ad/ Frame 5AB6
0
411 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f01:a4e3:c039:b71b:e458 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5AB6
0
163 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6adb38-a742-49fe-667f-ec542641ec99%26reqId%3Dbdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:37:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=82ee76b7-9eec-4c2f-a136-95e1fd76c6e2&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=82ee76b7-9eec-4c2f-a136-95e1fd76c6e2&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fda9b6b7755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=82ee76b7-9eec-4c2f-a136-95e1fd76c6e2&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=5f6adb38-a742-49fe-667f-ec542641ec99&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=5f6adb38-a742-49fe-667f-ec542641ec99&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=03457506889707850633863625750090645577&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=03457506889707850633863625750090645577&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fda9b777755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v038-0f7693ade.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6B23D2eySBY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=03457506889707850633863625750090645577&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 5AB6
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=5f6adb38-a742-49fe-667f-ec542641ec99&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022081411-34651-0.542835001660468012-4b8b5e86d92b925fdea443da7c4d9bd5&zdid=533&env=mWeb
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022081411-34651-0.542835001660468012-4b8b5e86d92b925fdea443da7c4d9bd5&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fda7b547755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022081411-34651-0.542835001660468012-4b8b5e86d92b925fdea443da7c4d9bd5&zdid=533&env=mWeb
Date
Sun, 14 Aug 2022 09:06:52 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7131555601715427480&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-...
95 B
164 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7131555601715427480&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fda3b067755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7131555601715427480&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Date
Sun, 14 Aug 2022 02:38:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 5AB6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=5f6adb38-a742-49fe-667f-ec542641ec99
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=5f6adb38-a742-49fe-667f-ec542641ec99
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=5f6adb38-a742-49fe-667f-ec542641ec99
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=5f6adb38-a742-49fe-667f-ec542641ec99
date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=5f6adb38-a742-49fe-667f-ec542641ec99&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=5f6adb38-a742-49fe-667f-ec542641ec99&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=W6TRlY96LxXkOcFpDSARNe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=W6TRlY96LxXkOcFpDSARNe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fdb9c5f7755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:00 GMT
via
1.1 google
last-modified
Sun, 14 Aug 2022 02:38:01 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=W6TRlY96LxXkOcFpDSARNe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 5AB6
0
220 B
Image
General
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=5f6adb38-a742-49fe-667f-ec542641ec99&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=5f6adb38-a742-49fe-667f-ec542641ec99?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=5f6adb38-a742-49fe-667f-ec542641ec99?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fdb8c3f7755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.9.145
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-d_vf_51E2oqPJIaCVT7qzA3ZPAGxNAj5SQ--~A&zpartnerid=570&env=mWeb
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-d_vf_51E2oqPJIaCVT7qzA3ZPAGxNAj5SQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fdbac6b7755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-d_vf_51E2oqPJIaCVT7qzA3ZPAGxNAj5SQ--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lwS6x6TnrYpl91lAYWBAELqgO%2Bn1oAiQ%2BS41iYitP1U%3D
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lwS6x6TnrYpl91lAYWBAELqgO%2Bn1oAiQ%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fdbdc8d7755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lwS6x6TnrYpl91lAYWBAELqgO%2Bn1oAiQ%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame 5AB6
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.145.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-145-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1660444681
x-served-by
beacon-n011-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 5AB6
95 B
359 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=5f6adb38-a742-49fe-667f-ec542641ec99&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YvhgCQAGQ9tTiAA0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YvhgCQAGQ9tTiAA0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&_test=YvhgCQAGQ9tTiAA0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fdd2dd87755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660444682.735767,VS0,VE0
x-served-by
cache-hhn4082-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YvhgCQAGQ9tTiAA0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&_test=YvhgCQAGQ9tTiAA0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=c2b362f8-6009-4500-9e89-42919368eeee&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=c2b362f8-6009-4500-9e89-42919368eeee&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fdd6e047755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Sun, 14 Aug 2022 02:38:01 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=c2b362f8-6009-4500-9e89-42919368eeee&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sun, 14 Aug 2022 02:38:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 5AB6
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.137.145.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-145-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1660444681
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
date
Sun, 14 Aug 2022 02:38:01 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a017-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5AB6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5f6adb38-a742-49fe-667f-ec542641ec99&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5f6adb38-a742-49fe-667f-ec542641ec99&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667...
43 B
645 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5f6adb38-a742-49fe-667f-ec542641ec99&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WVTYE37WN49VHCARM14Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JK3EB8S0FSTXP12S8KE4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5f6adb38-a742-49fe-667f-ec542641ec99&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 5AB6
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=5f6adb38-a742-49fe-667f-ec542641ec99&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 5AB6
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5f6...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73a64fdd4dec7755-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
date
Sun, 14 Aug 2022 02:38:01 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 5AB6
557 B
472 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59cae53f3f1135a809560c65070e07d507bc4856b4d7c6824e486cbc4808c6dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fd8b9b87755-LHR
date
Sun, 14 Aug 2022 02:38:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
casale
match.adsrvr.org/track/cmf/ Frame CC38
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CC38
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame CC38
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3GA5Z15RZM3VNQD2EZYZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0F91JHYFRD0RZSSW829G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame CC38
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame CC38
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b5888cd0-e63e-492d-9539-a4b06176c200
43 B
908 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b5888cd0-e63e-492d-9539-a4b06176c200
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fdc3bf406a6-LHR
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Co52HjE6lqKjUiOr9ENLCb2F2J8rL9csWHfo%2F9DChixa4M0ifjzNDv9VqOkuUYdPpCPY%2F8SA4L6ZlfxCHk%2BM2xlRSmPtg2YSbgtD5WkX81IG7BRqZ9l5h8m0IlNUKwOWWD4Zhv8zwhkS0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b5888cd0-e63e-492d-9539-a4b06176c200
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame CC38
0
124 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookiesync
bttrack.com/pixel/ Frame CC38
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Sun, 14 Aug 2022 02:37:56 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame CC38
43 B
425 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YvhgBiHDUd9b65XXo3f.YgAA%261138
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
cf-cache-status
HIT
age
212
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"761e21-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73a64fd9697c779b-LHR
expires
Sun, 14 Aug 2022 06:38:01 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 8486
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fznaj.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.92.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-92-187.compute-1.amazonaws.com
Software
/
Resource Hash
f2dc13eaed6a1af2d216dab78b8e000c94891c49df1a778a6610954396c58e6a

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Sun, 14 Aug 2022 02:38:01 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 14 Aug 2022 02:38:01 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Sun, 14 Aug 2022 02:38:01 GMT
location
/um/cs&eq_cc=1
YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8205
43 B
987 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YvhgBiHDUd9b65XXo3f-YgAABHIAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:38f8:ac58:6cf7:3607 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 8205
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2b362f8-6009-4500-9e89-42919368eeee&gdpr=1&gdpr_consent=
43 B
912 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2b362f8-6009-4500-9e89-42919368eeee&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fd9ea2406a6-LHR
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzpeQ7pxJGsrcHOKGSVu%2F699JJdMTNFPayDR6w8DZfw%2BjeZCJfAStbGGAuk30PxIV%2Bwz0QNm%2BHHnEITgpvT1m8FtFcDVbyKf3ZPMstLvZSV9QxayYR5WypIRYX4OuwxLiPIwafxdqRq8Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sun, 14 Aug 2022 02:38:01 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2b362f8-6009-4500-9e89-42919368eeee&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Aug 2022 02:38:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8205
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2933316057082016249
43 B
908 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2933316057082016249
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fda2a5006a6-LHR
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF2F0hQqZ%2FYuE%2Fyi2UbRMh0xJSGQSRKMXbn9u9NSIjq9DpeNAxgagrrsXMDPesRxAWr5uECr570ZG4t6DnKt%2FScpnE62F8nN8ZvKycGgiyxNtpdGVOeAaBiNl2IQHmhJpYMw78lRPVyQ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2933316057082016249
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 8205
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.170.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-170-21.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 8205
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rum
dsum-sec.casalemedia.com/ Frame 8205
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vSB7Y9C5Tr5AFQ-fA4v_RVLHgiw
43 B
910 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vSB7Y9C5Tr5AFQ-fA4v_RVLHgiw
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fdc4bfb06a6-LHR
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRg2m1B6YDZyzqQu27yRACreSGeRvxqcI5Elk691Lt%2BQYQbEzs6j6B0MKU0%2BOxpWH5i41mUmuLuAflyzkvRqH3HsMP2fZWffOx1zw6%2B3SBKKL0%2BvwrXAmVXbGY6vKWDkhRecD1cwEEkuBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vSB7Y9C5Tr5AFQ-fA4v_RVLHgiw
Date
Sun, 14 Aug 2022 02:38:01 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ Frame 8205
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.193.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-193-182.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 8205
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084921531282596
43 B
908 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084921531282596
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fdb7b5606a6-LHR
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qza%2Bwp202Db5AazesaSILEU5UdbNaEiLkNyDcxDj56IK7hkxvC5w%2B27rm1jX01pzymvY62dvKluBh%2Fyi7anuP8FRFqrA6X9MRN%2BvCWrxHnOwJbfpoVM33Qc4To6WMRs8L8BnW2zX4pB3Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084921531282596
Date
Sun, 14 Aug 2022 02:38:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
um
u-ams02.e-planning.net/ Frame 8205
42 B
103 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=f526b5223009596f&uid=YvhgBiHDUd9b65XXo3f.YgAA%261138
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df526b5223009596f%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
server
openresty
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame DEBD
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14914
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Sun, 14 Aug 2022 06:46:35 GMT
cmp
spl.zeotap.com/ Frame 5AB6
0
0
Document
General
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
73a64fd91a017755-LHR
date
Sun, 14 Aug 2022 02:38:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame DEBD
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu&khaos=L6SPW0V3-4-ITKV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 1570
627 B
544 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 14 Aug 2022 02:38:01 GMT
etag
W/"62ec189b-273"
expires
Fri, 13 Aug 2027 02:38:01 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 7D3B
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 14 Aug 2022 02:38:01 GMT
etag
W/"601b131c-27c"
expires
Fri, 13 Aug 2027 02:38:01 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame F66C
49 KB
17 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Df526b5223009596f%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 14 Aug 2022 02:38:01 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AcO1qhFKobah
x-77-nzt-ray
+jCSY+dxH4A
x-77-pop
frankfurtDE
x-accel-expires
@1661481481
x-cache
MISS
csync
sync.adtelligent.com/ Frame 514B
0
384 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADYOAzviNh5JmKtk
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 14 Aug 2022 02:38:01 GMT
Etag
5598de155394f62b
Server
Adtelligent
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 1570
49 KB
49 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 13 Aug 2022 18:54:27 GMT
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
27815
etag
"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
50203
x-amz-cf-id
s7Mvu30zn7yKhKWp1V-MJ_jiYkUYu49OwYGAnXG3_K2B0ziuDR5F8A==
GS.d
js.cookieless-data.com/ Frame 7D3B
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1660444681589
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 -, , ASN (),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8486
43 B
912 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=eecc1f7a-2e0f-4d43-93e6-b8cb308285fb&expiration=1668393481
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73a64fdc4bf806a6-LHR
pragma
no-cache
date
Sun, 14 Aug 2022 02:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRecI0Co3BkDIYc313Mg6LnCah6fT9W7UjlJDbmSi1WmrZkSxgah1HSDdp%2BPk2Kc%2FRlsv%2F%2BzTHxWeVNorbA15N9KrJerg%2BXNRavtJPy%2Frn5NzALWrGo6iV8iuEBe%2BTuM1oDGVVfUQZKGSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
rsB9EAhZvmsdVHnAfwmoiOf14GKTdKiDBjNL3Phc.jpg
znaj.ua/crops/769b42/150x100/2/0/2022/08/12/
6 KB
6 KB
Image
General
Full URL
https://znaj.ua/crops/769b42/150x100/2/0/2022/08/12/rsB9EAhZvmsdVHnAfwmoiOf14GKTdKiDBjNL3Phc.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ba51d4aab2e028b75339a1320286332b6ab9085de0fd864380fa818005cecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21316
cf-polished
origSize=6051, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5912
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Fri, 12 Aug 2022 09:15:04 GMT
server
cloudflare
etag
"62f61a18-17a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBjPbWcgRk7nQ8ZMPMISC9DqDNnOl5S%2BqtEC2QrdbapKm6MDf%2FwTiT%2BmJhOdn%2BIMuHCNqQQ%2Fc%2Fe6%2BHycmJS8H6CxisHMucbIoRKps1zGjp27%2FYIdB92AgXhBkUIZjwQeaaJ%2FEpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
73a64fdd387b72e2-LHR
cf-bgj
imgq:100,h2pri
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 1570
155 B
641 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Aug 2022 17:15:55 GMT
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
age
33727
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
X6J3Qh0Czw6erbimjw0llHi1id9ZYhFz5hD6qsekeHTbtNHlE5UaWw==
async_usersync
ib.adnxs.com/ Frame 1AA2
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Aug 2022 02:38:01 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ab86c57b-840a-43b8-96a7-92afa3644ede
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptrack
a.audrte.com/ Frame 597D
368 B
881 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.44&p=M1353665098&artime=2022-08-14T02:38:01.922Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=em5hai51YS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1958fc2ec5032a92693b11faf1b7ce395c235da15e9aa6ab0920dad891a2d915

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:02 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
data
bcp.crwdcntrl.net/6/ Frame 1570
20 B
308 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.96.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-202.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 02:38:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.26.118
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
YNKHWwSgQsgtljNwurXu16I2yaoi23PtJDRcSWFV.jpg
znaj.ua/crops/26eda8/735x400/2/0/2022/08/12/
69 KB
69 KB
Image
General
Full URL
https://znaj.ua/crops/26eda8/735x400/2/0/2022/08/12/YNKHWwSgQsgtljNwurXu16I2yaoi23PtJDRcSWFV.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8437f462333a9e939d6d1569ff5504dd88922f8833a06abe934cbf49a56e66ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:38:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3639
cf-polished
origSize=70452, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70198
last-modified
Sat, 13 Aug 2022 20:12:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTJSnITfbHB5UCEFDXHMuWv%2BrxQJwbEFKdbDt%2BqiBVY61lZoyl5%2BQ%2B1LzLaByJbSdr5VpbYEXpjpOzMtnIOIjjet%2BqcPvGnpWsi8mOgcN%2B%2B0cPZ8SyyfEDcbbrnhAozlBz4kv7M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
73a64fdec94672e2-LHR
cf-bgj
imgq:100,h2pri
p
a.audrte.com/ Frame 597D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent=&google_gid=CAESEI3lNxyyNnVzD75iUVhlzvU&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 14 Aug 2022 02:38:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
ps.eyeota.net/pixel/bounce/ Frame 597D
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent=
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.125.70.222 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:02 GMT
Content-Type
application/javascript
Content-Length
1239
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=233ANGrFkT9SaWJbxe-I3kqrg&gdpr=0&gdpr_consent=
Date
Sun, 14 Aug 2022 02:38:02 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 597D
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3223811061005156735
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:38:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 14 Aug 2022 02:38:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adsinserter string| baseDomain function| initAi function| ga object| _getstat object| regeneratorRuntime object| aicb boolean| __aiLoaded object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| head object| script object| notsyCmd string| __notsy_variation__ object| googletag object| ggeac object| google_js_reporting_queue number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding function| notsy_pbChunk object| notsy_pb object| _pbjsGlobals function| notsyInit function| notsyInitUnit function| notsyNewPlacementTagAdded function| notsyDisableUnit function| notsyDisableRefreshOnUnit function| notsyReEnableRefreshOnUnit function| notsyRemoveAllAds function| notsyDisableRefresh object| yieldMaster object| apstag object| notsyAdVideo object| Criteo object| banner1582_95567344567442290 undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| apstagLOADED object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_126 object| Criteo_prebid_126 object| google_image_requests

73 Cookies

Domain/Path Name / Value
.znaj.ua/ Name: _gs_lp
Value: 2a0c975e
.znaj.ua/ Name: _gs_d
Value: 1
.znaj.ua/ Name: _gs_sd
Value: 1
.znaj.ua/ Name: _gs_s
Value:
.znaj.ua/ Name: _gs_ul
Value: 62f86005
.znaj.ua/ Name: _gs_ss
Value:
.znaj.ua/ Name: _ga
Value: GA1.2.1711258073.1660444677
.znaj.ua/ Name: _gid
Value: GA1.2.1251887812.1660444677
.znaj.ua/ Name: _gat
Value: 1
.s.getstat.net/ Name: _gs_si
Value: 769ad17945f0f656
.s.getstat.net/ Name: _gs_ui
Value: 7cfdcbd0-7ff9-42cf-bb72-e1268e119a11
.znaj.ua/ Name: yield_master_ab_zna_floor_prices
Value: B
znaj.ua/ Name: session_id
Value: 0f653bd5-cbe4-43c8-9124-e8e247eb917d
znaj.ua/ Name: session_pageview
Value: 1660444677.1
znaj.ua/ Name: site_visited
Value: 1660531077.1
znaj.ua/ Name: lapuid
Value: 82634a32-b368-43a8-95ab-3b1a8946350f
a4p.adpartner.pro/ Name: apuid
Value: 82634a32-b368-43a8-95ab-3b1a8946350f
a4p.adpartner.pro/ Name: apudmg
Value: 1
.rubiconproject.com/ Name: khaos
Value: L6SPW0V3-4-ITKV
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoq9gtDAt6m/K2qEsFCZ0ctSdOhPT1GMTmBH6ymE720AIG6yiUtUOcABJvlmHBlywrMboWaW1ii7d5dJOqv/cml
.adnxs.com/ Name: icu
Value: ChgInql9EAoYASABKAEwhcDhlwY4AUABSAEQhcDhlwYYAA..
.adnxs.com/ Name: uuid2
Value: 2337054339413428070
.znaj.ua/ Name: __gads
Value: ID=8a9e6aa48d508335-220bb6e8f3cd0000:T=1660444677:S=ALNI_MYMOc4RUmW0DtNsUzRoTqaZEyVI_w
.doubleclick.net/ Name: IDE
Value: AHWqTUnuNLbYCBjPWCrd-nNeIGLS088KTOjVeTIHKLKsv9I02r-18cz0Wk9sfbswRlU
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMID
Value: YvhgBiHDUd9b65XXo3f.YgAA
.casalemedia.com/ Name: CMPS
Value: 1138
.casalemedia.com/ Name: CMPRO
Value: 1138
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HbZI0SS/!1yIE`fS1ueD1W-044)d+]Uf`r/Z]kSi+APp_ETdTnGiEn<TRD2cWa!nL0xfP(hw9P-HC_#u#_H)c^q$
.adform.net/ Name: uid
Value: 3223811061005156735
.adform.net/ Name: TPC
Value: 1660444678444
.criteo.com/ Name: uid
Value: 5ac6097a-9ba8-4648-8532-23c8efd2aabc
.znaj.ua/ Name: cto_bundle
Value: -7c02l9rcUslMkZnZW5uaWd1MHFHJTJCUngza082RUFGNWNtc0doYTZWeTRpb2hJemIxNWE5a3Q5VVdBY3haS2JQYWxRejVQcnc1SGd1MUg0MWlNaGxwOGdUU1k4VkJrU3ZTTXNhdm9pekpsNUFrc00lMkJjJTJGWEd0QmNtajhLMW9WZ1hGOTJXNmRJZ1BqMGpoOUwxRUdZSTNTRG1jUkF4USUzRCUzRA
ads.us.e-planning.net/ Name: CT
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.e-planning.net/ Name: E
Value: ADYOAzviNh5JmKtk
.zeotap.com/ Name: zc
Value: 5f6adb38-a742-49fe-667f-ec542641ec99
.zeotap.com/ Name: zsc
Value: %BC%D7%A4%8E%A4%B3%25cGOHB%83%89C%00g%10%B9M%28%A4%C7%7F%0D%1E%82mdy%8A%3F%1EMX%B8GhQ%7F~%93%5D%AB%14%99%1A%E9_%C5%C6%7D%15%F4%BF%21u-%E92he%24%FF%24%E7%E0%E3%B8%CF%B3%D2E%03%C3%05%5CH%C4%DA%40%95%9C%17%EEs.%7D%7D%D9Q%EEN%C9%8C%AD.%99%00%86%8AU%12j%7F%7Fi%C0%1A%EC%15%CA%27%D3%FBm%FC%C5%071%29+%9C%C0%85%24%08%BF%B2z%11%9B%95%C1%94%1B%EB%91%F5%7C%B7%7C%02%E6%0E+%1A3%DE%EA%89%ED%E2%07L%60%EB%02%E0%05I%5D%88%ED%A5%25%95d
.casalemedia.com/ Name: CMST
Value: YvhgCWL4YAkA
.casalemedia.com/ Name: CMRUM3
Value: 7b62f8600905a0&4962f8600905a0&2862f8600905a00&3962f8600905a0&0462f8600905a0&3362f8600905a0&e662f860092760&2762f860090b40&9862f8600905a00&8262f86009a8c0&be62f8600905a0&2e62f8600905a0&0362f8600905a0&2d62f8600605a0CAESEC7Rq5Xngz66Op9TKc9joO8&f162f8600905a0&9c62f8600905a00&ce62f8600905a0
.mathtag.com/ Name: uuid
Value: c2b362f8-6009-4500-9e89-42919368eeee
.turn.com/ Name: uid
Value: 2933316057082016249
.adfarm1.adition.com/ Name: UserID1
Value: 7131555601715427480
.disqus.com/ Name: zeta-ssp-user-id
Value: 2bf0f39d-d5bd-e337-f8e6-5e356e20ee81
.tidaltv.com/ Name: tidal_ttid
Value: 82ee76b7-9eec-4c2f-a136-95e1fd76c6e2
.yahoo.com/ Name: A3
Value: d=AQABBAlg-GICEC3Un-SXYWIyaOjWplhoxMAFEgEBAQGx-WICYwAAAAAA_eMAAA&S=AQAAAmePi8YneB2h4ncT7Z3nUcQ
.demdex.net/ Name: demdex
Value: 03457506889707850633863625750090645577
.weborama.fr/ Name: AFFICHE_W
Value: Zw9bXeDy58pn35
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjKwtDK0MAIAmYfBJgkAAAA="
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1660444681201
.tapad.com/ Name: TapAd_DID
Value: e7e67d5b-13ee-4e77-b46f-215c15412203
.dpm.demdex.net/ Name: dpm
Value: 03457506889707850633863625750090645577
.theadex.com/ Name: axd
Value: 4302637871612701800
.theadex.com/ Name: tis_iAL
Value: iALeAvwy
.adtelligent.com/ Name: a584890
Value: 2337054339413428070
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.eqads.com/ Name: EQUser
Value: UID=eecc1f7a-2e0f-4d43-93e6-b8cb308285fb
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjQ1NjSyMDK1NBPiM9QNyApOTNY19qqMtMwEAPWXanUlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjQ1NjSyMDK1NBPiM9QNyApOTNY19qqMtMwEAPWXanUlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZgYmJiZmFoYmYIACa5dsIQAAAA
.agkn.com/ Name: ab
Value: 0001%3AmjZgl%2FZD7ccmfZHL0%2Bvb0PK9AABWZNpW
.krxd.net/ Name: _kuid_
Value: PBEtEFDG
.richaudience.com/ Name: avcid-zeo-uid
Value: 5f6adb38-a742-49fe-667f-ec542641ec99
.adtelligent.com/ Name: vmuid
Value: 5598de155394f62b
.adtelligent.com/ Name: a307971
Value: ADYOAzviNh5JmKtk
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bd207b63-d0b9-4ebe-4015-0f9f038bff45.Ce4j5NS5cUKQAJ17GN7q8BBzqzT8F2PGK2j0%2BM1NWLI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvSB7Y9C5Tr5AFQ-fA4v_RVLHgiw.VpDZDibTACF8OjTstNbn54%2Fgmx4le6SsN9S689tnnRc
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvhgCQAGQ9tTiAA0
.casalemedia.com/ Name: CMTS
Value: 5179
.amazon-adsystem.com/ Name: ad-id
Value: AwB16Hl3EUDAgRQKUZtYQ-0
.fwmrm.net/ Name: _uid
Value: "o0c9e_7131555601712875373"

7 Console Messages

Source Level URL
Text
network error URL: https://s0.2mdn.net/sadbundle/10582317875274647811/logo_xoxo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://tags.bluekai.com/site/87734?id=5f6adb38-a742-49fe-667f-ec542641ec99&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5f6adb38-a742-49fe-667f-ec542641ec99&reqId=bdfc3c0a-0fc9-4d6f-580f-11c9f4ed53fb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4744d6c1777e6005d308cd3dc9dd3de7.safeframe.googlesyndication.com
a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
aixcdn.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
bttrack.com
c.aixcdn.com
c.amazon-adsystem.com
cdn-b.notsy.io
cdn.getpush.net
cdn.indexww.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.frontend.weborama.fr
image6.pubmatic.com
js-sec.indexww.com
js.cookieless-data.com
loadeu.exelator.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
rtb.openx.net
s.amazon-adsystem.com
s.e-planning.net
s.getstat.net
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.extend.tv
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
u-ams02.e-planning.net
um2.eqads.com
ups.analytics.yahoo.com
usermatch.krxd.net
vid.vidoomy.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
ym-tack.b-cdn.net
znaj.ua
104.111.215.191
104.18.18.126
104.18.19.126
142.250.184.194
142.250.185.98
151.1.205.165
151.101.1.108
151.101.2.49
162.55.236.225
172.217.18.2
178.250.0.157
178.250.2.131
18.159.27.64
18.198.69.109
18.203.96.202
185.15.245.80
185.29.134.248
185.89.210.20
185.89.210.212
192.132.33.46
193.0.160.129
198.47.127.19
2.18.233.201
2001:4860:4802:32::178
2001:678:cb4:bbbb::11
205.234.175.175
212.102.43.81
212.82.100.182
23.205.235.133
23.35.236.201
23.35.236.247
23.75.240.210
2400:52e0:1e01::879:1
2600:1f16:e61:3f01:a4e3:c039:b71b:e458
2602:803:c003:200::31
2606:4700:10::6816:1957
2606:4700:20::ac43:44d1
2606:4700:3030::ac43:a0b5
2606:4700:3031::ac43:b689
2606:4700::6812:d4c
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9d
2a02:2638:1::3
2a02:2638::1c
2a02:6ea0:c700::19
2a04:4e42:200::300
2a04:4e42:200::485
2a05:d018:24:b002:d4fc:f527:7aed:872f
2a05:d018:d29:3605:38f8:ac58:6cf7:3607
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.125.70.222
3.126.56.137
3.127.193.182
3.231.251.159
3.248.63.34
3.64.108.197
34.111.131.239
34.199.163.65
35.169.179.244
35.227.248.159
35.227.252.103
35.244.174.68
37.157.2.249
37.157.6.252
44.196.45.105
46.137.145.59
46.249.52.248
5.178.65.246
5.178.65.252
51.158.28.82
51.83.220.94
51.89.9.252
52.205.244.125
52.209.205.147
52.223.40.198
52.45.92.187
52.46.155.104
52.50.170.21
54.239.38.253
62.149.0.72
65.9.66.97
65.9.71.118
67.202.105.32
69.173.144.138
69.173.144.165
76.223.111.18
85.114.159.118
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
066020aaa01a28f39d73ad31167b0d13584a8b9e2aedb7af5b3ca17a4507d4a6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09c8db08fbb4a7fa8d0af6204fe78101572d86bfd8b14c78e7eb9dfdd729658e
0b07888df4f7d3237c8aea5ab2a297473830386801f5f991d870f0cb362a48c7
0b5a87ef53435664c6f35b8654f39d223f0498bd55aa534b9a0d63789660cf51
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce978a7907fdf3a7b393ff68e8c0c17703c7f2eae4772b4bdce769668118dda
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
171dfe7291950e0181c3e51c5a739080b80879231fdf036fc5874d495bcae0dc
1958fc2ec5032a92693b11faf1b7ce395c235da15e9aa6ab0920dad891a2d915
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1f95ac04607c6e193e7e6a7cdc33c29681be7485f29f045c162170cd6cf09559
218adede21e3502e8e18a8cc22ae1b170f5c4a522ec92ec08c0b67102d87394a
22cb083f4b0b4ae6cb1e74514e4a1f9701a8d6ee1824f2e6c57efc8029041ce5
22f76ec98ee350f547646e3fdbb8fe508b2c6570d0ceb71f98a4e8974fff967c
24ddbd6f1eb159364d8240931918dbc10eabc25d94b5e7ba13fb0ffa94cddaf3
2a8efa2f1f4b4d9f188f5fe61ed1dc1aba89d7d80af778bc00bd86b774b91150
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aaeca55203512f83f3bf33efb2628dec705778a4bf171b5da33b71047321160
2bb4fad0fd40a311183664568c42dbdfb03d9b13813c7a1f3d4c4efb3674bd4c
2bccb2f3c6d7766e404d96c0df667f3c5ecd48fe4f82e4ee3de6821f7ce33379
2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7
30a8c4c5e3d54526b78b1001f77155907f9ec6cc16f83a8ccefd26e106ea4172
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
355a98ee1b514242d56bb686b9e87494c1033355c27cdde912bc7cf5ed44bdf7
35f7b6c6edb41bb07d012cd80ae47d2b5f899acd498c727a81d22051d5338332
3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71
3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
428bfad8f1cc0228f939dbebf8f7be45b66340a3544af83890db7e67cbe59294
43e08bfd6875e8d464d705bd0801528ce3b2138ddcebf2f2b969c7c7b0326f80
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c36ec54f79d9d21534b7bb97daffe7cfe6edbf9bfdc732edb9304c0c6c10f06
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e788a87ac9c515a3ee37e0eb59f9c71a47460e0cfff307e0bc1266670fed67c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
50ba51d4aab2e028b75339a1320286332b6ab9085de0fd864380fa818005cecd
50e8a52b27bad7da42a305a2e42aef96f6d9e745e0b98c01db9e08ae0c1901d8
524630206927a3b2f1705266961d384b8fe4af7cc12fa5c25c07d36f85a9c7af
5330cd39153acd1a37ee3f99c47b0835f49f5d1c25d9819d947a68b0e0acd4e4
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561da8b731946433d34677a5c6b6e828319eee37399630e44b101179cc4f7155
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
59cae53f3f1135a809560c65070e07d507bc4856b4d7c6824e486cbc4808c6dc
60eb12486bd244f9b2c77d851a209c7f1cf81a9a82bce5662efb019b50b6f56c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
706274edd139f36500dd470c1a295bf423383c924c5b278a064bb65fe9265675
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe
7ab037c2cbbde510127db317534973d375a4a142c4bae4fbe3a42b3dfe420cc3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8437f462333a9e939d6d1569ff5504dd88922f8833a06abe934cbf49a56e66ce
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b805dcafa904b27c09e38486ecaefaceb344eb811c13d09c5921692de8e399e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e66cc5c1e87984b81ca95783111f133719e6107ea3808e704ab935be49a6dec
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0c108cdb38a9c8db527873ff9482d0f20de23c56132104906e514a9860bcb50
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cd5288df5fc8baba45bf01790e2a932814cd836de0b6f96fa24d3402e7a39e
a2266e14974ecddf601d7f7ffc1fbfdab173d4618ec4edc9dc93e88d2da79ee1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a8c8e81df5427b9b7f73add36689843045be4b761c1e9be438200b041925551a
aadcad3955a59f8e2ed212c2d2e66db0ed7db8042d47dbd2e30f8752bfbfbb47
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5b259f27127f39d9cc9a2a4292f5e588930c09d96d08f21fd991ae6b6d7ecee
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
b96ad8fa38e9a64fdcc9011586abdaa1569d347bc94813a1f0485368d6c0fc21
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbbaf6a835d3618913aebf8df5178491143cf453fb58981782b9c9c17c34a4f1
be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979
c06c8ca6c8aaeff5c2502f15d795d39289495beccdadac100eef321db24758fe
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c76abccec2c944237f2ddf9c616cd1af51b878743605572aad81816f2eaea44c
c932c1107432f3d5fe7cc4a268e573b3cf9a9d1aa74275955f70d062ce8d19c3
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a
cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb
ccbfe3b5e6965dd6f747401973818edc285b773ba65b5365b64dfddbe8b78635
ceeb4cd2d3c122f85631ff93dc6e1f6024b27838019502bc9bb25dbe9c7de11f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
d4642a48e119c9ad59ab2401574960008b487b2c13717f9bdb07305764eede4e
d46ceb2bde60881fb19d81ed006513a18f1fa2428fe60af86e50e308a13f298f
d5030898120163ebe98c244e50374c0c8dc4684638d5c2e69eb635768beaa21c
d87a78782eb26b298fa4ed9a14b1e0c2bc129eaf03f242c043b2c8236569959b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e28b93244e86d1e819060cf4385e6b9beed70c67db1d814a7e71e817ae31a078
e29e030737bf0b66434c4da5e3186c10b57b49c2d53fc91d8360ed1bfdbf5271
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e65632f191a445b819e960503fb15e4e6a3a524b8c8bc0cbcb535cd294538f37
e934d17212c389cb215be66ea64fd701918e3530cf2efdf4f6781f2a3669b097
e9df4f710cf633b94d301ffdd2567dfd90bea64e397d4f8dec6c4ba16ebf1fc9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dc13eaed6a1af2d216dab78b8e000c94891c49df1a778a6610954396c58e6a
fcb916a648bcc183960c9b372cb79c40664390b65fadcf20a985633fbd7b567c
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb