urlscan.io logo urlscan.io
SecurityTrails logo

www.ukr.net Open in urlscan Pro
2600:1901:0:b0a7::  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ukr.net/
Effective URL: https://www.ukr.net/
Submission: On December 05 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 11 countries across 86 domains to perform 350 HTTP transactions. The main IP is 2600:1901:0:b0a7::, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.ukr.net. The Cisco Umbrella rank of the primary domain is 224767.
TLS certificate: Issued by GTS CA 1D4 on December 2nd 2023. Valid for: 3 months.
This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 2600:1901:0:b... 396982 (GOOGLE-CL...)
26 2600:1901:0:1... 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 8 212.42.75.253 8856 (UKRNET Kiev)
2 2 212.42.75.249 8856 (UKRNET Kiev)
4 136.243.84.74 24940 (HETZNER-AS)
3 4 54.38.197.123 16276 (OVH)
1 147.135.189.55 16276 (OVH)
1 193.200.65.2 6681 (GIVEME-CLOUD)
4 212.42.73.60 8856 (UKRNET Kiev)
3 45.133.44.3 39572 (ADVANCEDH...)
8 212.42.76.151 8856 (UKRNET Kiev)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
4 2a0c:5c87:524... 55081 (24SHELLS)
6 2a00:1450:400... 15169 (GOOGLE)
1 7 193.3.178.3 399668 (E-PLANNING-)
1 1 2.18.160.23 16625 (AKAMAI-AS)
9 185.83.71.234 55081 (24SHELLS)
1 67.202.105.21 32748 (STEADFAST)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 3 34.226.187.58 14618 (AMAZON-AES)
3 63.251.14.14 14744 (INTERNAP-...)
1 1 8.2.110.161 46636 (NATCOWEB)
11 15 37.252.173.215 29990 (ASN-APPNEX)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 184.30.16.195 16625 (AKAMAI-AS)
1 8.2.110.26 46636 (NATCOWEB)
1 193.3.178.1 399668 (E-PLANNING-)
1 1 3.224.5.201 14618 (AMAZON-AES)
1 18.198.247.190 16509 (AMAZON-02)
1 69.166.1.35 27630 (AS-XFERNET)
1 35.186.253.211 15169 (GOOGLE)
2 5 52.29.184.165 16509 (AMAZON-02)
2 2 23.56.202.187 16625 (AKAMAI-AS)
4 184.30.22.30 16625 (AKAMAI-AS)
4 15 104.18.36.155 13335 (CLOUDFLAR...)
1 51.89.9.254 16276 (OVH)
13 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.187.81.40 43332 (IDSTRATEG...)
1 18.173.233.95 16509 (AMAZON-02)
2 52.215.12.121 16509 (AMAZON-02)
1 13.248.245.213 16509 (AMAZON-02)
10 15 142.250.186.98 15169 (GOOGLE)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
2 3 37.157.2.229 198622 (ADFORM)
3 3.33.220.150 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 198.47.127.19 62713 (AS-PUBMATIC)
2 2 52.19.46.71 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.82 24961 (MYLOC-AS ...)
1 1 34.241.138.233 16509 (AMAZON-02)
1 1 3.71.149.231 16509 (AMAZON-02)
1 2 3.75.62.37 16509 (AMAZON-02)
1 1 3.65.68.8 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 52.211.88.8 16509 (AMAZON-02)
1 162.55.236.224 24940 (HETZNER-AS)
2 2 151.101.130.49 54113 (FASTLY)
1 1 44.197.32.198 14618 (AMAZON-AES)
1 2 52.94.223.167 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
1 1 54.73.3.247 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2 52.46.155.104 16509 (AMAZON-02)
3 3 44.215.169.187 14618 (AMAZON-AES)
1 1 46.228.164.13 56396 (AMOBEE)
2 2 18.173.233.125 16509 (AMAZON-02)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 46.228.164.11 56396 (AMOBEE)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 34.247.233.198 16509 (AMAZON-02)
1 1 35.210.239.72 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 54.225.102.15 14618 (AMAZON-AES)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 52.45.83.84 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
1 1 50.31.142.63 23352 (SERVERCEN...)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 185.86.138.155 201081 (SMARTADSE...)
1 1 211.120.53.205 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 185.187.81.41 43332 (IDSTRATEG...)
2 69.173.144.165 26667 (RUBICONPR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 6 34.250.32.32 16509 (AMAZON-02)
27 2a00:1450:400... 15169 (GOOGLE)
6 142.250.186.66 15169 (GOOGLE)
6 2600:9000:244... 16509 (AMAZON-02)
17 2600:1f13:800... 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
1 162.19.138.118 16276 (OVH)
350 84
8    2600:1901:0:b0a7:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
ukr.net
www.ukr.net
26    2600:1901:0:1728:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
upst.fwdcdn.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    212.42.75.253 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com
accounts.ukr.net
2    212.42.75.249 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com
mail.ukr.net
4    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
go.rcvlink.com
4    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
1    147.135.189.55 (Fresnes, France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
1    193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com
trafmag.com
4    212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
counter.ukr.net
3    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
8    212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com
pinformer.sinoptik.ua
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
sghb.adtelligent.com
6    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
7    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams03.e-planning.net
sync.e-planning.net
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
9    185.83.71.234 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
3    34.226.187.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-187-58.compute-1.amazonaws.com
cookies.nextmillmedia.com
3    63.251.14.14 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
PTR: 14.14.251.63.unassigned.ord.singlehop.net
ap.lijit.com
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
15    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    8.2.110.26 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    193.3.178.1 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    3.224.5.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-5-201.compute-1.amazonaws.com
ssp.disqus.com
1    18.198.247.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-247-190.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    52.29.184.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-184-165.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
15    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
13    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
1    18.173.233.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-95.dus51.r.cloudfront.net
tags.crwdcntrl.net
2    52.215.12.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-12-121.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
15    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f601:31be:eaee:1d8c:9fe8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.19.46.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-46-71.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.82 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    34.241.138.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-233.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    3.65.68.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-68-8.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    52.211.88.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    44.197.32.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-32-198.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.73.3.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-3-247.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    44.215.169.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-169-187.compute-1.amazonaws.com
i.liadm.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    18.173.233.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-125.dus51.r.cloudfront.net
live.rezync.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
10    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
19    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
36    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    54.225.102.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-102-15.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    2a05:d018:d29:3601:357b:9971:3f66:201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    52.45.83.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-83-84.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    50.31.142.63 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    211.120.53.205 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zfctrack.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    34.250.32.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-32-32.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
27    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
6    2600:9000:2440:5800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
17    2600:1f13:800:7781:5f9f:1259:c76c:3ebc (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
Apex Domain
Subdomains		 Transfer
55 googlesyndication.com
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
409 KB
34 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
346 KB
29 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
515 KB
27 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
336 KB
26 fwdcdn.com
upst.fwdcdn.com — Cisco Umbrella Rank: 244581
409 KB
22 ukr.net
ukr.net — Cisco Umbrella Rank: 96678
www.ukr.net — Cisco Umbrella Rank: 224767
accounts.ukr.net — Cisco Umbrella Rank: 222200
mail.ukr.net — Cisco Umbrella Rank: 159578
counter.ukr.net — Cisco Umbrella Rank: 188365
130 KB
16 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7472
sghb.adtelligent.com — Cisco Umbrella Rank: 16454
sync.adtelligent.com — Cisco Umbrella Rank: 6860
219 KB
15 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
10 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
11 KB
13 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2888
mwzeom.zeotap.com — Cisco Umbrella Rank: 3215
4 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
207 KB
9 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
3 KB
9 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
token.rubiconproject.com — Cisco Umbrella Rank: 461
29 KB
9 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9066
c.mgid.com — Cisco Umbrella Rank: 7275
cdn.mgid.com — Cisco Umbrella Rank: 11503
servicer.mgid.com — Cisco Umbrella Rank: 9134
cm-x.mgid.com — Cisco Umbrella Rank: 6820
s-img.mgid.com — Cisco Umbrella Rank: 9069
cm.mgid.com — Cisco Umbrella Rank: 1303
104 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2234
s.e-planning.net — Cisco Umbrella Rank: 4907
u-ams03.e-planning.net — Cisco Umbrella Rank: 30386
sync.e-planning.net — Cisco Umbrella Rank: 4044
3 KB
8 sinoptik.ua
pinformer.sinoptik.ua — Cisco Umbrella Rank: 221057
46 KB
6 gstatic.com
fonts.gstatic.com
81 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
1 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
75 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
3 KB
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
4 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10154
1 KB
4 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 43372
8 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
192 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
2 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 699
usermatch.krxd.net — Cisco Umbrella Rank: 1751
943 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
445 B
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 2870
c1.adform.net — Cisco Umbrella Rank: 560
2 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
7 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
831 B
3 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2362
188 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
883 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
ad.turn.com — Cisco Umbrella Rank: 773
841 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
914 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25773
907 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
19 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 491
531 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
34 KB
2 trafmag.com
trafmag.com — Cisco Umbrella Rank: 22879
t.trafmag.com — Cisco Umbrella Rank: 23934
2 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 56807
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
153 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
271 B
1 zfctrack.net
s.zfctrack.net — Cisco Umbrella Rank: 205537
450 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
695 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
75 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
540 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
286 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4714
237 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274
269 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3764
444 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
98 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
1 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
693 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 35983
215 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1727
60 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1226
204 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
527 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 24530
84 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7695
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12465
460 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 648
203 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
140 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 743967
169 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
399 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
35 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1557
300 B
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3200
60 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2232
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 904
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1215
384 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
252 B
1 mixadvert.com
m.mixadvert.com — Cisco Umbrella Rank: 353866
717 B
0 bemail.it Failed
bn01.er.bemail.it Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
350 86
Domain Requested by
30 pagead2.googlesyndication.com www.ukr.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
www.googletagservices.com
27 s0.2mdn.net www.ukr.net
s0.2mdn.net
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
26 upst.fwdcdn.com www.ukr.net
upst.fwdcdn.com
pinformer.sinoptik.ua
19 tpc.googlesyndication.com 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
www.ukr.net
tpc.googlesyndication.com
17 dt.adsafeprotected.com 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
www.ukr.net
15 cm.g.doubleclick.net 10 redirects spl.zeotap.com
rtb.gumgum.com
googleads.g.doubleclick.net
14 ib.adnxs.com 10 redirects spl.zeotap.com
googleads.g.doubleclick.net
12 dsum-sec.casalemedia.com 3 redirects ssum.casalemedia.com
googleads.g.doubleclick.net
11 mwzeom.zeotap.com spl.zeotap.com
10 cdn.ampproject.org 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
9 sync.adtelligent.com player.adtelligent.com
www.ukr.net
ads.us.e-planning.net
8 pinformer.sinoptik.ua www.ukr.net
pinformer.sinoptik.ua
8 accounts.ukr.net 1 redirects upst.fwdcdn.com
www.ukr.net
accounts.ukr.net
7 usersync.gumgum.com rtb.gumgum.com
6 static.adsafeprotected.com 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net www.ukr.net
6 fw.adsafeprotected.com 3 redirects www.ukr.net
6 fonts.gstatic.com fonts.googleapis.com
6 googleads.g.doubleclick.net www.ukr.net
pagead2.googlesyndication.com
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
6 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 securepubads.g.doubleclick.net www.ukr.net
securepubads.g.doubleclick.net
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
6 www.ukr.net www.ukr.net
upst.fwdcdn.com
pinformer.sinoptik.ua
5 x.bidswitch.net 2 redirects ads.us.e-planning.net
spl.zeotap.com
rtb.gumgum.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 eus.rubiconproject.com ads.us.e-planning.net
rtb.gumgum.com
eus.rubiconproject.com
4 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 sghb.adtelligent.com player.adtelligent.com
4 counter.ukr.net www.ukr.net
counter.ukr.net
4 a4p.adpartner.pro 3 redirects upst.fwdcdn.com
4 go.rcvlink.com www.ukr.net
go.rcvlink.com
3 www.googletagservices.com www.ukr.net
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
3 i.liadm.com 3 redirects
3 match.adsrvr.org spl.zeotap.com
ssum.casalemedia.com
rtb.gumgum.com
3 ads.pubmatic.com jsc.mgid.com
ads.us.e-planning.net
rtb.gumgum.com
3 ap.lijit.com www.ukr.net
3 cookies.nextmillmedia.com 1 redirects www.ukr.net
3 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
2 token.rubiconproject.com eus.rubiconproject.com
2 creativecdn.com 2 redirects
2 c1.adform.net 2 redirects
2 fonts.googleapis.com 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
2 live.rezync.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 ups.analytics.yahoo.com 1 redirects ssum.casalemedia.com
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
2 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
2 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 ads.us.e-planning.net 1 redirects player.adtelligent.com
2 cdn.mgid.com www.ukr.net
2 mail.ukr.net 2 redirects
2 player.adtcdn.com www.ukr.net
2 jsc.mgid.com www.ukr.net
jsc.mgid.com
2 www.googletagmanager.com www.ukr.net
www.googletagmanager.com
2 ukr.net 2 redirects
1 id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 s.zfctrack.net www.ukr.net
1 tg.socdm.com 1 redirects
1 sync.e-planning.net rtb.gumgum.com
1 ssbsync.smartadserver.com rtb.gumgum.com
1 bh.contextweb.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com rtb.gumgum.com
1 sync.srv.stackadapt.com 1 redirects
1 us-u.openx.net rtb.gumgum.com
1 u.ipw.metadsp.co.uk 1 redirects
1 secure.adnxs.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 ad.turn.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 idsync.rlcdn.com ssum.casalemedia.com
1 p.rfihub.com 1 redirects
1 d.turn.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 cms.quantserve.com 1 redirects
1 pixel.rubiconproject.com spl.zeotap.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 eb2.3lift.com ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 loadercdn.net www.ukr.net
1 onetag-sys.com ads.us.e-planning.net
1 rtb.openx.net ads.us.e-planning.net
1 sync.go.sonobi.com ads.us.e-planning.net
1 match.sharethrough.com ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 sync.admanmedia.com ads.us.e-planning.net
1 mug.criteo.com www.ukr.net
1 cdn.id5-sync.com jsc.mgid.com
1 cm.mgid.com jsc.mgid.com
1 s-img.mgid.com www.ukr.net
1 vid.vidoomy.com www.ukr.net
1 cm-x.mgid.com 1 redirects
1 t.trafmag.com www.ukr.net
1 ssc-cms.33across.com player.adtelligent.com
1 hbx.media.net 1 redirects
1 servicer.mgid.com jsc.mgid.com
1 static.criteo.net securepubads.g.doubleclick.net
1 c.mgid.com www.ukr.net
1 www.google.de www.ukr.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 trafmag.com upst.fwdcdn.com
1 m.mixadvert.com upst.fwdcdn.com
0 bn01.er.bemail.it Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
350 129

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
www.booking.com
rozetka.com.ua
www.work.ua
proizd.ua
rst.ua
avtoprod.ua
avtosale.ua
osago.avtosale.ua
goroshina.ua
www.otpusk.ua
www.accordtour.com
gorod-plitki.com.ua
dom.ria.com
lun.ua
flatfy.ua
casada.ua
med-mebli.com.ua
med-magazin.ua
bit.ly
doctoronline.care
viveohealth.com
teplo.app
goodmax.com.ua
luxchrono.com.ua
artpotolok.kiev.ua
lascala.ua
vencon.ua
masterzoo.ua
work.ua
robota.ua
optima.school
layboard.com
optima.study
cutt.ly
buketland.ua
flowers.ua
hvosting.ua
nic.ua
rx-name.ua
internetua.com
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
adp.digital
www.europe-stomatolog-centre.com.ua
mixadvert.com
m.mixadvert.com
kinoafisha.ua
hromadske.radio
censor.net
www.eurointegration.com.ua
nv.ua
weukraine.tv
interfax.com.ua
24tv.ua
zn.ua
flot2017.com
www.rbc.ua
espreso.tv
telegraf.com.ua
ukranews.com
top.today.ua
zahid.espreso.tv
usionline.com
sud.ua
informator.ua
rubryka.com
cripo.com.ua
hronikers.com
inform.ukrainianwall.com
ukrpohliad.org
slovoproslovo.info
kyiv.comments.ua
kyivschina24.com
enovosty.com
hromadske.ua
vechirniy.kyiv.ua
news.obozrevatel.com
itechua.com
portaltele.com.ua
ua.news
focus.ua
cursorinfo.co.il
uspih.in.ua
vnedorozhnik.net.ua
newsyou.info
mashyna.com.ua
www.epochtimes.com.ua
autotheme.info
champion.com.ua
profootball.ua
footballtransfer.com.ua
xsport.ua
zhenskiy.kyiv.ua
lady.kyiv.ua
woman24.kyiv.ua
storinka.com.ua
useti.org.ua
www.trserial.net.ua
insider.ua
meta.ua
babel.ua
novosti-n.org
uatv.ua
u-news.com.ua
tsn.ua
armyinform.com.ua
novyny.live
dailynews.kyiv.ua
shuba.life
odnaminyta.com
ua-vestnik.com
rezina.cc
shinadiski.com.ua
www.zapchast.com.ua
avtoapteka.net.ua
autoshini.com
transshina.com.ua
ukrguma.com.ua
kiaparts.com.ua
www.optics-pro.com.ua
ukroptica.com.ua
www.aks.ua
sotnyk.net
helplist.io
www.facebook.com
dovidka.info
prava-veteraniv.com
savelife.in.ua
shelter.dopomagai.org
bank.gov.ua
sprotyv.mod.gov.ua
klubnatura.pl
life.pravda.com.ua
www.immobilienscout24.de
chytomo.com
zib.com.ua
www.bamf.de
www.ukrainetakeshelter.com
vogue.ua
life.nv.ua
t.me
upst.fwdcdn.com
trafmag.com
army.thelobbyx.com
adline.kiev.ua
mail.ukr.net
Subject Issuer Validity Valid
ukr.net
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
fwdcdn.com
GTS CA 1D4		 2023-10-31 -
2024-01-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
adtcdn.com
GTS CA 1P5		 2023-11-10 -
2024-02-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.ukr.net
Thawte TLS RSA CA G1		 2023-04-29 -
2024-03-29		 a year crt.sh
*.rcvlink.com
Thawte TLS RSA CA G1		 2023-09-19 -
2024-10-02		 a year crt.sh
adpartner.pro
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
m.mixadvert.com
R3		 2023-12-03 -
2024-03-02		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-13 -
2024-06-13		 a year crt.sh
player.adtelligent.com
R3		 2023-11-15 -
2024-02-13		 3 months crt.sh
sinoptik.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-11-13 -
2024-12-12		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
sghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-23 -
2024-02-21		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
loadercdn.net
R3		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-10-21 -
2024-01-19		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
s.zfctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-17 -
2024-08-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh

This page contains 43 frames:

Primary Page: https://www.ukr.net/
Frame ID: 43FFFCF070449E09D1F6F201DA1369D6
Requests: 86 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 371E2E5D82AF4AC9C315EDF39D158069
Requests: 6 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 92148D6BCEC0436C8802D426F1E4E0E7
Requests: 4 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
Frame ID: 6A96E5E6750956F435E12D10E6B0608E
Requests: 13 HTTP requests in this frame

Frame: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 250EC86556B55E7E54505106D5635B12
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 47D5AEC42FDF6C7CF95753734D50168F
Requests: 11 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: 213C1DE3429E940927064A6607E3F445
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 7AFE63016DCAAC2D7F370515558C0171
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Frame ID: 0B91B08398B0A1FEF9E9DD327F76A75A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D126bd6bdc617e589%26uid%3D
Frame ID: 7B983A6C0D2BACEBD96C77630C07B23B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: E51B3077AC7813EFB9017A01FBB6990B
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Frame ID: 41DB38B6A2DE02C9405DF98334F37FC3
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 1491EA2D68A51CEDA3DCB77D8B47B772
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 3702B6293C1C96F80E06C5146A7E785C
Requests: 33 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Frame ID: 4A104085B60F51279BDFB70F8B96559F
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 92BC546AA657EF2CA06753D6512B0467
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AL5QCVu2ZelodPcC&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=484122&a=307971&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: EB519A24CB7F764AC7BBB8A8DE4A9D16
Requests: 1 HTTP requests in this frame

Frame: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 558D14A1A3203651DE5C32666E255645
Requests: 19 HTTP requests in this frame

Frame: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA2B842138C5D775D03D040130060B91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNWIrXus59O25OSyi7VTlytT6HcjWPCm6xQAbOo54JfOQKWsTjxgkfZaUTx9HP4ZYHwQAY2qALg1xpzM__2mD0xAEIpUkQZECteH_IOPnd0p3krOR2-0KBtAyUYBoT8drYLqfU2KrlJmTwnmo8R8gQQrIIm__6vSbNJi-oDqJ5bRr_MbYto
Frame ID: AB364FF60F59C080FDA9CD106A80C97E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 79F4301C3367C15768C920DC438E331F
Requests: 26 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=4657187938654012922&gdpr=&gdpr_consent=
Frame ID: D0E23E283426D0C2F83FD3C3D9783CBC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTQ5ZTA4MS0zZmYzLTRmMzItODNjYi05ZTFlODU0OWY5YTE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 62D984680EC120C7ADDF10C05BB6D46D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: B6A5E42C0F6E20442220311BDC08A0C4
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 2748592FC7D7F0FBA53AD2DB48ED7DB7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZW7J9sCo5sIAAFGjqcYAAAAA
Frame ID: 78468CB617BC8DD0075C6F6F7B42A4F5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=wmpcEe_gD47X3U1DRt8baMs8MImil50qXuJY6ltCrWU&pi=gumgum&tc=1
Frame ID: C5DF6CEB1F049DFC7157273BDF82F8B9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B55B90CD250B124FD57B7FF5C870CEE0
Requests: 3 HTTP requests in this frame

Frame: https://s.zfctrack.net/z
Frame ID: 4243C60CD143DAE77081C5B26A85D925
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0BADBF44A3CB04DBD73FC81F311AA34B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
Frame ID: 11A24C404A0B961D9F3168DE1D708900
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3EF4858590DBEC69AF3684EA380CC1F0
Requests: 1 HTTP requests in this frame

Frame: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 093F285F87F749324C21BD04E1655A1B
Requests: 16 HTTP requests in this frame

Frame: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B60EB26A6C4B358C550119504A247294
Requests: 24 HTTP requests in this frame

Frame: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 83834833233CF98387FA5501470435D4
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXa2yf_b1rweTuywoMDFJKfgzoj97iglBmU5wpSJ9tlCy4ynjjS2tZYwwiLjiXkwE6jJ2vZ_LrhAnEgl-gS2wNM5uyQ3eOuwHh9JuCbfzKv_IqRhc9CcqHmuzPZ6KdVOFchwq_Yyg46KeTz-GpQh7NETRay97a9sHfDyQyZgzRdn1zBnlM
Frame ID: 4285D25FADDB8A32CC01C4C2F0BF0F5F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVYVvu0ucmvNzUBBmnEo8y_II1QBtn3gOcOv2fpWNpJC0iujmvCwmLUV5J-5H6VMrnGKypcx-2PZfSEShRzTL55FINBvcIFeYF7N5RwCPhlROPMzKgMEyruNqH0tPPZr-t9xIqYMqrcJk-pEXG6En7PKkDXqPAMXKCEBl0XXoTN5UZwFEM
Frame ID: 12AF7AFB74022076314AD7E8F0D03F8E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D07A603830A178572713846E241C748B
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C1B9450625D63E00EE029BCAAC6E3582
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: F1CD3B8FB972A224FDDD89D5526BEAC0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 243C91E8811470B6D4892D22F409380D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: B5E57AAF59480A305AD3C5AFF0FB851D
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5A004A0C23A719E86F2465D0E6F013C8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Page URL History Show full URLs

  1. http://ukr.net/ HTTP 301
    https://ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

350
Requests

84 %
HTTPS

26 %
IPv6

86
Domains

129
Subdomains

84
IPs

11
Countries

3360 kB
Transfer

9422 kB
Size

95
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ukr.net/ HTTP 301
    https://ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://mail.ukr.net/widget?lang=uk&theme=default HTTP 303
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Request Chain 78
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Request Chain 79
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D750708%26a%3D754412%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 83
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEA0%26sp%3D463288%26pb%3D283366%26c%3D628863%26a%3D307558%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3725f268-1b80-4cfc-8bc5-d7229c70fdb9&traffic_source=snippet&session=1F9CBCA66249EEA0&sp=463288&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 85
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEAD%26sp%3D812819%26pb%3D283366%26c%3D628863%26a%3D307558%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=67b8ba9b-9593-4c83-bf91-28a9f671006b&traffic_source=snippet&session=1F9CBCA66249EEAD&sp=812819&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 88
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D746141%26a%3D753378%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=d2ded5aa-531c-46ec-9fd7-d3ba60f71927&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=746141&a=753378&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 90
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D529070%26a%3D297253%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D1F9CBCA66249EEB1%2526sp%253D852559%2526pb%253D753264%2526c%253D529070%2526a%253D297253%2526gdpr%253D0%2526gdpr_source%253D%2526gdpr_consent%253D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=212101622280528343&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=529070&a=297253&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 91
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D736651%26a%3D751004%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D751004%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D1F9CBCA66249EEB1%2526sp%253D852559%2526pb%253D753264%2526c%253D736651%2526a%253D751004%2526gdpr%253D0%2526gdpr_source%253D%2526gdpr_consent%253D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=8822236028279171789&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=736651&a=751004&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 92
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D603469%26a%3D307558%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ac55e2a9-67b7-45f2-b604-0c5236f8274f&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=603469&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 94
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D635609%26a%3D584890%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D1F9CBCA66249EEB1%2526sp%253D852559%2526pb%253D753264%2526c%253D635609%2526a%253D584890%2526gdpr%253D0%2526gdpr_source%253D%2526gdpr_consent%253D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5006077730567657017&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=635609&a=584890&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 103
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=rtuNsHxKRE9UNzNUNVZoVTBIZ05CVFEvS3gwb1ArVW5WbitxMTRwT201RDJPUXcreWNKZ3VkeUdUaGJFUnhCTjdzNVRxVUtwL29UZG50NVRkYm9na1E3QVQ3VTZ0MjhTcnpOR3lSN0ZIaGNha3ZvemN6QXVYT1ZabmxLcU13L0JkaG5jSWVtL1JGSThIUXlzNnFhbkxwd1hlZmp6VmxhQkJjQmpRdDcya0dESXNlZnVUb1hWR2VrY0FiS3ZLbmpma0hNa0lsN0s2TUZ2a1JLeWRmTW0wVkpUMmVlQWhBTDdlVDI4ckhJN1FmcHY0cHFrelZrN2dDNE1JamZTNnhvdG1XVEtvaENuczhMdmVXOXpsTWt2Uks0dkZCQT09fA&cppv=2
Request Chain 106
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D126bd6bdc617e589%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=126bd6bdc617e589&uid=212101622280528343
Request Chain 107
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D126bd6bdc617e589%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=126bd6bdc617e589&uid=ua-2b7dc4f4-cff2-3965-b94a-31d2e615c35b
Request Chain 111
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D126bd6bdc617e589 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=126bd6bdc617e589
Request Chain 114
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 115
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Request Chain 125
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=dc79552a-3106-4c21-8f4e-f0aebc121327&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 132
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=627626f4-46d4-4e40-52ac-b2d96cd1456a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=627626f4-46d4-4e40-52ac-b2d96cd1456a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=24281732729008460640661513992818066364&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 135
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7309001303669667994&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 136
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=627626f4-46d4-4e40-52ac-b2d96cd1456a HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=627626f4-46d4-4e40-52ac-b2d96cd1456a
Request Chain 137
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361&bounce=1&random=69024000 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=MgWoHUBccRG1/mPpZp7RAO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 139
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=627626f4-46d4-4e40-52ac-b2d96cd1456a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 140
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-ToP4ejhE2oonSM4VZQMW3.RMT1E4y3K5ow--~A&zpartnerid=570&env=mWeb
Request Chain 141
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CYSLYphnIs58HRp5woYelBkvFwG97Grs%2BS41iYitP1U%3D
Request Chain 145
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361&_test=ZW7J9gAEnq1hdgBU HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZW7J9gAEnq1hdgBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 146
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 147
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361&dcc=t
Request Chain 149
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 153
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=bCPtoTkvvfJ3IL73OCf2oDtzvvV3JO2lPCQ2YulH&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Request Chain 158
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEH_pZW6YKlOZgm903UJv6io&google_cver=1
Request Chain 160
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZW7J9ThIhiur-uDaCl5S8QAA%265167&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZW7J9ThIhiur-uDaCl5S8QAA%265167&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=9ab9c74e7475451d9349e484830ef3b1 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3029932789337987170 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=9ab9c74e-7475-451d-9349-e484830ef3b1 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=19c6f3cc-e475-4f34-8bb7-2c7b68904c44%3A1701759479.2894151&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D19c6f3cc-e475-4f34-8bb7-2c7b68904c44%253A1701759479.2894151%26_%3D1701759479.2913725&cb=1701759479.291404 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527874726558&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D19c6f3cc-e475-4f34-8bb7-2c7b68904c44%253A1701759479.2894151%26_%3D1701759479.2913725 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=19c6f3cc-e475-4f34-8bb7-2c7b68904c44%3A1701759479.2894151&_=1701759479.2913725
Request Chain 161
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f36211d445c0471890840fffc2163399&expiration=1704351477
Request Chain 162
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3029932789337987170
Request Chain 163
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=ebf4d20a-8e95-4ae8-b4c7-ef993447c3a4
Request Chain 181
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5006077730567657017
Request Chain 182
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_8949e081-3ff3-4f32-83cb-9e1e8549f9a1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_8949e081-3ff3-4f32-83cb-9e1e8549f9a1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=da18f873-e89f-4800-b211-575f6ba50b33&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=da18f873-e89f-4800-b211-575f6ba50b33
Request Chain 184
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-aa5024c1-3ac0-5b98-4a2d-0f791f16ed50$ip$82.199.130.37
Request Chain 186
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=dd400ebc-381b-4958-a273-06cf4e7b822d
Request Chain 188
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_8949e081-3ff3-4f32-83cb-9e1e8549f9a1&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 189
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=WJhQ3A7J6t2D&ev=1&pid=558355
Request Chain 192
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=4657187938654012922&gdpr=&gdpr_consent=
Request Chain 196
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZW7J9sCo5sIAAFGjqcYAAAAA
Request Chain 197
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=wmpcEe_gD47X3U1DRt8baMs8MImil50qXuJY6ltCrWU&pi=gumgum&tc=1
Request Chain 198
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Request Chain 212
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7J9ThIhiur-uDaCl5S8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
Request Chain 214
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
Request Chain 237
  • https://fw.adsafeprotected.com/rfw/st/990511/61634092/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gAik0XH6qC2FkuDvhJl44m&adContainerId=brand_safety_9sluZderDsLAjuwPgaC9gAk&cbFunctionName=goog_wrapCb_9sluZderDsLAjuwPgaC9gAk&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.ukr.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.ukr.net%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:765b10b7-4bc3-b5c9-a1a3-c93f5c6bde09,c:vU2Stf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-594854db75-r4rp8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1*.990511-61634092%7C1c11%7C1c12%7C1c13,idMap:1c1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:16,oid:9f985c2c-933b-11ee-92a4-aef81c3b1ac5,v:19.8.463,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_9sluZderDsLAjuwPgaC9gAk&cbFunctionName=goog_wrapCb_9sluZderDsLAjuwPgaC9gAk&true_pb=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Request Chain 281
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7J9ThIhiur-uDaCl5S8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
Request Chain 283
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Request Chain 286
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7J9ThIhiur-uDaCl5S8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
Request Chain 288
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
Request Chain 309
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJ0UDnCWWms0Ai9pZNdYyx&adContainerId=brand_safety_98luZZpSnJOO7A_N5YOIBg&cbFunctionName=goog_wrapCb_98luZZpSnJOO7A_N5YOIBg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.ukr.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.ukr.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f85b4c99-385a-da2a-cb08-7652b1553548,c:vU2SCc,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-594854db75-6hhr7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tXxTlBl+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e*.990511-61634100%7C1e1%7C1e2%7C1f1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:17,oid:9ff7e1c9-933b-11ee-8c38-d6db586e76d8,v:19.8.463,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_98luZZpSnJOO7A_N5YOIBg&cbFunctionName=goog_wrapCb_98luZZpSnJOO7A_N5YOIBg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Request Chain 321
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hrUrhvOy7IUkc9ZCb-baSc&adContainerId=brand_safety_98luZdeEBPWSjuwP-Oy66Ak&cbFunctionName=goog_wrapCb_98luZdeEBPWSjuwP-Oy66Ak&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.ukr.net&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.ukr.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8e8c0a89-165d-eb7b-eda5-7e03af545041,c:vU2SDg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-594854db75-t8xhd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tXxTlCm+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.990511-61634100%7C1f1%7C1f2%7C1f3,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:21,oid:a001303f-933b-11ee-b329-1a8d6701a2c4,v:19.8.463,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_98luZdeEBPWSjuwP-Oy66Ak&cbFunctionName=goog_wrapCb_98luZdeEBPWSjuwP-Oy66Ak&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

350 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ukr.net/
Redirect Chain
  • http://ukr.net/
  • https://ukr.net/
  • https://www.ukr.net/
158 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:b0a7:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
6b4f4a405ef88b4c167f248b2749274d306280ed8c458a3699fd60ca306f3742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
41298
content-type
text/html
date
Tue, 05 Dec 2023 06:57:56 GMT
etag
"656ec9c4-a152"
last-modified
Tue, 05 Dec 2023 06:57:08 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
User-Agent
via
1.1 google
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

age
1409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
content-type
text/html
date
Tue, 05 Dec 2023 06:34:27 GMT
location
https://www.ukr.net/
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
top_links.css
upst.fwdcdn.com/css/1699382510/ 		1 KB
426 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/1699382510/top_links.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2077a90676edf41fc4631f0241688148eb3303fd3fd85b5cca5398801b6cbb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:20:34 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 07 Nov 2023 18:43:03 GMT
server
nginx
age
2281042
etag
W/"654a8537-48c"
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
/
upst.fwdcdn.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 21:14:13 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
nginx
age
1503823
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1581
main.css
upst.fwdcdn.com/css/6/portal/ 		44 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/6/portal/main.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:57:05 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 08 Jun 2023 12:31:02 GMT
server
nginx
age
1717251
etag
"6481ca06-204a"
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8266
_desktop.js
www.ukr.net/news/ 		20 B
120 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/news/_desktop.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:b0a7:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
concat.js
upst.fwdcdn.com/js/4/portal/ 		167 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/4/portal/concat.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:32:07 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 29 May 2023 14:23:02 GMT
server
nginx
age
203149
etag
"6474b546-cc89"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52361
main.js
upst.fwdcdn.com/js/16/portal/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/16/portal/main.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
f3d5b442ff551168311e3f06373293b3c8adc105996e1bda61832dd230ce453f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 21:03:03 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 17 Oct 2023 07:29:03 GMT
server
nginx
age
294893
etag
"652e37bf-4237"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16951
gtm.js
www.googletagmanager.com/ 		181 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b07c4e5c3d3d7ff6b74ed9b07cd3767d73af333de9477b1fca3fe68e995be1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66643
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 06:57:56 GMT
970x90.png
upst.fwdcdn.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/970x90.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:03:35 GMT
via
1.1 google
last-modified
Tue, 25 Apr 2023 12:57:06 GMT
server
nginx
age
467661
etag
"6447ce22-cd3"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3283
logo_uac7f4b24cbcd406a20d1950cb01ea4dc4.gif
upst.fwdcdn.com/temp/holidays/13183/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/temp/holidays/13183/logo_uac7f4b24cbcd406a20d1950cb01ea4dc4.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
cc43dab60b728537533bca689cf28f6d238f6425cf3e307e7073e3a5d5b55b13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:20 GMT
via
1.1 google
last-modified
Mon, 04 Dec 2023 22:00:01 GMT
server
nginx
age
32256
etag
"656e4be1-5aaf"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23215
title_img_uac7f4b24cbcd406a20d1950cb01ea4dc4.gif
upst.fwdcdn.com/temp/holidays/13183/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/temp/holidays/13183/title_img_uac7f4b24cbcd406a20d1950cb01ea4dc4.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
780756123232b9d63eae9802709613efe0940a9a3ba2f11ddb8e400f85fbcf8c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:23 GMT
via
1.1 google
last-modified
Mon, 04 Dec 2023 22:00:01 GMT
server
nginx
age
32253
etag
"656e4be1-50a"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1290
grey-pix.gif
upst.fwdcdn.com/img/ 		53 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/grey-pix.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:27:54 GMT
via
1.1 google
last-modified
Wed, 12 Jun 2013 11:52:20 GMT
server
nginx
age
372602
etag
"51b860f4-35"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:24:51 GMT
via
1.1 google
last-modified
Fri, 03 Oct 2014 14:11:04 GMT
server
nginx
age
480785
etag
"542eae78-1134"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4404
fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 04:05:00 GMT
via
1.1 google
last-modified
Fri, 10 Oct 2014 10:17:53 GMT
server
nginx
age
96776
etag
"5437b251-134e"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4942
300x250.png
upst.fwdcdn.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/300x250.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:27:37 GMT
via
1.1 google
last-modified
Tue, 25 Apr 2023 12:57:06 GMT
server
nginx
age
372619
etag
"6447ce22-e74"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3700
300x145.png
upst.fwdcdn.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/300x145.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:55:59 GMT
via
1.1 google
last-modified
Tue, 25 Apr 2023 12:57:06 GMT
server
nginx
age
414117
etag
"6447ce22-a9f"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2719
ukr.net.1516503.js
jsc.mgid.com/u/k/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/u/k/ukr.net.1516503.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b5969b9438d933adcc03b041d4b4ce929f5104c9130a945c90668f39cc6e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
x-amz-version-id
TesqSuw1hll.yn9vf1o6PH1Qo0OrLUTD
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
0RYD7AFXX92PXBM3
age
3642
cf-polished
origSize=3751
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
AYj2T+EAT1u60vXBEy87ivsRUsTxW0grF/QQ6uq7KeiHk62JCtWF0hJ5T2OfZOpSP8DpGLq6Yx0=
cf-bgj
minify
last-modified
Mon, 27 Nov 2023 14:17:31 GMT
server
cloudflare
etag
W/"cba3666fbbb062a0d20dacfeeb18f392"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
830a65d9bf517759-LHR
expires
Tue, 05 Dec 2023 09:57:56 GMT
top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:56:07 GMT
via
1.1 google
last-modified
Wed, 12 Jun 2013 11:52:20 GMT
server
nginx
age
414109
etag
"51b860f4-140f"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5135
hb_742228_17438.js
player.adtcdn.com/prebidlink/472710/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/472710/hb_742228_17438.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3269a13e60e1a676fefb07de5d6d92f2a32541b3d362b5be58cbda94e511888

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 16:38:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
180
etag
W/"656e0081-603"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQUW3ON%2BNP4v6%2BPC6mA6DngvXSCZKbqe6h4BNQNoSiwirhC7IbsDIciiRfxtMl%2Fmp4ftfPFm7yD4cJQFGoPuMaT9eBBUNQwnw73ZqGIXPTTrQSF0xk%2FShPtwcioaElT5VLDG36cZg8QQLMYGwhLkLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
830a65d9bdd748b7-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 05 Dec 2023 07:09:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1cf5caad40b1f6f5a766a7f2efc2ce5d03e783a783a3a27482afe989816a98c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29945
x-xss-protection
0
server
cafe
etag
685 / 19696 / m202311280101 / config-hash: 9069639121904637480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 06:57:56 GMT
wrapper_hb_742228_17438.js
player.adtcdn.com/prebidlink/472710/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/472710/wrapper_hb_742228_17438.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80cbcde9410b93c02d11d9eac11dbbe50b22c05209bff919df17317973a07668

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 16:38:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
180
etag
W/"656e0081-9fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZEa6wdi6PC4l%2F9sak9w%2FBaW%2B5xTy%2BGhBsCeFM%2B1r3OZSdA5njve9qkr%2BdPh81KRX7aD%2F%2BtSLoXqrprFaIYsa6BlK0JU5NNN7Fa7QRkt1f2x5lc70gB2sDjR%2F5LhrF0B2ZavPQSaRR2WbMHCnCxwaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
830a65d9bdd648b7-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 05 Dec 2023 07:09:56 GMT
test
accounts.ukr.net/public/access/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/public/access/test?_=1701759476644
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.ukr.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
server
nginx
access-control-max-age
600
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
x-upstream
4210.10.20.37:5080
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length
2
login
accounts.ukr.net/widget/ Frame 371E
Redirect Chain
  • https://mail.ukr.net/widget?lang=uk&theme=default
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
47155d5cf009c71c7b651e696e5023767b4ab8a13b3a716b8f18ccc08fe13488
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://www.ukr.net/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-type
text/html; charset=UTF-8
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Tue, 05 Dec 2023 06:57:56 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-frame-options
ALLOW-FROM https://www.ukr.net/
x-upstream
4210.10.20.48:5080
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-length
0
content-security-policy
default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: blob: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Tue, 05 Dec 2023 06:57:56 GMT
location
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
server
nginx
5ysrIfrF92
go.rcvlink.com/ifr/ Frame 9214 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Tue, 05 Dec 2023 06:57:56 GMT
etag
W/"63c6f377-3b12"
expires
Wed, 06 Dec 2023 06:57:56 GMT
last-modified
Tue, 17 Jan 2023 19:13:59 GMT
server
nginx
v2
a4p.adpartner.pro/jsunit/jsonp/ 		300 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery300026245750103635657_1701759476633&_=1701759476634
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
d87e5c678ee913c6729c07135f98835f36dd22174f4a0f71172b690b91297acc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show_json/ukrnet/ 		525 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery300026245750103635657_1701759476635&_=1701759476636
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 Fresnes, France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
1a9e4383cb7bb63aac4dfb4f89e9b838df79144cb1f16ee80aa9b751758cf449
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
strict-transport-security
max-age=15768000, max-age=15768000
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
content-type
text/html; charset=utf-8
ukrnet2.js
trafmag.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafmag.com/ukrnet2.js?callback=jQuery300026245750103635657_1701759476637&_=1701759476638
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
5a476d550586b4638bceb8b7c3dbad3ac4c35ec68b7dbee0f586f1bdf61b7ac2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
application/json; charset=utf-8
date
Tue, 05 Dec 2023 06:57:56 GMT
server
nginx
x-frame-options
SAMEORIGIN
p3p
CP="NON DSP COR CURa TIA"
cnt.php
counter.ukr.net/c5/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/c5/cnt.php?rand=0.7379291008933657&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Tue, 05 Dec 2023 06:57:55 GMT
cnt.php
counter.ukr.net/aid/portal/ 		312 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/aid/portal/cnt.php?rand=0.21903846030563678&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
34b0f57cd7c006ad946f6ca99b64b210d7a530aa1e8131e54dcc023b39096489

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:56 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Tue, 05 Dec 2023 06:57:55 GMT
cnt.php
counter.ukr.net/lid/329/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/lid/329/cnt.php?rand=0.10870428345200733&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Tue, 05 Dec 2023 06:57:55 GMT
start.json
www.ukr.net/ajax/ 		43 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/ajax/start.json
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b0a7:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
2991242b89a97b10a60cad81650fd80fa972a0e9cb7db8a48f8c0f6462a9cebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
hbw_master_742228_17438.js
player.adtelligent.com/prebidlink/BNkAp/ 		174 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/BNkAp/hbw_master_742228_17438.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/472710/wrapper_hb_742228_17438.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a77ef35dc75fe0dc49333b228c888a75ca777d8999a8862f35469fffddb2a9c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Wed, 06 Dec 2023 06:57:56 GMT
date
Tue, 05 Dec 2023 06:57:56 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 16:38:25 GMT
server
nginx
etag
W/"656e0081-2b746"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
ukr.net.1516503.es6.js
jsc.mgid.com/u/k/ 		315 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/u/k/ukr.net.1516503.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516503.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dcffa40d30dcc6299163c843fcc850bc047c8125836c2fa9bb3ba468a548261
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.ukr.net/
Origin
https://www.ukr.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
x-amz-version-id
z3n9fp737.MOItozbTb.6DgqCMP.HyRH
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
M2ZPCKVFJ8C8GDJJ
age
7031
cf-polished
origSize=322379
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LEW4usc4x6ppWp4H663B17QUG2tOxDBsrtDDfJxRmWPNwCkN1ttTuahINMXi9AwnBUn1ilO4/xk=
cf-bgj
minify
last-modified
Mon, 27 Nov 2023 14:17:31 GMT
server
cloudflare
etag
W/"a10fe90449f15d1d4fe4b6023d004679"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
830a65da5899dd5c-LHR
expires
Tue, 05 Dec 2023 09:57:56 GMT
hbp_master_742228_17438.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 		509 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/472710/hb_742228_17438.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c8fc9bc2bc960ec9a8f3f9ec4fbd9c565b06b46d9c52b6df7fbd14c6fb6f38a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Wed, 06 Dec 2023 06:57:56 GMT
date
Tue, 05 Dec 2023 06:57:56 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 11:06:19 GMT
server
nginx
etag
W/"6569be2b-7f3ff"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
cnt.php
counter.ukr.net/advert/adv/portal/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.21903846030563678&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.21903846030563678&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Tue, 05 Dec 2023 06:57:55 GMT
1701759476842.html
www.ukr.net/view/main/101368076,1281,619,155,97,122,371,86,38,61,219,15,9,63,157,5,49,69,33,29,9,29,2,19,2,33,42,1,6,10,32,5,2,1,13,7,2,2,15,1,33,4,3,21,7,24,23,14,9,4,3,4,6,13,1,3,1,1,2,2,2,1,4,2,... 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/view/main/101368076,1281,619,155,97,122,371,86,38,61,219,15,9,63,157,5,49,69,33,29,9,29,2,19,2,33,42,1,6,10,32,5,2,1,13,7,2,2,15,1,33,4,3,21,7,24,23,14,9,4,3,4,6,13,1,3,1,1,2,2,2,1,4,2,2,1,1,1,8,4,3,5,1,7,8,4,1,1,2,1,8,7,8,2,2,12,1,7,6,3,19,1,2/1701759476842.html
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b0a7:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
last-modified
Wed, 12 Jun 2013 11:52:20 GMT
server
nginx
etag
"51b860f4-0"
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
text/plain
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
top_links.png
upst.fwdcdn.com/img/1699382510/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/1699382510/top_links.png
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1699382510/top_links.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
a9930bf724039651faa40a19099715d7aca11ccd98c8bfc4b63f255465c9366e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/1699382510/top_links.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:24:34 GMT
via
1.1 google
last-modified
Tue, 07 Nov 2023 18:43:03 GMT
server
nginx
age
480802
etag
"654a8537-bc9"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3017
icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 		395 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:48:54 GMT
via
1.1 google
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
nginx
age
119342
etag
"6076e064-18b"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
395
icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 		461 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:26:40 GMT
via
1.1 google
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
nginx
age
480676
etag
"6076e064-1cd"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
461
dot.svg
upst.fwdcdn.com/img/portal/main/ 		650 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:29:09 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
nginx
age
372527
etag
"637656b5-18e"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
arrow.svg
upst.fwdcdn.com/img/portal/main/ 		233 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:01:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
nginx
age
467771
etag
"637656b5-bc"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188
pinformer4.php
pinformer.sinoptik.ua/ Frame 6A96 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
6561500c649236328b9152352b37fee33955520b17bbd4a86bb296f70bea3d32

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=300, must-revalidate, proxy-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Tue, 05 Dec 2023 06:58:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
1
go.rcvlink.com/cs/1/ Frame 9214 		31 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d186a1523110b8b4f9fb7f42398d82d169a55e51eeda6474fe7a17ceea2e4df7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Dec 2023 06:57:56 GMT
cache-control
private, max-age=63115200
content-encoding
gzip
content-type
text/javascript;charset=utf-8
server
nginx
expires
Thu, 04 Dec 2025 20:57:56 +0200
js
www.googletagmanager.com/gtag/ 		257 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bbf08f9d9b284aa6386fd40e1de697afe21768e417267b9a26d025daff7f6fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89312
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 06:57:56 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
32250
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138259
x-xss-protection
0
server
cafe
etag
16445146976575771301
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:00:26 GMT
/
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 9214 		0
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=tJra6dPUvmnz&ver=230117-2113&w=200&h=0&vw=200&ms=60.0&me=0&ref=&
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2023 06:57:56 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type
application/javascript;charset=utf-8
hn
b12
cache-control
no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin
*
expires
Tue, 05 Dec 2023 08:57:56 +0200
/
go.rcvlink.com/err/ Frame 9214 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/err/?code=5ysrIfrF92&ver=230117-2113&ms=129&text=!responseText&ref=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx / PHP/7.4.33
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

hn
m1
date
Tue, 05 Dec 2023 06:57:57 GMT
cache-control
no-store
server
nginx
x-powered-by
PHP/7.4.33
content-type
image/gif
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je3bt0v883298851z89116117974&_p=1701759476352&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=885425914.1701759477&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701759477&sct=1&seg=0&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1162
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-75WQ2FHNW7&cid=885425914.1701759477&gtm=45je3bt0v883298851z89116117974&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-75WQ2FHNW7&cid=885425914.1701759477&gtm=45je3bt0v883298851z89116117974&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=490012482
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame 6A96 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 13:04:12 GMT
server
nginx
etag
W/"5f620d4c-2deb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Thu, 04 Jan 2024 06:57:57 GMT
swPortal4.js
pinformer.sinoptik.ua/js/15/ Frame 6A96 		115 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 14:54:44 GMT
server
nginx
etag
W/"5f622734-1cc1f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000, public
expires
Thu, 04 Jan 2024 06:57:57 GMT
t.gif
pinformer.sinoptik.ua/img/ Frame 6A96 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/t.gif
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
last-modified
Thu, 23 Oct 2014 10:32:30 GMT
server
nginx
etag
"5448d93e-2b"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
43
expires
Thu, 04 Jan 2024 06:57:57 GMT
3_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 6A96 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/3_0.jpg
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
a15812db7980e3cb5e90fc985dfc1ffd9f2eab6cddc7f16460fde5cf074ae0eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-601"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1537
expires
Thu, 04 Jan 2024 06:57:57 GMT
/
www.ukr.net/sinoptik/102950159/ Frame 6A96 		0
20 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/sinoptik/102950159/
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1701759476663
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b0a7:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
via
1.1 google
last-modified
Tue, 5 Dec 2023 06:57:57 UTC
server
nginx
etag
"51b98b6a-0"
content-type
application/x-javascript
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 5 Dec 2023 06:57:57 UTC
43eeeb8b-4181-4eb8-a91f-9cfe18a06b9d
https://www.ukr.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ukr.net/43eeeb8b-4181-4eb8-a91f-9cfe18a06b9d
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
97e2e7be-003c-49a9-a043-0e7b3be34fec
https://www.ukr.net/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ukr.net/97e2e7be-003c-49a9-a043-0e7b3be34fec
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
c.mgid.com/pv/ 		43 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.ukr.net%2F&cbuster=1701759477082852107612&pvid=18c38c4e55a8ddfed5b&implVersion=11&cxurl=https%3A%2F%2Fwww.ukr.net%2Fua%2F&site=422574&i=1&scum=%3F0&scuw=%3F0
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
830a65dbf89a7759-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
csp-blocked
accounts.ukr.net/ Frame 371E 		2 B
99 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/csp-blocked
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers

x-upstream
42, 42127.0.0.1:8082
date
Tue, 05 Dec 2023 06:57:57 GMT
server
nginx
content-length
2
content-type
text/html
bundle.css
accounts.ukr.net/widget/login/css/ Frame 371E 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/css/bundle.css?ea3ffcbf
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 10:48:29 GMT
server
nginx
etag
W/"652e667d-2c24"
content-type
text/css
x-upstream
4210.10.20.37:5080
cache-control
max-age=1209600
expires
Tue, 19 Dec 2023 06:57:57 GMT
bundle.js
accounts.ukr.net/widget/login/js/ Frame 371E 		161 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/bundle.js?5e2fe3dc
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
5af68897381a7032cf348dad66f968ee8fce88d456fd8d881229ea7c46a08f95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 10:48:29 GMT
server
nginx
etag
W/"652e667d-28501"
content-type
application/javascript
x-upstream
4210.10.20.48:5080
cache-control
max-age=1209600
expires
Tue, 19 Dec 2023 06:57:57 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Dec 2023 06:57:57 GMT
/
sghb.adtelligent.com/geo/ 		134 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/BNkAp/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6c8b8006ff7b3d1d381eb255bd490ab7c620fb42c5d8fd4204761d6dab15f973

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:56 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
134
tracking
sghb.adtelligent.com/adunit/ 		43 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=742228&site_id=17438&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=rznkb3.6z&features=81952&vpbv=N214&lifecycle_tte=1241
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/BNkAp/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:56 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
config.json
player.adtelligent.com/exchange_rates/742150/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/742150/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e4eb542de3aacb807d6311234bee92c7eb8545741ce0303aebc6d82dadceea8c

Request headers

Referer
https://www.ukr.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 06 Dec 2023 06:57:57 GMT
date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 12:01:42 GMT
server
nginx
etag
W/"65648526-8b2"
content-type
application/json
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=86400
x-proxy-cache
HIT
ads
securepubads.g.doubleclick.net/gampad/ 		94 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2133695973920807&correlator=368627929594476&eid=31079957%2C31079791%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_brend_resize%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C120x600%7C160x600%2C300x145%7C300x175&ifi=1&sfv=1-0-40&fsfs=0%2C1&fsbs=1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701759477175&lmt=1701759428&adxs=130%2C995&adys=89%2C446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&psz=1600x4910%7C300x145&msz=160x-1%7C300x145&fws=512%2C512&ohw=0%2C0&ga_vid=885425914.1701759477&ga_sid=1701759477&ga_hid=168586644&ga_fc=true&dlt=1701759476334&idt=788&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=3371586687%2C216364347&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc4f13e3ada6d878e608e4eda53a8c16e8f58834526baaa90d464d430bac6325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26740
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 250E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Wed, 04 Dec 2024 06:57:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runtime.js
upst.fwdcdn.com/js/ Frame 6A96 		408 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/runtime.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
da8a77bbd22c94c51ab51e4f0b6db120408fd529e8b6ea936e28281dedc1c6e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:45:32 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 02 Oct 2023 08:58:01 GMT
server
nginx
age
1840345
etag
"651a8619-1e6ea"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124650
ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 6A96 		149 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-95"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
149
expires
Thu, 04 Jan 2024 06:57:57 GMT
term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 6A96 		389 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-185"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
389
expires
Thu, 04 Jan 2024 06:57:57 GMT
s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 6A96 		185 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-b9"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
185
expires
Thu, 04 Jan 2024 06:57:57 GMT
24d866ca-5026-4187-bbb3-6abe0a31928b
https://www.ukr.net/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.ukr.net/24d866ca-5026-4187-bbb3-6abe0a31928b
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
https://www.ukr.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
FT3B2YNDBGENVSWC
age
3486
alt-svc
h3=":443"; ma=86400
x-amz-id-2
T5sPcjZtf+bDh6XdJmp7hMMaIrle5xKb9BwVfmaNkAxai8X9iK4oKQPncfqBkIMJTmPLzS6Pbg2Yz9at9uMFJU2Q4p1mhW6T9hRl6tH5ghk=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
830a65dcb9837759-LHR
expires
Wed, 06 Dec 2023 06:57:57 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YQB9E0XZ4AF5YHE7
age
1401
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
830a65dcb9857759-LHR
expires
Wed, 06 Dec 2023 06:57:57 GMT
workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 371E 		58 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?64280814ffe96cfa63b8
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 10:48:29 GMT
server
nginx
etag
W/"652e667d-e602"
content-type
application/javascript
x-upstream
4210.10.20.37:5080
cache-control
max-age=1209600
expires
Tue, 19 Dec 2023 06:57:57 GMT
1
servicer.mgid.com/1516503/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1516503/1?mp4=1&ap=1&w=300&h=51&wrongImageSize=1&sz=280x31&szp=1&szl=1&cols=1&sessionId=656ec9f5-11723&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fwww.ukr.net%2F&cbuster=1701759477261369642270&pvid=18c38c4e55a8ddfed5b&implVersion=11&cxurl=https%3A%2F%2Fwww.ukr.net%2Fua%2F&scum=%3F0&scuw=%3F0&uniqId=15720&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&tfre=864
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516503.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8c28eda5cfc79ef7c0a1cac11a9dd69eb9ab6d933baa39ac2492a73f64bfe5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
830a65dd09e87759-LHR
alt-svc
h3=":443"; ma=86400
acquire
accounts.ukr.net/api/v1/token/verification/ Frame 371E 		27 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?5e2fe3dc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

x-upstream
4210.10.20.37:5080
date
Tue, 05 Dec 2023 06:57:57 GMT
server
nginx
content-length
27
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		105 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2133695973920807&correlator=3948566459246902&eid=31079957%2C31079791%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107%7C300x600%2C300x145%7C300x250%7C300x400%2C300x600%7C300x250%7C300x400&ifi=3&sfv=1-0-40&fsfs=1%2C1%2C1&fsbs=1%2C1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701759477303&lmt=1701759428&adxs=995%2C995%2C995&adys=196%2C1123%2C2145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&psz=300x250%7C300x250%7C300x0&msz=300x107%7C300x145%7C300x0&fws=512%2C512%2C0&ohw=0%2C0%2C0&ga_vid=885425914.1701759477&ga_sid=1701759477&ga_hid=168586644&ga_fc=true&dlt=1701759476334&idt=788&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1428656525414-0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1544528258762-0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1544528657150-0%26excl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=2774844501%2C3317177319%2C3449700283&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd4c7bf340db270ba2c99bf7daf5c725b2bf110e3cd28c0863326336320f43a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28012
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csyncs
sghb.adtelligent.com/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/csyncs?aid1=463288&aid2=812819&aid3=852559&gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/BNkAp/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
fc5d7c001f82e9fce9c615abcda38a61f3bbd2553609f923515659b31dc5e68f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:56 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
956
/
ads.us.e-planning.net/uspd/1/ Frame 47D5
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26p...
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D85255...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/BNkAp/hbw_master_742228_17438.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
53eb3dc82e8b9acffe1290f0805da70cb0c69b58dd71ea191011224ced01bb48

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Tue, 05 Dec 2023 06:57:57 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 05 Dec 2023 06:57:57 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
csync
sync.adtelligent.com/ Frame 213C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/BNkAp/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 05 Dec 2023 06:57:57 GMT
Etag
30752ccc17f974e8
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Tue, 05 Dec 2023 06:57:57 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=750708&a=754412&gdpr=0&gdpr_source=&gdpr_consent=
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
/
ssc-cms.33across.com/ps/ Frame 7AFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D488210%26a%3D304056%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/BNkAp/hbw_master_742228_17438.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 05 Dec 2023 06:57:56 GMT
server
33XP005
x-33x-status
2000208
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=30752ccc17f974e8
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 05 Dec 2023 06:57:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sync
cookies.nextmillmedia.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEA0%26sp%3D463288%26pb%3D283366%26c%3D719582%26a%3D722242%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.187.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-187-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEA0%26sp%3...
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3725f268-1b80-4cfc-8bc5-d7229c70fdb9&traffic_source=snippet&session=1F9CBCA66249EEA0&sp=463288&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3725f268-1b80-4cfc-8bc5-d7229c70fdb9&traffic_source=snippet&session=1F9CBCA66249EEA0&sp=463288&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:57 GMT
Server
Adtelligent
Etag
30752ccc17f974e8
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3725f268-1b80-4cfc-8bc5-d7229c70fdb9&traffic_source=snippet&session=1F9CBCA66249EEA0&sp=463288&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
date
Tue, 05 Dec 2023 06:57:57 GMT
cache-control
no-store no-transform
server
nginx
content-length
322
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEA0%26sp%3D463288%26pb%3D283366%26c%3D675886%26a%3D310570%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Dec 2023 06:57:57 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEAD%26sp%3...
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=67b8ba9b-9593-4c83-bf91-28a9f671006b&traffic_source=snippet&session=1F9CBCA66249EEAD&sp=812819&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=67b8ba9b-9593-4c83-bf91-28a9f671006b&traffic_source=snippet&session=1F9CBCA66249EEAD&sp=812819&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:57 GMT
Server
Adtelligent
Etag
30752ccc17f974e8
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=67b8ba9b-9593-4c83-bf91-28a9f671006b&traffic_source=snippet&session=1F9CBCA66249EEAD&sp=812819&pb=283366&c=628863&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
date
Tue, 05 Dec 2023 06:57:57 GMT
cache-control
no-store no-transform
server
nginx
content-length
322
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEAD%26sp%3D812819%26pb%3D283366%26c%3D675886%26a%3D310570%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Dec 2023 06:57:57 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
cookies.nextmillmedia.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEAD%26sp%3D812819%26pb%3D283366%26c%3D719582%26a%3D722242%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.187.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-187-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
csync
sync.adtelligent.com/
Redirect Chain
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26traffic_source%3Dsnippet%26sessio...
  • https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=d2ded5aa-531c-46ec-9fd7-d3ba60f71927&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=746141&a=753378&gdpr=0&gdpr_source...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=d2ded5aa-531c-46ec-9fd7-d3ba60f71927&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=746141&a=753378&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:57 GMT
Server
Adtelligent
Etag
30752ccc17f974e8
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:57 GMT
Transfer-Encoding
chunked
Location
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=d2ded5aa-531c-46ec-9fd7-d3ba60f71927&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=746141&a=753378&gdpr=0&gdpr_source=&gdpr_consent=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484067%26a%3D310570%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Dec 2023 06:57:57 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D1F9CB...
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=212101622280528343&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=529070&a=297253&gdpr=0&gdpr_source=&gdpr_consent=
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=212101622280528343&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=529070&a=297253&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:57 GMT
Server
Adtelligent
Etag
30752ccc17f974e8
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
an-x-request-uuid
dbd72896-4311-446b-ba96-f6f1d3c7968a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=212101622280528343&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=529070&a=297253&gdpr=0&gdpr_source=&gdpr_consent=
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D751004%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D1F9CB...
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=8822236028279171789&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=736651&a=751004&gdpr=0&gdpr_source=&gdpr_consent=
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=8822236028279171789&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=736651&a=751004&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:57 GMT
Server
Adtelligent
Etag
30752ccc17f974e8
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
an-x-request-uuid
9c1c42d7-0ca1-4fe6-bc23-0b1a95d718cc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=8822236028279171789&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=736651&a=751004&gdpr=0&gdpr_source=&gdpr_consent=
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3...
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ac55e2a9-67b7-45f2-b604-0c5236f8274f&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=603469&a=307558&gdpr=0&gdpr_source...
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ac55e2a9-67b7-45f2-b604-0c5236f8274f&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=603469&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:57 GMT
Server
Adtelligent
Etag
30752ccc17f974e8
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ac55e2a9-67b7-45f2-b604-0c5236f8274f&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=603469&a=307558&gdpr=0&gdpr_source=&gdpr_consent=
date
Tue, 05 Dec 2023 06:57:57 GMT
cache-control
no-store no-transform
server
nginx
content-length
322
content-type
text/html; charset=utf-8
sync
vid.vidoomy.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D632122%26a%3D556847%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID%2526traffic_source%253Dsnippet%2526session%253D1F9CB...
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5006077730567657017&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=635609&a=584890&gdpr=0&gdpr_source=&gdpr_consent=
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5006077730567657017&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=635609&a=584890&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:57 GMT
Server
Adtelligent
Etag
30752ccc17f974e8
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
an-x-request-uuid
5fcae451-09fd-413d-8978-cd9e4864efe2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5006077730567657017&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=635609&a=584890&gdpr=0&gdpr_source=&gdpr_consent=
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
html5objects.js
upst.fwdcdn.com/js/ Frame 6A96 		555 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/html5objects.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 14:41:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 17 Nov 2022 15:43:48 GMT
server
nginx
age
58579
etag
"637656b4-21ee1"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138977
syncframe
gum.criteo.com/ Frame 0B91 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:56 GMT
server
Kestrel
server-processing-duration-in-ticks
304281
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvMzY2OTA0LzRmMmU3Y...
s-img.mgid.com/g/17928732/140x140/-/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17928732/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvMzY2OTA0LzRmMmU3YjYwNWE1ZTM2NzI1ZmYxYzUyOTMzOTk1NzVjLnBuZw.webp?v=1701759477-hSwjM1-pBExD5JmTIBJlTFWyn4KKxEdwuvPfphuiN30
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc77fc27332a12d5e7a5f908a36c1c75c996306b2a3e84a6ca07a4de8725de6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.ukr.net/
Origin
https://www.ukr.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 20:08:02 GMT
x-mg-request-uuid
c310789b-7d1d-4046-afbf-82e7dd0a20cc
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
830a65df7f1c3dac-LHR
content-length
2810
alt-svc
h3=":443"; ma=86400
i.js
cm.mgid.com/ 		0
104 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?cbuster=1701759477385955696564
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516503.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
830a65dfebf37759-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516503.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
XYN85D9B8GP7718F
age
416
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
830a65e07fb86442-LHR
x-amz-id-2
e7jSTldiuEMe5YkP/dqcN4XvYGobMiM8xXZNNuhY8nY6CgAHfd9C46ZQcaKlll19ZrCiQ73/Cz8=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516503.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=97932
accept-ranges
bytes
content-length
63913
expires
Wed, 06 Dec 2023 10:10:09 GMT
truncated
/ Frame 6A96 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d755bf5e913048783ea51c777d7fcfeb453a65001b14e2055d7766c28ebae73

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6A96 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/jpeg
sid
mug.criteo.com/ Frame 0B91
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=rtuNsHxKRE9UNzNUNVZoVTBIZ05CVFEvS3gwb1ArVW5WbitxMTRwT201RDJPUXcreWNKZ3VkeUdUaGJFUnhCTjdzNVRxVUtwL29UZG50NVRkYm9na1E3QVQ3VTZ0MjhTcnpOR3lSN0ZIaGNha3ZvemN6QXVYT1ZabmxLcU...
430 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rtuNsHxKRE9UNzNUNVZoVTBIZ05CVFEvS3gwb1ArVW5WbitxMTRwT201RDJPUXcreWNKZ3VkeUdUaGJFUnhCTjdzNVRxVUtwL29UZG50NVRkYm9na1E3QVQ3VTZ0MjhTcnpOR3lSN0ZIaGNha3ZvemN6QXVYT1ZabmxLcU13L0JkaG5jSWVtL1JGSThIUXlzNnFhbkxwd1hlZmp6VmxhQkJjQmpRdDcya0dESXNlZnVUb1hWR2VrY0FiS3ZLbmpma0hNa0lsN0s2TUZ2a1JLeWRmTW0wVkpUMmVlQWhBTDdlVDI4ckhJN1FmcHY0cHFrelZrN2dDNE1JamZTNnhvdG1XVEtvaENuczhMdmVXOXpsTWt2Uks0dkZCQT09fA&cppv=2
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c5c2f9ac6784afb4ce0f878acbe367b8f372088325d9db185d27adc6786c71c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1889647
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=rtuNsHxKRE9UNzNUNVZoVTBIZ05CVFEvS3gwb1ArVW5WbitxMTRwT201RDJPUXcreWNKZ3VkeUdUaGJFUnhCTjdzNVRxVUtwL29UZG50NVRkYm9na1E3QVQ3VTZ0MjhTcnpOR3lSN0ZIaGNha3ZvemN6QXVYT1ZabmxLcU13L0JkaG5jSWVtL1JGSThIUXlzNnFhbkxwd1hlZmp6VmxhQkJjQmpRdDcya0dESXNlZnVUb1hWR2VrY0FiS3ZLbmpma0hNa0lsN0s2TUZ2a1JLeWRmTW0wVkpUMmVlQWhBTDdlVDI4ckhJN1FmcHY0cHFrelZrN2dDNE1JamZTNnhvdG1XVEtvaENuczhMdmVXOXpsTWt2Uks0dkZCQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
311333
content-length
0
expires
0
pbs.gif
sync.admanmedia.com/ Frame 47D5 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D126bd6bdc617e589%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.26 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:58:00 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 47D5 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 03 Dec 2028 06:57:57 GMT
um
u-ams03.e-planning.net/ Frame 47D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D126bd6bdc617e589%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=126bd6bdc617e589&uid=212101622280528343
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=126bd6bdc617e589&uid=212101622280528343
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server
openresty
date
Tue, 05 Dec 2023 06:57:57 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
an-x-request-uuid
8a089efc-1b87-491f-adae-e117616af94d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=126bd6bdc617e589&uid=212101622280528343
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 47D5
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D126bd6bdc617e589%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=126bd6bdc617e589&uid=ua-2b7dc4f4-cff2-3965-b94a-31d2e615c35b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=126bd6bdc617e589&uid=ua-2b7dc4f4-cff2-3965-b94a-31d2e615c35b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server
openresty
date
Tue, 05 Dec 2023 06:57:57 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=126bd6bdc617e589&uid=ua-2b7dc4f4-cff2-3965-b94a-31d2e615c35b
pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/universal/ Frame 47D5 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.247.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-247-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
us
sync.go.sonobi.com/ Frame 47D5 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D126bd6bdc617e589%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-58
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 47D5 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D126bd6bdc617e589%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 47D5
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=126bd6bdc617e589
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=126bd6bdc617e589
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=126bd6bdc617e589
date
Tue, 05 Dec 2023 06:57:57 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 47D5 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.184.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-184-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7B98 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D126bd6bdc617e589%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27272
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Tue, 05 Dec 2023 14:32:29 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E51B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Dec 2023 06:57:57 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 05 Dec 2023 06:57:57 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 41DB
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
2 KB
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2006912c5dc591deaefe84b76a6acfb2ab76ce59dd008ca3884a1a541efe9c

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
830a65e03d08386e-LHR
content-encoding
br
content-type
text/html
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLtU28mMe%2BrD42B8y69XAEsEklvYt8rPSKOeuavG0ozFfcJSo1JmItjEzVJlo%2Fj9St%2Ffz8FZEhO%2BZMjL%2BtBH1M01%2B10GQe3jF84xvvChCXsHu%2Bk%2Byv1cw1yDDG0vKusR56dsgKzT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
830a65dfcc8f386e-LHR
content-length
0
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1KvU1pOUbVXMhfROmLsCDKB2LJ%2FAtl0ntUATBKe5%2BOltjImhlmuHLU0hd5HJVYHPmtuj7GWzvcz3e%2BOL9ucxTvJO9B%2BJu2JF%2Br1cP651xKbpIwZXuVBSRvB0qjohQNpBQnAsjku"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1491 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 3702 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7722d0083512372bbb403ffe51878be59b0f31a411eac8987a040c342e77be03
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
830a65dfc842651e-LHR
content-encoding
br
content-type
text/html
date
Tue, 05 Dec 2023 06:57:57 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?u=58898c5801e26893&d=www.ukr.net
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Dec 2023 06:57:57 GMT
server
openresty
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 47D5 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-95.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 04:39:04 GMT
content-encoding
gzip
via
1.1 f11ab4f93d35c4b95d55e40354b7ca2a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P3
age
8334
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
6oS-voBJQOLSyVAHgYY8EegBO3T60EbcNoN9oOeMPDcKui2LCY8W3g==
15581
rtb.gumgum.com/usync/ Frame 4A10 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.12.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-12-121.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a30e28b0526a840a98dee23f6f814183f52936735510f5dc2fd2315e0e82e0d7

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 05 Dec 2023 06:57:57 GMT
etag
W/"010c61fd9fefdf1af4e4cfa6859661eb9"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 92BC 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 05 Dec 2023 06:57:57 GMT
csync
sync.adtelligent.com/ Frame EB51 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AL5QCVu2ZelodPcC&traffic_source=snippet&session=1F9CBCA66249EEB1&sp=852559&pb=753264&c=484122&a=307971&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1F9CBCA66249EEB1%26sp%3D852559%26pb%3D753264%26c%3D484122%26a%3D307971%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 05 Dec 2023 06:57:57 GMT
Etag
30752ccc17f974e8
Server
Adtelligent
getuid
ib.adnxs.com/ Frame 3702 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 3702 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=dc79552a-3106-4c21-8f4e-f0aebc121327&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=dc79552a-3106-4c21-8f4e-f0aebc121327&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e1ba32651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=dc79552a-3106-4c21-8f4e-f0aebc121327&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 3702 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3702 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 3702 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 05 Dec 2023 06:57:57 GMT
via
1.1 varnish
x-served-by
cache-lcy-eglc8600064-LCY
server
nginx
x-timer
S1701759478.885912,VS0,VE9
x-fastly-to-nlb-rtt
8087
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 3702 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f601:31be:eaee:1d8c:9fe8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
X-Fw-Request-Id
umeb608_1701759478855650358
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3702 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 05 Dec 2023 06:57:57 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 3702 		0
0
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=627626f4-46d4-4e40-52ac-b2d96cd1456a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=627626f4-46d4-4e40-52ac-b2d96cd1456a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=24281732729008460640661513992818066364&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-...
95 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=24281732729008460640661513992818066364&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e1ba2c651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

dcs
dcs-prod-irl1-1-v054-0e377c1af.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
KYtqxbZATKo=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://mwzeom.zeotap.com/mw?cid=24281732729008460640661513992818066364&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 3702 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame 3702 		0
0
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7309001303669667994&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7309001303669667994&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e24ac6651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7309001303669667994&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Date
Tue, 05 Dec 2023 06:57:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 3702
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=627626f4-46d4-4e40-52ac-b2d96cd1456a
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=627626f4-46d4-4e40-52ac-b2d96cd1456a
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=627626f4-46d4-4e40-52ac-b2d96cd1456a
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 05 Dec 2023 06:57:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=627626f4-46d4-4e40-52ac-b2d96cd1456a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=MgWoHUBccRG1/mPpZp7RAO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4c...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=MgWoHUBccRG1/mPpZp7RAO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e2bb37651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
via
1.1 google
last-modified
Tue, 05 Dec 2023 06:57:58 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=MgWoHUBccRG1/mPpZp7RAO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 3702 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=627626f4-46d4-4e40-52ac-b2d96cd1456a&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=627626f4-46d4-4e40-52ac-b2d96cd1456a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e27aef651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
cache-control
no-cache
x-server
10.45.12.236
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-ToP4ejhE2oonSM4VZQMW3.RMT1E4y3K5ow--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-ToP4ejhE2oonSM4VZQMW3.RMT1E4y3K5ow--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e2eb62651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-ToP4ejhE2oonSM4VZQMW3.RMT1E4y3K5ow--~A&zpartnerid=570&env=mWeb
date
Tue, 05 Dec 2023 06:57:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CYSLYphnIs58HRp5woYelBkvFwG97Grs%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CYSLYphnIs58HRp5woYelBkvFwG97Grs%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e2bb2d651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CYSLYphnIs58HRp5woYelBkvFwG97Grs%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 3702 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 3702 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.88.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Tue, 05 Dec 2023 06:57:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1701759478
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 3702 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:52:01 GMT
x-powered-by
PHP/8.2.4
server
nginx
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZW7J9gAEnq1hdgBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZW7J9gAEnq1hdgBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e53d7e651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230138-FRA
pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1701759478.452119,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZW7J9gAEnq1hdgBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 3702
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-64009704...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.211.88.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-88-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Tue, 05 Dec 2023 06:57:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1701759478
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
date
Tue, 05 Dec 2023 06:57:58 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a010-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3702
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52a...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52a...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RD27J3PP5WVFRZY1934Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZBM9XHAMT27J4FBXSFD7
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 3702 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e46cd5651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
date
Tue, 05 Dec 2023 06:57:58 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 3702 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 3702 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D627626f4-46d4-4e40-52ac-b2d96cd1456a%26reqId%3Dc6652d38-915b-4ceb-5586-640097047983%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.184.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-184-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 3702 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e34bd7651e-LHR
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 3702
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=bCPtoTkvvfJ3IL73OCf2oDtzvvV3JO2lPCQ2YulH&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=627626f4-46d4-4e4...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=bCPtoTkvvfJ3IL73OCf2oDtzvvV3JO2lPCQ2YulH&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e4ad0c651e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=bCPtoTkvvfJ3IL73OCf2oDtzvvV3JO2lPCQ2YulH&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=627626f4-46d4-4e40-52ac-b2d96cd1456a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 3702 		557 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c7d4b42c92fe796b17bb31dd01a76a013739c5d1d3b1099a9006ca1be554377
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
830a65e038d1651e-LHR
access-control-allow-headers
*
container.html
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 558D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Wed, 04 Dec 2024 06:57:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA2B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Wed, 04 Dec 2024 06:57:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
casale
match.adsrvr.org/track/cmf/ Frame 41DB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 41DB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
40QY6Z3K9HJAJDW83CD3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E8657QEGP1CX4V47G3J2
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 41DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEH_pZW6YKlOZgm903UJv6io&google_cver=1
43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEH_pZW6YKlOZgm903UJv6io&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLK9q58xkDM0kyc2uydWODTHe4D5QD%2BJUuAi9BYn%2BTmkXalCU1TdRfCVgvjZpTiIeK5wr5rlvjQ3OVAL%2Fput4hhUNM6lNFiGlFkBMQg8nhFd5uVO%2FKrN8w67Px2RYm%2BVdQuaXMXKJO1Wrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e17e2f386e-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEH_pZW6YKlOZgm903UJv6io&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 41DB
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZW7J9ThIhiur-uDaCl5S8QAA%265167&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZW7J9ThIhiur-uDaCl5S8QAA%265167&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=9ab9c74e7475451d9349e484830ef3b1
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3029932789337987170
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=9ab9c74e-7475-451d-9349-e484830ef3b1
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=19c6f3cc-e475-4f34-8bb7-2c7b68904c44%3A1701759479.2894151&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D19c6f3cc-e475-4f34-8bb7-2c7b689...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527874726558&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D19c6f3cc-e475-4f34-8b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=19c6f3cc-e475-4f34-8bb7-2c7b68904c44%3A1701759479.2894151&_=1701759479.2913725
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=19c6f3cc-e475-4f34-8bb7-2c7b68904c44%3A1701759479.2894151&_=1701759479.2913725
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 05 Dec 2023 06:57:59 GMT
via
1.1 a54ec0c537d142d7248512cab0b896f8.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
DUS51-P3
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=19c6f3cc-e475-4f34-8bb7-2c7b68904c44%3A1701759479.2894151&_=1701759479.2913725
content-length
447
x-amz-cf-id
M1vjFVyOIJyRM2YVFd9dx3eLn1JNh-EKqfxe0u7oBOEAQgf82UgM2w==
crum
dsum-sec.casalemedia.com/ Frame 41DB
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f36211d445c0471890840fffc2163399&expiration=1704351477
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f36211d445c0471890840fffc2163399&expiration=1704351477
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwTH4Rl%2F7PENXudqyyW%2BdgN2lYl0r%2FdB555E9DwAaIEs3oMLeOb4JMQdaBMcJEYcxe2mnwQp44Fufl1qi6f%2B62NCQ3xm3rIO4OVfQPSRVay0RlOdLaT6m0fkaGkFa1S2A017JYgyABHYwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e1de78386e-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f36211d445c0471890840fffc2163399&expiration=1704351477
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 41DB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3029932789337987170
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3029932789337987170
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2X0u0Ipwx9PGKuQlg2ztuGQpUMa9L708EWVjcrJswdBn09ezOAqJAKjXVIAYTpB7vjrzNT5Qf0pzoCrsdNb9XR6Sp6Y36YjW5AB3GLCRw7g3ytgKHljN2RvB9ef9jOltrqICvV2Z6ORHHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e3bdd324ef-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3029932789337987170
pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 41DB
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=ebf4d20a-8e95-4ae8-b4c7-ef993447c3a4
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=ebf4d20a-8e95-4ae8-b4c7-ef993447c3a4
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2B%2BnP5a%2Fc5WEANeu9IBqp2tITaI5OOJh1CNHJwTFp6ORkbxpeKWvi4fLjnlQtbdtYCihWcN1tWgxdSOgRzKeo49r3DG0JdaWnLidsCKiNdXdPf3D%2F%2FKOAAoO%2FhkotL0RfsbOeqVCzEBnvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e1de77386e-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=ebf4d20a-8e95-4ae8-b4c7-ef993447c3a4
date
Tue, 05 Dec 2023 06:57:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
sync
ups.analytics.yahoo.com/ups/55940/ Frame 41DB 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZW7J9ThIhiur_uDaCl5S8QAAFC8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
u-ams03.e-planning.net/ Frame 41DB 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=126bd6bdc617e589&uid=ZW7J9ThIhiur-uDaCl5S8QAA%265167
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D126bd6bdc617e589%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server
openresty
date
Tue, 05 Dec 2023 06:57:57 GMT
content-type
image/gif
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 558D 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Dec 2023 22:38:15 GMT
age
29983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Dec 2024 22:38:15 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 558D 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 02 Dec 2023 08:33:14 GMT
age
253484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 01 Dec 2024 08:33:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 558D 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Dec 2023 13:32:53 GMT
age
62705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Dec 2024 13:32:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 558D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 01 Dec 2023 12:23:49 GMT
age
326049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Nov 2024 12:23:49 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 558D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Dec 2023 22:38:15 GMT
age
29983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Dec 2024 22:38:15 GMT
css
fonts.googleapis.com/ Frame 558D 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 05:52:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 06:57:58 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 558D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 23:27:09 GMT
x-content-type-options
nosniff
server
cafe
age
27049
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3073
x-xss-protection
0
expires
Tue, 05 Dec 2023 23:27:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 558D 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 21:48:36 GMT
x-content-type-options
nosniff
server
cafe
age
32962
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 05 Dec 2023 21:48:36 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AB36 		624 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNWIrXus59O25OSyi7VTlytT6HcjWPCm6xQAbOo54JfOQKWsTjxgkfZaUTx9HP4ZYHwQAY2qALg1xpzM__2mD0xAEIpUkQZECteH_IOPnd0p3krOR2-0KBtAyUYBoT8drYLqfU2KrlJmTwnmo8R8gQQrIIm__6vSbNJi-oDqJ5bRr_MbYto
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:58 GMT
expires
Tue, 05 Dec 2023 06:57:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 79F4 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 06:57:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 79F4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
32251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 79F4 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
42982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:01:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 79F4 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 06:57:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 79F4 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-7afnwwjmGuqB59vjVJ7pEUnwD1EowppThFr6sTmoCeB8rGlXlycjk9wQTYu9ZR2xyJAHa3Nx-SXd4nShR_7v1phNjI3VpVjrLLlxEwPpSXAHmIM
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7B98 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17613315&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame 4A10
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5006077730567657017
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5006077730567657017
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:57 GMT
an-x-request-uuid
a360ceeb-4dbf-4819-beb7-2f070e3902e4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5006077730567657017
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 4A10
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_8949e081-3ff3-4f32-83cb-9e1e8549f9a1&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_8949e081-3ff3-4f32-83cb-9e1e8549f9a1&gdpr=&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=da18f873-e89f-4800-b211-575f6ba50b33&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=da18f873-e89f-4800-b211-575f6ba50b33
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=da18f873-e89f-4800-b211-575f6ba50b33
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Server
52.29.184.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-184-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=da18f873-e89f-4800-b211-575f6ba50b33
date
Tue, 05 Dec 2023 06:57:58 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 4A10 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4A10
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-aa5024c1-3ac0-5b98-4a2d-0f791f16ed50$ip$82.199.130.37
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-aa5024c1-3ac0-5b98-4a2d-0f791f16ed50$ip$82.199.130.37
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-aa5024c1-3ac0-5b98-4a2d-0f791f16ed50$ip$82.199.130.37
Date
Tue, 05 Dec 2023 06:57:58 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 4A10 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:357b:9971:3f66:201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 4A10
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=dd400ebc-381b-4958-a273-06cf4e7b822d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=dd400ebc-381b-4958-a273-06cf4e7b822d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=dd400ebc-381b-4958-a273-06cf4e7b822d
Date
Tue, 05 Dec 2023 06:57:58 GMT
Connection
keep-alive
X-CI-RTID
22f80022-da9a-4cc3-9199-4b4f98bbb38d
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 4A10 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 4A10
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_8949e081-3ff3-4f32-83cb-9e1e8549f9a1&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4A10
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=WJhQ3A7J6t2D&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=WJhQ3A7J6t2D&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 05 Dec 2023 06:57:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-GB
location
https://usersync.gumgum.com/usersync?b=pln&i=WJhQ3A7J6t2D&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-knvfr
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 4A10 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:57 GMT
content-length
0
um
sync.e-planning.net/ Frame 4A10 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=126bd6bdc617e589&uid=e_8949e081-3ff3-4f32-83cb-9e1e8549f9a1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server
openresty
date
Tue, 05 Dec 2023 06:57:57 GMT
content-type
image/gif
usersync
rtb.gumgum.com/ Frame D0E2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=4657187938654012922&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=4657187938654012922&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.12.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-12-121.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 05 Dec 2023 06:57:58 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 05 Dec 2023 06:57:58 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=4657187938654012922&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 62D9 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTQ5ZTA4MS0zZmYzLTRmMzItODNjYi05ZTFlODU0OWY5YTE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B6A5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27272
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Tue, 05 Dec 2023 14:32:29 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 2748 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 05 Dec 2023 06:57:57 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 7846
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZW7J9sCo5sIAAFGjqcYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZW7J9sCo5sIAAFGjqcYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 05 Dec 2023 06:57:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 05 Dec 2023 06:57:58 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZW7J9sCo5sIAAFGjqcYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad419.dc4p.scaleout.jp
X-SO-IP
82.199.130.37
X-SO-Key
ZW7J9sCo5sIAAFGjqcYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZW7J9sCo5sIAAFGjqcYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad419"}
X-SO-LB-Hostname
a-tgng40004.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad419
usersync
usersync.gumgum.com/ Frame C5DF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=wmpcEe_gD47X3U1DRt8baMs8MImil50qXuJY6ltCrWU&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=wmpcEe_gD47X3U1DRt8baMs8MImil50qXuJY6ltCrWU&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 05 Dec 2023 06:57:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 05 Dec 2023 06:57:58 GMT Tue, 05 Dec 2023 06:57:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=wmpcEe_gD47X3U1DRt8baMs8MImil50qXuJY6ltCrWU&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame B55B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D126bd6bdc617e589%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Dec 2023 06:57:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 05 Dec 2023 06:57:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame E51B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dada31613ec07643549dd0ba2fccbbbb2063c5af7ddd3e2377c6cdb5ade0cc04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Dec 2023 14:03:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25535
Connection
keep-alive
Content-Length
13236
Expires
Tue, 05 Dec 2023 14:03:32 GMT
z
s.zfctrack.net/ Frame 4243 		102 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zfctrack.net/z
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
7ae384474cd6f47bbb969a7013282e94e5ca07c7762ff20efc35bfb6a6e89c86

Request headers

Content-Type
text/plain;charset=UTF-8
Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
khaos.json
token.rubiconproject.com/ Frame E51B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
2076313506083323656
tpc.googlesyndication.com/simgad/13661577449739120370/ Frame 558D 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13661577449739120370/2076313506083323656
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61aac88471ed1d304a17b962bcbc8fec0382fcf8f7107a5de32eb4a8fb9bde1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 23:00:50 GMT
x-content-type-options
nosniff
age
115028
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49396
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 15:43:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 02 Dec 2024 23:00:50 GMT
13303234303783414542
tpc.googlesyndication.com/simgad/ Frame 558D 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13303234303783414542?w=100&h=100&tw=1&q=75
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48682c3d7c0da087fc57642fff2362fe718e663579a4416926935dd6ee1f3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:54:19 GMT
x-content-type-options
nosniff
age
68619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5579
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 10:31:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Dec 2024 11:54:19 GMT
truncated
/ Frame 558D 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 558D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17ba78553cef460543b4903830439e903068349fa58d097b91203410377ebd7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 558D 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:56:43 GMT
x-content-type-options
nosniff
age
43275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 18:56:43 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 558D 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:48:37 GMT
x-content-type-options
nosniff
age
119361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9576
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Dec 2024 21:48:37 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 558D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 03:15:52 GMT
x-content-type-options
nosniff
age
13326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 03:15:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 558D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
310717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 16:39:21 GMT
usync.js
eus.rubiconproject.com/ Frame B55B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dada31613ec07643549dd0ba2fccbbbb2063c5af7ddd3e2377c6cdb5ade0cc04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 06:57:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Dec 2023 14:03:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25534
Connection
keep-alive
Content-Length
13236
Expires
Tue, 05 Dec 2023 14:03:32 GMT
rum
dsum-sec.casalemedia.com/ Frame AB36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNWIrXus59O25OSyi7VTlytT6HcjWPCm6xQAbOo54JfOQKWsTjxgkfZaUTx9HP4ZYHwQAY2qALg1xpzM__2mD0xAEIpUkQZECteH_IOPnd0p3krOR2-0KBtAyUYBoT8drYLqfU2KrlJmTwnmo8R8gQQrIIm__6vSbNJi-oDqJ5bRr_MbYto
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dr6oZlHv9gD3ApOdZ29LBzsx8tw0zlJtYbq7MmTp4bcqUKpMRUXzBLIinbbO2V%2BpOLaSPKuW47Ej%2FCRUr4jqD%2Ff%2FzJV37SBMIOnVLSZ3K6yhIF%2FISIG0gkatFBpD5mJp4BVdgrzcu%2BvPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e2dd1224ef-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AB36
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7J9ThIhiur-uDaCl5S8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNWIrXus59O25OSyi7VTlytT6HcjWPCm6xQAbOo54JfOQKWsTjxgkfZaUTx9HP4ZYHwQAY2qALg1xpzM__2mD0xAEIpUkQZECteH_IOPnd0p3krOR2-0KBtAyUYBoT8drYLqfU2KrlJmTwnmo8R8gQQrIIm__6vSbNJi-oDqJ5bRr_MbYto
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK6CRB2SAPjQwXk%2FFZn8k5BXbxBrgOM6x9zL8TueMzy3tY0HDEh%2FnYucjkDJFuTjZi1HCEDAVDtDNEebS9iuQWUKhWSQ2M1xxe8LcxPHl1ncFfVeLwzRJczRNQk8h00qidN9XwqtTqy3cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e34d6624ef-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AB36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNWIrXus59O25OSyi7VTlytT6HcjWPCm6xQAbOo54JfOQKWsTjxgkfZaUTx9HP4ZYHwQAY2qALg1xpzM__2mD0xAEIpUkQZECteH_IOPnd0p3krOR2-0KBtAyUYBoT8drYLqfU2KrlJmTwnmo8R8gQQrIIm__6vSbNJi-oDqJ5bRr_MbYto
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
an-x-request-uuid
16b2db73-4c1d-484a-b468-d7149e06b40d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB36
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNWIrXus59O25OSyi7VTlytT6HcjWPCm6xQAbOo54JfOQKWsTjxgkfZaUTx9HP4ZYHwQAY2qALg1xpzM__2mD0xAEIpUkQZECteH_IOPnd0p3krOR2-0KBtAyUYBoT8drYLqfU2KrlJmTwnmo8R8gQQrIIm__6vSbNJi-oDqJ5bRr_MbYto
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
an-x-request-uuid
1de5af84-d446-4a18-b468-75a3c71faf19
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 79F4 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7266050620733&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 79F4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7266050620733&version=m202309260101&ct=76&x=1&cor=7220626662911969000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 79F4 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiuA7NibSP64eYq6iUH9ZliarLdRw3MN4uIXa9opQBzNe1uDkoDNYXoIOZvM8OWBjpnfjMmqji59F3e7gJ4ZchochSn-dS8fhW1WfNBTjgLfmbJMcXQd1kUJqQ9_MLpsXZ50avikbkHeL0XQ68UfAXq9UI4lNuuiazWvHNGjamOU5BLEE&dbm_d=AKAmf-DNcrAMqt6GcC7XwVn9Xkedo0r3g_sZ-CW9Y9W91MmE1uNelsWkGbyZhfSjFhQT_ZQVNAklJtCWPuAgg8-KDF7z2wUa6MS9cOSYHLL6bkIUM7y2C4PwvtYg74SNcg00lpCxZZXGNZ2S1K4w2HZlOOThahdikuZCE5OlJ7d52zPpUmHGNvu2bS1nUaZyy4xOzibmNab-20KIdeybbOz0PM1tNG0rH6BRMbi-ylX-oi0Q0ZQy8LXu-CLljepp1Tm8v1GbdzOpKdELanWMhZiboG0iWo9lt2qXCvn7zKx-vUtXFzuhd12pkRzknjysdYayXcDyLkFY9S6jC_CdIWn7fpgdDk450Gi5GwWwqyrqWtYoiUx7VICxXzANO-djc1SzoeHoNT9sq-WJulC_gX_fGdumcYhTa4rA6OFI6k1irpEvroGszGFvW4tNDLbhaORzMz3uPo2FXdh5XeJxTAoOs6wOvo5VrGGrn3KQ-niiCfrh81w3qTKU9b3-x0MkSMtBRoBbWB7ENqG9W4vbIrHwuYVQOpZAdCmbdg7LMNPcGIpdNZaXzLYse0UIzrKbiowG8fX-HhmM2atwrC_MWaoysKJk4unhrZuJaWLB6Vx2Xv20RFHU97x4BZL4aZmUPQLcWBFSKsdI7V9UhHkKB65hr-1VYwn735NZpOe7-n2zV_T8hKsex13NL5T-IiTe92IEVdPGAG3gJUjzhc22PgHGxyjrLZ0OFEgPDE1Rj9xQmcqImIQt75u03hu9g0NA8vV3f8lccmx9bxar1lI2ei5XIh4ER49ClYzldYZ9a2Won5LY-BFO9O_xdtg7HMSX4EKQXCzatT1Z6ZTAxCXiJpgj61xhRrlu7_jbnd1QXCQ69CScS7kVJN2iC9iGE2M-Afzc85nPvNDFt1zcJruWzgPMDSpuApg6VOsCakdkplwdDTpAhQbXKNppJS1jf4gai6u8D3hsALJLm827FJpywVyKT8IByjgkdyIoCrEWCLzR5Z4xKGsvkeDMnaHq2yjg4s5wqHg-Amw5eiib5UQIvsI6g604KkFFru_LCI1izeNMA8qsN_U2zUz11Um5TJE9baAJYEpqyZTmUh1EyGQ_Ql9gybrpkOlAvMFujG6Ra7I6vAZ_kCY5T6LWw3qVnEz23W1eWcdaLJ5zrlTeTI_N1AOnck1kdPQpch5Rp6288ml-bGOj5t6L3uvB_ac-VF-i0m3T2mdYQ1J2W58te3n-2EmYZox-TAzTHlqBLDRXrEVe3TxmLUpYw4sqNL-2Z4-wDPur6iSttxWdV9rRk7vFWsLgc42YtYCq7UJIz84qJlsiQn0OTFpwGV6bTACN7kMM7Txbp-1HIE4j472WUhYWBzlMVlpqn-wEizd-_z4vReNEfh1x5QfHa9kcSc_Hv9ME1JM27mjvnhwNJeIY9XmDskNsLo0mpkY1sZOJC-Sv8AH-irmvoE8BBOo7neQ2oQmK4djg-YxNXdSwVsuDQKJHAySIoneLSthVSzfL_t24pVoeGRqQIG03EE8WBONOUPyb6zCzSrnSOMPVpPyFsS-R3ELH4i8Fsla7Ikbfwv1VHUL__ugYojBmrz151yofN-yKDaKpxaRxfKrb-nYzLaZLbGbhWDPpso3oe2cOUplTYKdpcaxb2q8ioR0jsMAUk4Q3kZwFTna8mprYJ17mpg88AdiyBZAMVFsYJ6oe86qaqKxP-9WtasFmylk6fARpmCb93eNmBdh3Rb-c5vTle0Xx3T8BvwWgb8fapC7fv7gwrglEf2FdmA13L-BcyVqijYZXt3-4D5mDO4HGYQq73g_M6qPGplsrXmYf8rjWuxjKsIGJA0vC8dWGC2AzwopiTc_B1v49LidurofKBxRFZVwf92BAL9nx50JK75-om4mCjjxs-pnw-wdz77HlXycAJy9B0icGPqYTjdkHJl7ORTh86tlhLDXHk-sA5bpg3KWngTLbA-HbtZyceh9rmPDjOEOBQlDVfkMKWOlTUFFA5HT6O-tDceYhfpmbePS6xQNDJ2jl6Do7K4fW_04fKiLGhlmsjNQ2886GxndojbqnDPun-I4fZNG70ZA88oGMfQN9jch5Ifmu_TBJC0WbxqJsCpEnBsGh_QOhmeysSxUvY5A1a85GZKJ2RKehwU9zvSs949rvugJZit4X2tIy2q_0TP8NZpiNet2Ynpd-VcSpR7uuny2p9OhlaBfQ0gZPboLpqBu_aM1w3fGQmIIHOrHBsNkNkFjvpX-EVGPO48h-w7yeX4M7GZoMWuk80Mc1HBEvLW2PT6xTBdpv1pocNZigtQwmek7Of6uvaWLJRN095iEM05ckUeu2T9bNTbtw_HN4bzt5IczkMNzisGPWxnuGxOl08jUiYHJRvyN1nabfZ0VQXGV5hV_GyI5jfzohJ9G1Woay0Y7nUpz8tiRGKV9FKG3EY-_SuYFfo4wSZm9m5KuZJodcrnprB8GDh77VFypRk-Z81_lTIVrfb-jan6IeR0EsnBV7BSCSsgLiO_-DVzG9-JY8hTp0QwxA8RQeRKjWRzp0jfY0N5eTaegMag1814rFrzuHvRiH1Voxj_kAXEBt7rQbNzxWkkWQ3ujDEN0rOZ5bc527LgWYGVLOCoB9M-8oTlwHgOPrC5QJms84C1vO2Eqba7mKZGJMGI8F9qo9Gi78Y__BkthJueCqo0e1bfswIsMA4wxkPOQy4-rdnFNNwFehF_R7X6vNpL3cG1WkjxdCddjeSRadrI1gPtIyUrIzRtOH3zemYBbzuzcPh71dbzlCa9weeIsPkYUdjEKuah6LMigRVFhN2VRiEQ2rW-gCKy1zkEazLfLu5AWnIOskHc-IGTXNtXx-UyQQeG_4ID9ifKRynfKzXITzgLD7lI2404PY_UEcLDDR9iIZPuQQJruRdUKLF8giQGmdBvT32QgbkO57Ut8J-3ncQ50G-3ir34kgbPreVK8tuJPoX0q4HEI4ROv3NfPhPF1ileYE-TexqlNrWmT1aydXIzlGs50sS6Uupx1M2OFmUOU8hl_fKQHMUvxgerc_U7-Ixs2_6wUaRZ36MJvoG_PhrZg3E1jjBlrr-cKXikkP1O-TH3SITfUKNJ7Ju-ky7BezQmlSHcLvDOl0OukzFgD-91KRKt0ZKuXrw-OVejxuGewDwZRj3M99Bm0rFCtPtjaHu7QF8DdXpgSilAt-vpr3vnA3PYum11Ls8IoBDALqyy8IgUcwNVqvBehia6pBh4uXLwzSTlgLs4KJWKmZFQV0paJATfurdb0etdO-9wJ2rFR0p3Lu_jO8bXmA-Yteo8VGZ73J-fHh8H9xYFd5zd5Lr4E86jQsizqn3te2UmVgRKgMtKJay2ordQw3k7UBWyFtpi-pEW4rjS8soudw8r15iDfAbi2ZS8czgZqoEzqdckOQFWfKKlN1liMwVztAjrO_xM9su_nBmH61tI7I6aOqNxLZQj1v9U7Bs5kZEJFt4EYV9EYUOoQqaiGpnBSufn6jkJ4KJC3AhF4tZor8Y-7o4utv4pyuuK_lkaq5hXTESRbJUu83F0PvG5EQ9cd0OUxEiQdlA53LT5LfikFV1oerpU0hpPHVa9v7fBL40nGNPX7e_S3ZWN2NjP7i6neLtCgM6ckdktP-oTpHy9VPcmX8QYGgzDnKuI8-6XXDT7TYjWGEyalSJdDS9Druc6Bdv0p3C4dZR6sWdbWnxFr04Blk5ziS3NTZDr5PyhklDGnnDfn5tgMqLMU8Zzaw6iFDLkGFolDzP0MX-tHvT8p-p3vFIDCCUAUnThr9PQCwOKEX9nI5ENX2d4Dvnp8Sxp9Gzw3GNP47dhPZLqFztM2Mj2uBNY4G78TrNaJ8Wu-no0mTdwVlzoz0M37HlGgxbUtcyjYp6pXcYCOp6K1jCgK4ZwjZrXV0LEb8Jue_Fb7ZRTTG&cid=CAQSTgDICaaNjPv5VwRJbpPtDt89p9MDc-UdSOLVNc9i0HGHU36cuMyUQ7XgAqtV8jDk41R1Jl_JMgzia0kJBw6GSrO12wk9KN01oyo_8IXyaxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=7220626662911969000&adk=2515327513&idt=291&cac=0&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8642227e7e812e308996435f91b80801fdb672f699ca10bbed5fdd5f0db87075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42396
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame B55B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 558D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIvna9cluZeLHDpGYgAei4b7oCKD2_cl05K7j_-ER79aMqOpBEAEgiNmzmAFglQKgAYOsjaoqyAEJqQItzKQgCzCyPuACAKgDAcgDCqoErAJP0Ai5fD54o5nOi4-DDdgaYJE8RLOt92rKzOejQePf7kRwlRR48kIRlenUFVrkFisu4rQ1KYeFqCdKwB3OkaVKBtITvLX3SVmdbLPcSwQl8HgFDW4WlC1MvirrFQC9MDd_xvUqYCkifdcEfxmD_dFjj25bviwkFOX4Oty_yzfRilSCZbvTZ_t-P7MIRmuGFygWL5H8qOAIxv4MUUwYbN4nUvtEu0eU1ZkYLDAIrg63rKWfmwuazfvye5vZijk_OLfZ0gLRXFG7dkYKFOXrIvnv6HxsQHVTr7dATON6uQ_gGFqnVCIkksFhPS0OmzcXLUMuj0JtHNs5obv55sOZDYxVzbsCj2ocHAYRdtEUTllk07-sSqO1oy-accLzYTaGmop6BKdpvamj6yGkAcbABIHM39vDBOAEAYgFqoiNyk2gBi6AB4Pk3YkFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQz_wl0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljH24eJ3PeCA5oJNmh0dHBzOi8vbm92YXBvc3QuY29tL3VrLWRlL2ludGVybmF0aW9uYWwvc2hpcHBpbmctY29zdIAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAuINEwj-l4iJ3PeCAxURDOAKHaKwD424E-QD2BMDiBQB0BUBmBYBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=-Fn0M8MJFGg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNjPv5VwRJbpPtDt89p9MDc-UdSOLVNc9i0HGHU36cuMyUQ7XgAqtV8jDk41R1Jl_JMgzia0kJBw6GSrO12wk9KN01oyo_8IXyaxgB&template_id=484&cbvp=2
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
icon-top.svg
upst.fwdcdn.com/img/portal/main/ 		525 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:55:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
nginx
age
118942
etag
"637656b5-13e"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
bg-main-static.png
upst.fwdcdn.com/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/bg-main-static.png
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:52:29 GMT
via
1.1 google
last-modified
Tue, 28 Apr 2020 10:54:06 GMT
server
nginx
age
119129
etag
"5ea80b4e-2962"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10594
regions-star.svg
upst.fwdcdn.com/img/portal/main/ 		830 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 06:40:57 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
nginx
age
173821
etag
"637656b5-1d6"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
currency-bg.gif
upst.fwdcdn.com/img/portal/commercial/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/commercial/currency-bg.gif
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:49:54 GMT
via
1.1 google
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
nginx
age
119284
etag
"637656b5-be5"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3045
arrow.svg
www.ukr.net/img/portal/main/ 		233 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ukr.net/img/portal/main/arrow.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b0a7:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
nginx
etag
"637656b5-bc"
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public,max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188
x-xss-protection
1; mode=block
orakul-sprite.gif
upst.fwdcdn.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:1728:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:25:51 GMT
via
1.1 google
last-modified
Wed, 12 Jun 2013 11:52:20 GMT
server
nginx
age
275527
etag
"51b860f4-1ad2"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public,max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6866
multitracking
sghb.adtelligent.com/adunit/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/BNkAp/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Tue, 05 Dec 2023 06:57:57 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634092/ Frame 79F4 		256 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634092/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gAik0XH6qC2FkuDvhJl44m
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.32.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-32-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cc88e0004534e009708a1e32155e031861f7877f7ab21bf96501c2d0f1aa93af

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 79F4 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39992
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 19:51:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 79F4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiuA7NibSP64eYq6iUH9ZliarLdRw3MN4uIXa9opQBzNe1uDkoDNYXoIOZvM8OWBjpnfjMmqji59F3e7gJ4ZchochSn-dS8fhW1WfNBTjgLfmbJMcXQd1kUJqQ9_MLpsXZ50avikbkHeL0XQ68UfAXq9UI4lNuuiazWvHNGjamOU5BLEE&dbm_d=AKAmf-DNcrAMqt6GcC7XwVn9Xkedo0r3g_sZ-CW9Y9W91MmE1uNelsWkGbyZhfSjFhQT_ZQVNAklJtCWPuAgg8-KDF7z2wUa6MS9cOSYHLL6bkIUM7y2C4PwvtYg74SNcg00lpCxZZXGNZ2S1K4w2HZlOOThahdikuZCE5OlJ7d52zPpUmHGNvu2bS1nUaZyy4xOzibmNab-20KIdeybbOz0PM1tNG0rH6BRMbi-ylX-oi0Q0ZQy8LXu-CLljepp1Tm8v1GbdzOpKdELanWMhZiboG0iWo9lt2qXCvn7zKx-vUtXFzuhd12pkRzknjysdYayXcDyLkFY9S6jC_CdIWn7fpgdDk450Gi5GwWwqyrqWtYoiUx7VICxXzANO-djc1SzoeHoNT9sq-WJulC_gX_fGdumcYhTa4rA6OFI6k1irpEvroGszGFvW4tNDLbhaORzMz3uPo2FXdh5XeJxTAoOs6wOvo5VrGGrn3KQ-niiCfrh81w3qTKU9b3-x0MkSMtBRoBbWB7ENqG9W4vbIrHwuYVQOpZAdCmbdg7LMNPcGIpdNZaXzLYse0UIzrKbiowG8fX-HhmM2atwrC_MWaoysKJk4unhrZuJaWLB6Vx2Xv20RFHU97x4BZL4aZmUPQLcWBFSKsdI7V9UhHkKB65hr-1VYwn735NZpOe7-n2zV_T8hKsex13NL5T-IiTe92IEVdPGAG3gJUjzhc22PgHGxyjrLZ0OFEgPDE1Rj9xQmcqImIQt75u03hu9g0NA8vV3f8lccmx9bxar1lI2ei5XIh4ER49ClYzldYZ9a2Won5LY-BFO9O_xdtg7HMSX4EKQXCzatT1Z6ZTAxCXiJpgj61xhRrlu7_jbnd1QXCQ69CScS7kVJN2iC9iGE2M-Afzc85nPvNDFt1zcJruWzgPMDSpuApg6VOsCakdkplwdDTpAhQbXKNppJS1jf4gai6u8D3hsALJLm827FJpywVyKT8IByjgkdyIoCrEWCLzR5Z4xKGsvkeDMnaHq2yjg4s5wqHg-Amw5eiib5UQIvsI6g604KkFFru_LCI1izeNMA8qsN_U2zUz11Um5TJE9baAJYEpqyZTmUh1EyGQ_Ql9gybrpkOlAvMFujG6Ra7I6vAZ_kCY5T6LWw3qVnEz23W1eWcdaLJ5zrlTeTI_N1AOnck1kdPQpch5Rp6288ml-bGOj5t6L3uvB_ac-VF-i0m3T2mdYQ1J2W58te3n-2EmYZox-TAzTHlqBLDRXrEVe3TxmLUpYw4sqNL-2Z4-wDPur6iSttxWdV9rRk7vFWsLgc42YtYCq7UJIz84qJlsiQn0OTFpwGV6bTACN7kMM7Txbp-1HIE4j472WUhYWBzlMVlpqn-wEizd-_z4vReNEfh1x5QfHa9kcSc_Hv9ME1JM27mjvnhwNJeIY9XmDskNsLo0mpkY1sZOJC-Sv8AH-irmvoE8BBOo7neQ2oQmK4djg-YxNXdSwVsuDQKJHAySIoneLSthVSzfL_t24pVoeGRqQIG03EE8WBONOUPyb6zCzSrnSOMPVpPyFsS-R3ELH4i8Fsla7Ikbfwv1VHUL__ugYojBmrz151yofN-yKDaKpxaRxfKrb-nYzLaZLbGbhWDPpso3oe2cOUplTYKdpcaxb2q8ioR0jsMAUk4Q3kZwFTna8mprYJ17mpg88AdiyBZAMVFsYJ6oe86qaqKxP-9WtasFmylk6fARpmCb93eNmBdh3Rb-c5vTle0Xx3T8BvwWgb8fapC7fv7gwrglEf2FdmA13L-BcyVqijYZXt3-4D5mDO4HGYQq73g_M6qPGplsrXmYf8rjWuxjKsIGJA0vC8dWGC2AzwopiTc_B1v49LidurofKBxRFZVwf92BAL9nx50JK75-om4mCjjxs-pnw-wdz77HlXycAJy9B0icGPqYTjdkHJl7ORTh86tlhLDXHk-sA5bpg3KWngTLbA-HbtZyceh9rmPDjOEOBQlDVfkMKWOlTUFFA5HT6O-tDceYhfpmbePS6xQNDJ2jl6Do7K4fW_04fKiLGhlmsjNQ2886GxndojbqnDPun-I4fZNG70ZA88oGMfQN9jch5Ifmu_TBJC0WbxqJsCpEnBsGh_QOhmeysSxUvY5A1a85GZKJ2RKehwU9zvSs949rvugJZit4X2tIy2q_0TP8NZpiNet2Ynpd-VcSpR7uuny2p9OhlaBfQ0gZPboLpqBu_aM1w3fGQmIIHOrHBsNkNkFjvpX-EVGPO48h-w7yeX4M7GZoMWuk80Mc1HBEvLW2PT6xTBdpv1pocNZigtQwmek7Of6uvaWLJRN095iEM05ckUeu2T9bNTbtw_HN4bzt5IczkMNzisGPWxnuGxOl08jUiYHJRvyN1nabfZ0VQXGV5hV_GyI5jfzohJ9G1Woay0Y7nUpz8tiRGKV9FKG3EY-_SuYFfo4wSZm9m5KuZJodcrnprB8GDh77VFypRk-Z81_lTIVrfb-jan6IeR0EsnBV7BSCSsgLiO_-DVzG9-JY8hTp0QwxA8RQeRKjWRzp0jfY0N5eTaegMag1814rFrzuHvRiH1Voxj_kAXEBt7rQbNzxWkkWQ3ujDEN0rOZ5bc527LgWYGVLOCoB9M-8oTlwHgOPrC5QJms84C1vO2Eqba7mKZGJMGI8F9qo9Gi78Y__BkthJueCqo0e1bfswIsMA4wxkPOQy4-rdnFNNwFehF_R7X6vNpL3cG1WkjxdCddjeSRadrI1gPtIyUrIzRtOH3zemYBbzuzcPh71dbzlCa9weeIsPkYUdjEKuah6LMigRVFhN2VRiEQ2rW-gCKy1zkEazLfLu5AWnIOskHc-IGTXNtXx-UyQQeG_4ID9ifKRynfKzXITzgLD7lI2404PY_UEcLDDR9iIZPuQQJruRdUKLF8giQGmdBvT32QgbkO57Ut8J-3ncQ50G-3ir34kgbPreVK8tuJPoX0q4HEI4ROv3NfPhPF1ileYE-TexqlNrWmT1aydXIzlGs50sS6Uupx1M2OFmUOU8hl_fKQHMUvxgerc_U7-Ixs2_6wUaRZ36MJvoG_PhrZg3E1jjBlrr-cKXikkP1O-TH3SITfUKNJ7Ju-ky7BezQmlSHcLvDOl0OukzFgD-91KRKt0ZKuXrw-OVejxuGewDwZRj3M99Bm0rFCtPtjaHu7QF8DdXpgSilAt-vpr3vnA3PYum11Ls8IoBDALqyy8IgUcwNVqvBehia6pBh4uXLwzSTlgLs4KJWKmZFQV0paJATfurdb0etdO-9wJ2rFR0p3Lu_jO8bXmA-Yteo8VGZ73J-fHh8H9xYFd5zd5Lr4E86jQsizqn3te2UmVgRKgMtKJay2ordQw3k7UBWyFtpi-pEW4rjS8soudw8r15iDfAbi2ZS8czgZqoEzqdckOQFWfKKlN1liMwVztAjrO_xM9su_nBmH61tI7I6aOqNxLZQj1v9U7Bs5kZEJFt4EYV9EYUOoQqaiGpnBSufn6jkJ4KJC3AhF4tZor8Y-7o4utv4pyuuK_lkaq5hXTESRbJUu83F0PvG5EQ9cd0OUxEiQdlA53LT5LfikFV1oerpU0hpPHVa9v7fBL40nGNPX7e_S3ZWN2NjP7i6neLtCgM6ckdktP-oTpHy9VPcmX8QYGgzDnKuI8-6XXDT7TYjWGEyalSJdDS9Druc6Bdv0p3C4dZR6sWdbWnxFr04Blk5ziS3NTZDr5PyhklDGnnDfn5tgMqLMU8Zzaw6iFDLkGFolDzP0MX-tHvT8p-p3vFIDCCUAUnThr9PQCwOKEX9nI5ENX2d4Dvnp8Sxp9Gzw3GNP47dhPZLqFztM2Mj2uBNY4G78TrNaJ8Wu-no0mTdwVlzoz0M37HlGgxbUtcyjYp6pXcYCOp6K1jCgK4ZwjZrXV0LEb8Jue_Fb7ZRTTG&cid=CAQSTgDICaaNjPv5VwRJbpPtDt89p9MDc-UdSOLVNc9i0HGHU36cuMyUQ7XgAqtV8jDk41R1Jl_JMgzia0kJBw6GSrO12wk9KN01oyo_8IXyaxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=7220626662911969000&adk=2515327513&idt=291&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
42766
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:05:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 79F4 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiuA7NibSP64eYq6iUH9ZliarLdRw3MN4uIXa9opQBzNe1uDkoDNYXoIOZvM8OWBjpnfjMmqji59F3e7gJ4ZchochSn-dS8fhW1WfNBTjgLfmbJMcXQd1kUJqQ9_MLpsXZ50avikbkHeL0XQ68UfAXq9UI4lNuuiazWvHNGjamOU5BLEE&dbm_d=AKAmf-DNcrAMqt6GcC7XwVn9Xkedo0r3g_sZ-CW9Y9W91MmE1uNelsWkGbyZhfSjFhQT_ZQVNAklJtCWPuAgg8-KDF7z2wUa6MS9cOSYHLL6bkIUM7y2C4PwvtYg74SNcg00lpCxZZXGNZ2S1K4w2HZlOOThahdikuZCE5OlJ7d52zPpUmHGNvu2bS1nUaZyy4xOzibmNab-20KIdeybbOz0PM1tNG0rH6BRMbi-ylX-oi0Q0ZQy8LXu-CLljepp1Tm8v1GbdzOpKdELanWMhZiboG0iWo9lt2qXCvn7zKx-vUtXFzuhd12pkRzknjysdYayXcDyLkFY9S6jC_CdIWn7fpgdDk450Gi5GwWwqyrqWtYoiUx7VICxXzANO-djc1SzoeHoNT9sq-WJulC_gX_fGdumcYhTa4rA6OFI6k1irpEvroGszGFvW4tNDLbhaORzMz3uPo2FXdh5XeJxTAoOs6wOvo5VrGGrn3KQ-niiCfrh81w3qTKU9b3-x0MkSMtBRoBbWB7ENqG9W4vbIrHwuYVQOpZAdCmbdg7LMNPcGIpdNZaXzLYse0UIzrKbiowG8fX-HhmM2atwrC_MWaoysKJk4unhrZuJaWLB6Vx2Xv20RFHU97x4BZL4aZmUPQLcWBFSKsdI7V9UhHkKB65hr-1VYwn735NZpOe7-n2zV_T8hKsex13NL5T-IiTe92IEVdPGAG3gJUjzhc22PgHGxyjrLZ0OFEgPDE1Rj9xQmcqImIQt75u03hu9g0NA8vV3f8lccmx9bxar1lI2ei5XIh4ER49ClYzldYZ9a2Won5LY-BFO9O_xdtg7HMSX4EKQXCzatT1Z6ZTAxCXiJpgj61xhRrlu7_jbnd1QXCQ69CScS7kVJN2iC9iGE2M-Afzc85nPvNDFt1zcJruWzgPMDSpuApg6VOsCakdkplwdDTpAhQbXKNppJS1jf4gai6u8D3hsALJLm827FJpywVyKT8IByjgkdyIoCrEWCLzR5Z4xKGsvkeDMnaHq2yjg4s5wqHg-Amw5eiib5UQIvsI6g604KkFFru_LCI1izeNMA8qsN_U2zUz11Um5TJE9baAJYEpqyZTmUh1EyGQ_Ql9gybrpkOlAvMFujG6Ra7I6vAZ_kCY5T6LWw3qVnEz23W1eWcdaLJ5zrlTeTI_N1AOnck1kdPQpch5Rp6288ml-bGOj5t6L3uvB_ac-VF-i0m3T2mdYQ1J2W58te3n-2EmYZox-TAzTHlqBLDRXrEVe3TxmLUpYw4sqNL-2Z4-wDPur6iSttxWdV9rRk7vFWsLgc42YtYCq7UJIz84qJlsiQn0OTFpwGV6bTACN7kMM7Txbp-1HIE4j472WUhYWBzlMVlpqn-wEizd-_z4vReNEfh1x5QfHa9kcSc_Hv9ME1JM27mjvnhwNJeIY9XmDskNsLo0mpkY1sZOJC-Sv8AH-irmvoE8BBOo7neQ2oQmK4djg-YxNXdSwVsuDQKJHAySIoneLSthVSzfL_t24pVoeGRqQIG03EE8WBONOUPyb6zCzSrnSOMPVpPyFsS-R3ELH4i8Fsla7Ikbfwv1VHUL__ugYojBmrz151yofN-yKDaKpxaRxfKrb-nYzLaZLbGbhWDPpso3oe2cOUplTYKdpcaxb2q8ioR0jsMAUk4Q3kZwFTna8mprYJ17mpg88AdiyBZAMVFsYJ6oe86qaqKxP-9WtasFmylk6fARpmCb93eNmBdh3Rb-c5vTle0Xx3T8BvwWgb8fapC7fv7gwrglEf2FdmA13L-BcyVqijYZXt3-4D5mDO4HGYQq73g_M6qPGplsrXmYf8rjWuxjKsIGJA0vC8dWGC2AzwopiTc_B1v49LidurofKBxRFZVwf92BAL9nx50JK75-om4mCjjxs-pnw-wdz77HlXycAJy9B0icGPqYTjdkHJl7ORTh86tlhLDXHk-sA5bpg3KWngTLbA-HbtZyceh9rmPDjOEOBQlDVfkMKWOlTUFFA5HT6O-tDceYhfpmbePS6xQNDJ2jl6Do7K4fW_04fKiLGhlmsjNQ2886GxndojbqnDPun-I4fZNG70ZA88oGMfQN9jch5Ifmu_TBJC0WbxqJsCpEnBsGh_QOhmeysSxUvY5A1a85GZKJ2RKehwU9zvSs949rvugJZit4X2tIy2q_0TP8NZpiNet2Ynpd-VcSpR7uuny2p9OhlaBfQ0gZPboLpqBu_aM1w3fGQmIIHOrHBsNkNkFjvpX-EVGPO48h-w7yeX4M7GZoMWuk80Mc1HBEvLW2PT6xTBdpv1pocNZigtQwmek7Of6uvaWLJRN095iEM05ckUeu2T9bNTbtw_HN4bzt5IczkMNzisGPWxnuGxOl08jUiYHJRvyN1nabfZ0VQXGV5hV_GyI5jfzohJ9G1Woay0Y7nUpz8tiRGKV9FKG3EY-_SuYFfo4wSZm9m5KuZJodcrnprB8GDh77VFypRk-Z81_lTIVrfb-jan6IeR0EsnBV7BSCSsgLiO_-DVzG9-JY8hTp0QwxA8RQeRKjWRzp0jfY0N5eTaegMag1814rFrzuHvRiH1Voxj_kAXEBt7rQbNzxWkkWQ3ujDEN0rOZ5bc527LgWYGVLOCoB9M-8oTlwHgOPrC5QJms84C1vO2Eqba7mKZGJMGI8F9qo9Gi78Y__BkthJueCqo0e1bfswIsMA4wxkPOQy4-rdnFNNwFehF_R7X6vNpL3cG1WkjxdCddjeSRadrI1gPtIyUrIzRtOH3zemYBbzuzcPh71dbzlCa9weeIsPkYUdjEKuah6LMigRVFhN2VRiEQ2rW-gCKy1zkEazLfLu5AWnIOskHc-IGTXNtXx-UyQQeG_4ID9ifKRynfKzXITzgLD7lI2404PY_UEcLDDR9iIZPuQQJruRdUKLF8giQGmdBvT32QgbkO57Ut8J-3ncQ50G-3ir34kgbPreVK8tuJPoX0q4HEI4ROv3NfPhPF1ileYE-TexqlNrWmT1aydXIzlGs50sS6Uupx1M2OFmUOU8hl_fKQHMUvxgerc_U7-Ixs2_6wUaRZ36MJvoG_PhrZg3E1jjBlrr-cKXikkP1O-TH3SITfUKNJ7Ju-ky7BezQmlSHcLvDOl0OukzFgD-91KRKt0ZKuXrw-OVejxuGewDwZRj3M99Bm0rFCtPtjaHu7QF8DdXpgSilAt-vpr3vnA3PYum11Ls8IoBDALqyy8IgUcwNVqvBehia6pBh4uXLwzSTlgLs4KJWKmZFQV0paJATfurdb0etdO-9wJ2rFR0p3Lu_jO8bXmA-Yteo8VGZ73J-fHh8H9xYFd5zd5Lr4E86jQsizqn3te2UmVgRKgMtKJay2ordQw3k7UBWyFtpi-pEW4rjS8soudw8r15iDfAbi2ZS8czgZqoEzqdckOQFWfKKlN1liMwVztAjrO_xM9su_nBmH61tI7I6aOqNxLZQj1v9U7Bs5kZEJFt4EYV9EYUOoQqaiGpnBSufn6jkJ4KJC3AhF4tZor8Y-7o4utv4pyuuK_lkaq5hXTESRbJUu83F0PvG5EQ9cd0OUxEiQdlA53LT5LfikFV1oerpU0hpPHVa9v7fBL40nGNPX7e_S3ZWN2NjP7i6neLtCgM6ckdktP-oTpHy9VPcmX8QYGgzDnKuI8-6XXDT7TYjWGEyalSJdDS9Druc6Bdv0p3C4dZR6sWdbWnxFr04Blk5ziS3NTZDr5PyhklDGnnDfn5tgMqLMU8Zzaw6iFDLkGFolDzP0MX-tHvT8p-p3vFIDCCUAUnThr9PQCwOKEX9nI5ENX2d4Dvnp8Sxp9Gzw3GNP47dhPZLqFztM2Mj2uBNY4G78TrNaJ8Wu-no0mTdwVlzoz0M37HlGgxbUtcyjYp6pXcYCOp6K1jCgK4ZwjZrXV0LEb8Jue_Fb7ZRTTG&cid=CAQSTgDICaaNjPv5VwRJbpPtDt89p9MDc-UdSOLVNc9i0HGHU36cuMyUQ7XgAqtV8jDk41R1Jl_JMgzia0kJBw6GSrO12wk9KN01oyo_8IXyaxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=7220626662911969000&adk=2515327513&idt=291&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:07:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
67818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11937
x-xss-protection
0
server
cafe
etag
9249472389583843189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 12:07:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 79F4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
305570
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
truncated
/ Frame 79F4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be47bc7f8267bfbe3794e5382273c3c2ca7aff938dc733b6589b0213b5f784e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0BAD 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
119362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0BAD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
23046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 00:33:52 GMT
index.html
s0.2mdn.net/sadbundle/6764783864924189503/ Frame 11A2 		116 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00207e5ef7753a1a13a155d469c582c0df746a56540b9c3e02a91b2113b00df6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
29566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21222
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 22:45:12 GMT
expires
Tue, 03 Dec 2024 22:45:12 GMT
last-modified
Mon, 07 Mar 2022 09:37:37 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 79F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssO43eSDf0R8cO-tPRYyzFlbj2o_Y8Mwx6SRzPVKAlSiDG71ra48al9FjV0r9Ji1i5oovSK0LuIyTEQx2XfJYX9kF7hXYhgyTK_Xv0a5RA7eyez4fxgwktdfBmYT1eTtZ7E9qpPgyIJsTEI6gMXTt2hOLTshOgTJ3zX9Le5UgLrgpZmjCn8ybe0zO5cHLPs2rkRD8w-aWzhNQkILWTL2zgARc64dhDMyw7B-EJ5k8GI0P79Zr_rwZ54vgcceYbIKf_tvT8qpYHWZzBfTEKbXyasHH6AsDvxqVJf3K-W-c3F9eFyvJ9HMpSl2Qb8y__cblKZ0DwsNsRoBAWJ9u_-Rh2aqCSlepxIpwRDN9jj-WFmnBtsCcpZ_CpI2oh0qMIf9W-EeF5_ijd-UJPoi2SP8jnuYXJKrDvxa8PYmZOY91_bKwqQz6lby5qvvXJ_mCH2flYTKF7WzyKoyPCJwRnD_-r5lJcC4yz2Rj_g1DvRlioUuqFEZX3C4BcEoLDEgX2u8DX9a-f4tG6FYCQYU9AivnINVbwav_d5qma16BU8XVXzKGuED5qvtHULPLMP3wI5SEyCiIDmUFIpuTS7_IIxLEOP_n3_Ml4jblyWRY6cJBtf9BuqDCqO_2aJJyMz5n41ytlJjVfDeRhviz6ayIQw3es8N7CEWE5Xia7gTbUjs-jg9wVD6BD2yx8DAeUq7KpeZuK52cmduwdfi6O0_h5tMjr---5Kq5jMY4CQEklo_v5EHKxhYNpQK0EL1CLq3on2FM3H9zFg6RSNZnMxNGnIK4PjlvjSJKsHBxqu_pImlFodAUd2q9Vr6FUirh6rYRiPQyDbXkFCar-BQYyOVheC75nMHmNSxpXhnE31WM1_jlJPEAnq129i1Y7Sinpo32O07xvywX8WudY0bFuN663GSBE1sgZNqA6UDtlsvcNsejrNtljoqkJ76OGKMxLMFpuqekHhynn1sDI667Lq3GHdvxboySfzZikw_SCJYtcsD4BxxR7qaivm6_e-mMzG41zB75v0tuY8svTa3_FDWEXUTB86xxlGHyubjle-GJn45minn7QtymGq35tZvmIlcVM6LUIwLCreQfpsKRXMQCZdhkw_Gg8dc3VQADAuB_qpaeK3GbMx4U-PORQqjWP3QX9cYu5Ar8cs8xeWXB_Ss80VCQ2WCaKFvAOgKBXyDJDVAmbJgO3TDlFV7r7CI3SklCN51Kbl8QC4itJHP6Rs7VZ3KysTwagmSEj2SlALw0BogommVp-eyH5dx_Ncchr_y7yp3z6mOD0EwEhxhyqfb-6FY3cZO40JEpbFlAelTD3xCwaYEa6ZzB14v44i1XzgjsZw1HX6LLaokM-vuY5oVKrrdaKNq0HL5KKrJK2mG1KXEQSBJucTKdRkTOz8SA3M2qPJt4bXcqv-Sx5E38iI4rmBiEVcS1iRa6S7NBM1RBQtyp8l6nnrvQ2MfDzmstXFGticpHzkTezMXdqDI1swHD36ng&sai=AMfl-YQdYl5w0POIQ7ce8OUB_E9cmc21qOXY5MEK7NEuv4Fc0rZHEHczRhtT5ElRA_T3PhcpEU0T3HEKRhZRtRyn3u_GR0aZlIJ87s27PX4aYvMrROgq18VOYXV6x8LxqyygfWiOWohjYsZtSnJm5CdW9llho1Kz13sDByZdCxYFVqQRtIeLkwUuyUkUaqOevONcWhWCn4DIgamWkf-nlnMPRl6P8f5rBAiRk4y3Miki_FfWZEb8NPAG7Eu4V-o5B_LasvEAWxNXRlhLGSFwZ0Qv-emAa9im1IpXbfDDHC3cQRpFiYEpshCaoyERHwwVsA&sig=Cg0ArKJSzIXhUX9V5wXNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=259&cisv=r20231130.71555&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 06:57:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 79F4
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634092/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_9sluZderDsLAjuwPgaC9gAk&cbFunctionName=goog_wrapCb_9sluZderDsLAjuwPgaC9gAk&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_9sluZderDsLAjuwPgaC9gAk&cbFunctionName=goog_wrapCb_9sluZderDsLAjuwPgaC9gAk&true_pb=
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2440:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id
4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding
gzip
via
1.1 a7922bb75420f6c3485eed5adcb99ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
age
39834
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 04 Dec 2023 19:54:03 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
93goso8ggZ1bfGZHhBpOfCC_fHAOI5oJNsRk318YtfjIKzI7RIA1KA==

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
nginx
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_9sluZderDsLAjuwPgaC9gAk&cbFunctionName=goog_wrapCb_9sluZderDsLAjuwPgaC9gAk&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3EF4 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 00:45:54 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 a7922bb75420f6c3485eed5adcb99ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
age
11859124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
9DiqOfkF7TuvV7OjcPsu85jxwTZG7mTLGmywkXO700HJy42spJlOEQ==
dt
dt.adsafeprotected.com/ Frame 79F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=765b10b7-4bc3-b5c9-a1a3-c93f5c6bde09&tv=%7Bc:vU2Stz,pingTime:-3,time:36,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:36,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1*.990511-61634092%7C1c11%7C1c12%7C1c13,idMap:1c1*,rmeas:1,rend:0,renddet:DIV,siq:16%7D&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 79F4 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=765b10b7-4bc3-b5c9-a1a3-c93f5c6bde09&tv=%7Bc:vU2StA,pingTime:-6,time:37,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:37,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1*.990511-61634092%7C1c11%7C1c12%7C1c13,idMap:1c1*,rmeas:1,rend:0,renddet:DIV,siq:16%7D&tpiLookup=ao:www.ukr.net*%2C2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com*&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BAD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkZXb9sluZderDsLAjuwPgaC9gAkAAAAAOAHgBAI&bg=!QUKlQg3NAAY3kmNgF5I7ADQBe5WfOAGCfIWwKdDbaYealZaC_2EFncG8VemjcYC5PuWnfjGLZuh__9a5tJhxU2Bc49zpAgAAAFBSAAAAAmgBBwoACwN69j7PLrZ4KCoKmQNW69tbs2s6tsLbt8aEPjYAPCtBGzEv31zbx9qy_mImBM8iujWNeCwaYs0A5FZmPh-l_lR_c4PnRBOU6m88hEltI7PfguaqdSTGghj-RoCO5XigaELvXKfHjSJem_LKv-Cm5wj0rWFwN6I7aIqDb_TMD5BAnHe2F5SfiiYl5aNzmYAUlV9gM9MEsphwVhwJEL5UvlCCdpuYXqXr6l2AvNc75fprThf87BA9NYvomhkgnuRPOGMNmT-VwQoVGHbYnw3y0sx-I2oRpNQwtX7Dc-MQfCUzTMSaFlyJ-eA3ZqW672Pj7QbyBLlBHBA2qAY3vt6m7VDXOTJZXV9evvaet-1RNTEWl3_41L2_HZ80L9EdhOvgRxQXGoKwxs-41dBol6T992Lk8Gt6crCcX6Rs6q6M-LGS6i2DTULHyM-bChoJ3zMhz-2m2DRSB_VOpDF_fbeMfbFVH1eCBGBy5DHLHDz0qe3ufwxFp8saXtsXWu0Z8KVxgn4XMyxnxU1pghNcUEaGaexahP8Kw-1mFGHXlIg9ScophHByfcJjP2zA-7IibKDkdWfXHpTsqAYizXUXE_QQ_CW7xzpT8dQv3Jl9BdL8Cbjl4ak5W4GHOrd8zq5nJ7Kou9Gij691oYLxAwNJlMfYhajkFDGfqEeDDJkCqOtnUP4IHjArAj8AxMAvBGhNDuDRxHUjvVQU2_N0bm-Cd8RKEtMkBNvOT9zS5ZsNVei7sdinZC1853YWYl1R_x_LB6Bh2d-h4Jwxdcyih21r320mg5Lkut69stZ62x7OtppKvj1k1UEKfIw7m1P1yv_Uyy8V7TwPBwr3NO_bKHBRhFMO4djRqcK1H1H8fLtLvMoE4PU33JQYtyRvmz0bcQqFwCVRan1sfwKGjLn1BNj9DccBo3RQ_pxilFgOU2NOMEiO35ScQBFLWXEf8OQjzulexNllcVgQ8OWuSHn2GeeIwAFbzYXEp4Z_iQEO0fWOhmfHWr8kbri5YTRPQCGNf8PL34jkqL1CL6TXk7kHevshTnngMZSYt7zuMjHnnlTtwU_3j8k9FtgJ5W-Zx7TQzObjtBA4ncdGRC9qgZIaG65FAmHkmnkR2cvopf9MvpHDv-OTnJ6COSE9NHIbJLw97bXTLY-PaMzRLXU
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 79F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=765b10b7-4bc3-b5c9-a1a3-c93f5c6bde09&tv=%7Bc:vU2StD,pingTime:-2,time:40,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:757,beZ:758,mfA:760,cmA:760,inA:760,inZ:763,prA:763,prZ:770,si:773,poA:774,poZ:788,cmZ:788,mfZ:788,loA:794,loZ:795,ltA:797,ltZ:797%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1*.990511-61634092%7C1c11%7C1c12%7C1c13,idMap:1c1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:16,sinceFw:23,readyFired:true%7D&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
container.html
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 093F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Wed, 04 Dec 2024 06:57:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B60E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Wed, 04 Dec 2024 06:57:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8383 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:57 GMT
expires
Wed, 04 Dec 2024 06:57:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 11A2 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 15:16:12 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 093F 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Dec 2023 22:38:15 GMT
age
29983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Dec 2024 22:38:15 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 093F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 02 Dec 2023 08:33:14 GMT
age
253484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 01 Dec 2024 08:33:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 093F 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Dec 2023 13:32:53 GMT
age
62705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Dec 2024 13:32:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 093F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 01 Dec 2023 12:23:49 GMT
age
326049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Nov 2024 12:23:49 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 093F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 04 Dec 2023 22:38:15 GMT
age
29983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Dec 2024 22:38:15 GMT
css
fonts.googleapis.com/ Frame 093F 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 05:57:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 06:57:58 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 093F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 23:27:09 GMT
x-content-type-options
nosniff
server
cafe
age
27049
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3073
x-xss-protection
0
expires
Tue, 05 Dec 2023 23:27:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 093F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 21:48:36 GMT
x-content-type-options
nosniff
server
cafe
age
32962
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 05 Dec 2023 21:48:36 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4285 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXa2yf_b1rweTuywoMDFJKfgzoj97iglBmU5wpSJ9tlCy4ynjjS2tZYwwiLjiXkwE6jJ2vZ_LrhAnEgl-gS2wNM5uyQ3eOuwHh9JuCbfzKv_IqRhc9CcqHmuzPZ6KdVOFchwq_Yyg46KeTz-GpQh7NETRay97a9sHfDyQyZgzRdn1zBnlM
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:58 GMT
expires
Tue, 05 Dec 2023 06:57:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B60E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 06:57:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B60E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGVc9N1oy8hBuY_boIwydltLN8fAtdunmEkRQZRvTkszz3fYe9Pgx5_wth7cYPOrtUEy3qNuYtWhNi8WZa8J26CG8XHpeE2FUBmzVWvlbr4i4BydY
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B60E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
32251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B60E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
42982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:01:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B60E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 06:57:58 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 12AF 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVYVvu0ucmvNzUBBmnEo8y_II1QBtn3gOcOv2fpWNpJC0iujmvCwmLUV5J-5H6VMrnGKypcx-2PZfSEShRzTL55FINBvcIFeYF7N5RwCPhlROPMzKgMEyruNqH0tPPZr-t9xIqYMqrcJk-pEXG6En7PKkDXqPAMXKCEBl0XXoTN5UZwFEM
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 06:57:58 GMT
expires
Tue, 05 Dec 2023 06:57:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8383 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 06:57:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8383 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AvHcBBlkPwGgLaAV52o_vpos4W_SXlzXQap15LIb8BhUBNU8O2QvEgM7M_N0oHX3druIylfARrjKp21wSCRRgC5keacXmau53DQfXQw4EacgxG9Xw
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 8383 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
32251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 8383 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
42982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:01:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8383 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 06:57:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 79F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssO43eSDf0R8cO-tPRYyzFlbj2o_Y8Mwx6SRzPVKAlSiDG71ra48al9FjV0r9Ji1i5oovSK0LuIyTEQx2XfJYX9kF7hXYhgyTK_Xv0a5RA7eyez4fxgwktdfBmYT1eTtZ7E9qpPgyIJsTEI6gMXTt2hOLTshOgTJ3zX9Le5UgLrgpZmjCn8ybe0zO5cHLPs2rkRD8w-aWzhNQkILWTL2zgARc64dhDMyw7B-EJ5k8GI0P79Zr_rwZ54vgcceYbIKf_tvT8qpYHWZzBfTEKbXyasHH6AsDvxqVJf3K-W-c3F9eFyvJ9HMpSl2Qb8y__cblKZ0DwsNsRoBAWJ9u_-Rh2aqCSlepxIpwRDN9jj-WFmnBtsCcpZ_CpI2oh0qMIf9W-EeF5_ijd-UJPoi2SP8jnuYXJKrDvxa8PYmZOY91_bKwqQz6lby5qvvXJ_mCH2flYTKF7WzyKoyPCJwRnD_-r5lJcC4yz2Rj_g1DvRlioUuqFEZX3C4BcEoLDEgX2u8DX9a-f4tG6FYCQYU9AivnINVbwav_d5qma16BU8XVXzKGuED5qvtHULPLMP3wI5SEyCiIDmUFIpuTS7_IIxLEOP_n3_Ml4jblyWRY6cJBtf9BuqDCqO_2aJJyMz5n41ytlJjVfDeRhviz6ayIQw3es8N7CEWE5Xia7gTbUjs-jg9wVD6BD2yx8DAeUq7KpeZuK52cmduwdfi6O0_h5tMjr---5Kq5jMY4CQEklo_v5EHKxhYNpQK0EL1CLq3on2FM3H9zFg6RSNZnMxNGnIK4PjlvjSJKsHBxqu_pImlFodAUd2q9Vr6FUirh6rYRiPQyDbXkFCar-BQYyOVheC75nMHmNSxpXhnE31WM1_jlJPEAnq129i1Y7Sinpo32O07xvywX8WudY0bFuN663GSBE1sgZNqA6UDtlsvcNsejrNtljoqkJ76OGKMxLMFpuqekHhynn1sDI667Lq3GHdvxboySfzZikw_SCJYtcsD4BxxR7qaivm6_e-mMzG41zB75v0tuY8svTa3_FDWEXUTB86xxlGHyubjle-GJn45minn7QtymGq35tZvmIlcVM6LUIwLCreQfpsKRXMQCZdhkw_Gg8dc3VQADAuB_qpaeK3GbMx4U-PORQqjWP3QX9cYu5Ar8cs8xeWXB_Ss80VCQ2WCaKFvAOgKBXyDJDVAmbJgO3TDlFV7r7CI3SklCN51Kbl8QC4itJHP6Rs7VZ3KysTwagmSEj2SlALw0BogommVp-eyH5dx_Ncchr_y7yp3z6mOD0EwEhxhyqfb-6FY3cZO40JEpbFlAelTD3xCwaYEa6ZzB14v44i1XzgjsZw1HX6LLaokM-vuY5oVKrrdaKNq0HL5KKrJK2mG1KXEQSBJucTKdRkTOz8SA3M2qPJt4bXcqv-Sx5E38iI4rmBiEVcS1iRa6S7NBM1RBQtyp8l6nnrvQ2MfDzmstXFGticpHzkTezMXdqDI1swHD36ng&sai=AMfl-YQdYl5w0POIQ7ce8OUB_E9cmc21qOXY5MEK7NEuv4Fc0rZHEHczRhtT5ElRA_T3PhcpEU0T3HEKRhZRtRyn3u_GR0aZlIJ87s27PX4aYvMrROgq18VOYXV6x8LxqyygfWiOWohjYsZtSnJm5CdW9llho1Kz13sDByZdCxYFVqQRtIeLkwUuyUkUaqOevONcWhWCn4DIgamWkf-nlnMPRl6P8f5rBAiRk4y3Miki_FfWZEb8NPAG7Eu4V-o5B_LasvEAWxNXRlhLGSFwZ0Qv-emAa9im1IpXbfDDHC3cQRpFiYEpshCaoyERHwwVsA&sig=Cg0ArKJSzIXhUX9V5wXNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=503&vt=11&dtpt=242&dett=3&cstd=259&cisv=r20231130.71555&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame 11A2 		1 KB
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
603
x-xss-protection
0
last-modified
Tue, 27 Nov 2018 13:48:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:07:44 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 11A2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:07:10 GMT
head2_family_mob.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 11A2 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_family_mob.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9e6ed62d5ff953eb0b609a2970f0734f80b70522e0a4af2a93d870807520ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3094
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 07:48:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 06:58:07 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 11A2 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
887
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 06:58:11 GMT
familienzeit_mob.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 11A2 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/familienzeit_mob.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
846a93669a4bb91146f245de74a56312277a94e07ac74721056459bcc8035aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1278
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 07:48:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:12:46 GMT
mob_300x50_kv.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 11A2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/mob_300x50_kv.jpg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cd8f70ac868a2ef49819dc1322632684738fae890caa93b11118f01ade0fa9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:52:22 GMT
x-content-type-options
nosniff
age
336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22587
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 07:48:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:07:22 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/1989662620779676084/ Frame 093F 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1989662620779676084/2076313506083323656
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f012661914947909dc3d2aeeac3fdf260f0b94c74ad0321c7fc5e2e42e5c7959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 16:06:05 GMT
x-content-type-options
nosniff
age
53513
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38948
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 05:40:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Dec 2024 16:06:05 GMT
truncated
/ Frame 093F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 093F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c20ab166b5d83ae5f50545536fad6e1c0af8fb77d2bf10086470049fb188323

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 093F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
310717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 16:39:21 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 093F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 03:15:52 GMT
x-content-type-options
nosniff
age
13326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 03:15:52 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
47a4b754222d5c0d359defa72a305b7de523e964a95096d049cfcc70d380384f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://www.ukr.net
date
Tue, 05 Dec 2023 06:57:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame 4285
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
43 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXa2yf_b1rweTuywoMDFJKfgzoj97iglBmU5wpSJ9tlCy4ynjjS2tZYwwiLjiXkwE6jJ2vZ_LrhAnEgl-gS2wNM5uyQ3eOuwHh9JuCbfzKv_IqRhc9CcqHmuzPZ6KdVOFchwq_Yyg46KeTz-GpQh7NETRay97a9sHfDyQyZgzRdn1zBnlM
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcf36ZKVwAVj2zS86NBYJcNM1sdElYUA0X%2BSaQzi40Kstli5neWv%2Fny%2BAIyBNZn05nKEj7tAGNrgEjbCRFkrRJEOrV7%2FMSVjSGErCo16Vf8AGBpQQ064hALg511GIWqLnsIEWZb3oIBbZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e7d9d324ef-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4285
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7J9ThIhiur-uDaCl5S8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXa2yf_b1rweTuywoMDFJKfgzoj97iglBmU5wpSJ9tlCy4ynjjS2tZYwwiLjiXkwE6jJ2vZ_LrhAnEgl-gS2wNM5uyQ3eOuwHh9JuCbfzKv_IqRhc9CcqHmuzPZ6KdVOFchwq_Yyg46KeTz-GpQh7NETRay97a9sHfDyQyZgzRdn1zBnlM
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SK%2BFs8FJLlHtCwK68WA9Wbc%2FFEVBQkyAGiZoH4XTIP79GRVBffBDDFkeczSoQpJQGrPxaDfUiNfVJdvc7aPoGhWAiqyuiTx3hXsd2XBTT6pCAFk%2BoRpHTiif8cUu8U1VcwV%2F49cP956WfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e84a1524ef-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4285
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXa2yf_b1rweTuywoMDFJKfgzoj97iglBmU5wpSJ9tlCy4ynjjS2tZYwwiLjiXkwE6jJ2vZ_LrhAnEgl-gS2wNM5uyQ3eOuwHh9JuCbfzKv_IqRhc9CcqHmuzPZ6KdVOFchwq_Yyg46KeTz-GpQh7NETRay97a9sHfDyQyZgzRdn1zBnlM
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
an-x-request-uuid
42569c76-a4b5-4210-acab-73bd5ad76c2c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4285
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXa2yf_b1rweTuywoMDFJKfgzoj97iglBmU5wpSJ9tlCy4ynjjS2tZYwwiLjiXkwE6jJ2vZ_LrhAnEgl-gS2wNM5uyQ3eOuwHh9JuCbfzKv_IqRhc9CcqHmuzPZ6KdVOFchwq_Yyg46KeTz-GpQh7NETRay97a9sHfDyQyZgzRdn1zBnlM
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
an-x-request-uuid
71e45974-548d-4084-ac47-6071f56a1923
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 093F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAkAm9cluZZywFo7l1PIPzNCHuQaKgdaqdKHQ1LmxEsWJiIjXQxABIIjZs5gBYJUCoAG4wqODA8gBCakCR_WBm4cusj7gAgCoAwHIAwqqBJcCT9AOWpf90h5u_Rhr2zUNoVtsaekge2Z0OdfLoFTPn9jNymt-8wbERVFpTD3QvGPAun9TMTVRn9j47TPuTJ3EKzXlLYpagICyhG4FadjYYH4PCKU2cPzTqwQqGKv8EpUUoEH7WQXD2umrD1-0FzJi_QzIclnrGpX-eIG67G7kqy15DnXonL2sRd0bCXwYmGRprXXRLmD6i9OiuM3Y0VXLpW0gjKbdJX49l9waw7ttMWQU-kUKSxUkRExkJUHm9sz58fLyhj0b7PwCZTSEGGeu6eZcWouqAaPMtUVg_4TpEFsALo4cY2e1LS-XdLHzmpdflIOyxtEptRvAi2jDUAql3EOirthOe2EIOB_wVRtWbaAvfEgA97pJwASogfuB2QTgBAGIBZOPvrNNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB86a_vAEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQnag70ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljpro-J3PeCA5oJUGh0dHBzOi8vd3d3LmxhbmRyb3Zlci5kZS9yYW5nZS1yb3Zlci9yYW5nZS1yb3Zlci1ldm9xdWUvaW5kZXguaHRtbD9nY2xzcmM9YXcuZHMmgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCIjoj4nc94IDFY4yVQgdTOghZ7gT5APYEwzQFQGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=jYN_yCOLQwQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNIu_P6I7R2nnhOrVBZxls1H7x-ws2igamv1qrqYF5Gyf1BhaQOZRIZnKenKwJdC8GcKeM04Qw_VYt2AS53cQnJGsTsC76II63-gkYAQ&template_id=484&cbvp=2
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 12AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVYVvu0ucmvNzUBBmnEo8y_II1QBtn3gOcOv2fpWNpJC0iujmvCwmLUV5J-5H6VMrnGKypcx-2PZfSEShRzTL55FINBvcIFeYF7N5RwCPhlROPMzKgMEyruNqH0tPPZr-t9xIqYMqrcJk-pEXG6En7PKkDXqPAMXKCEBl0XXoTN5UZwFEM
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSdvVSLYRJ02VKZk2EHpzkPM61GVHTp1MPx3WfnQZj60BDuipMGplz54Xi7KmgdV1fAOds2UYWSG%2BydxURcclgEazvve%2BXiUaYvdGUY79YgYqkLLvGoiGFo96MCncTRp7bV4rZdSTQw%2BNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e7d9d624ef-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 12AF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7J9ThIhiur-uDaCl5S8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVYVvu0ucmvNzUBBmnEo8y_II1QBtn3gOcOv2fpWNpJC0iujmvCwmLUV5J-5H6VMrnGKypcx-2PZfSEShRzTL55FINBvcIFeYF7N5RwCPhlROPMzKgMEyruNqH0tPPZr-t9xIqYMqrcJk-pEXG6En7PKkDXqPAMXKCEBl0XXoTN5UZwFEM
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8VzQypeKLiB0KrOR3MnQLuxweM0mdjKKzUkfg1S6H9VWE2Tze%2BArprAYqZbwVQtZWFrUboihOdl7LqyFKhYSEPgxdqZGwsyi%2Fca3MxxqHVQzRtdc%2BvJyV7lloPxrffQ3PKeEREpW0JovA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830a65e85a2724ef-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9bfQiuqea9S2n0KSGAzlg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 12AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVYVvu0ucmvNzUBBmnEo8y_II1QBtn3gOcOv2fpWNpJC0iujmvCwmLUV5J-5H6VMrnGKypcx-2PZfSEShRzTL55FINBvcIFeYF7N5RwCPhlROPMzKgMEyruNqH0tPPZr-t9xIqYMqrcJk-pEXG6En7PKkDXqPAMXKCEBl0XXoTN5UZwFEM
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
an-x-request-uuid
12858ffa-545e-4e9f-ab4a-65610456f069
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGpeaw_NQkGgKb4lFIvoTow&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 12AF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVYVvu0ucmvNzUBBmnEo8y_II1QBtn3gOcOv2fpWNpJC0iujmvCwmLUV5J-5H6VMrnGKypcx-2PZfSEShRzTL55FINBvcIFeYF7N5RwCPhlROPMzKgMEyruNqH0tPPZr-t9xIqYMqrcJk-pEXG6En7PKkDXqPAMXKCEBl0XXoTN5UZwFEM
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
an-x-request-uuid
c8a24626-5506-4c97-a2eb-6e3404594411
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwNjA3NzczMDU2NzY1NzAxNw%3D%3D
x-proxy-origin
82.199.130.37; 82.199.130.37; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B60E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1809710950369&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B60E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1809710950369&version=m202309260101&ct=76&x=1&cor=6437431762626664000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B60E 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZaZZctSmcYEo4FAZFzlTeAbSGWariuqV6Ksof1R2gOnwzLPtBhfYRobETdq0_XDGPc2GhszWDqwb7xMr3636F2Psqx8RujXbYvFB_78LyslZqsoi70u2PxE8mg8_Qn1HC-zy1yO2LN-V0cERflz2lAkemgFFehKGNvA_hI-nnv7F3n6k&dbm_d=AKAmf-CuaccSuTnKxHNjvSuzRf329Gaxl-oo-epilNrv8h3HWc2PI86mom6aFqDAM2Qop_tEwWs_2wEoDeSQAEPi9OUwZ6V5zCFuY-Kid_wH-8W5J-9FU-tDiJ4xlcEINOIthmm_jnK5znPfozPHFw7r7hE4Huuu8Doptvakx3QDa_Dee0L9plny1v2W0Vq8Ne28O242UeiRyYindyVf6-goGWMdatEfqOVwRC8uVvHnQDd8o2_erSHY8b6wWY-9VRr6B3q2wyOLEvsjjBvSHO0RFjwlJjWGdOKYyqH88cBFOOmHKgH9N-aWuPInJO4sNeJkt_da3RhhNoUb68f18ynMgJ1bCVPVypiWfyQhQIJos6BKOx4w5BWyrM3vg2Kvyu1VNnYS2ldMSEfkIVL_dblpmHYxiyYTZd3EoreqvyM-vCc3RU91r-2J_800qFsjzCPlGISqFxIadV17tf6J-6Qyo_Nz0hPU90Fp5fILLxTN5WG6cuhg5MQry-CgCX4mMUtSaZB_RMox05Juwo0OOo841EbSh6Tc2uMRUBzdUJ83eRELot5OAxpp_r1eduJwPH5AMFPcXhX6Ek97G9gBsRGx-ArjkL2wzLw1pgLfC9V21yOvy2lkV1Qz-NUkq-CbdLpHgkSnlYfrMVL7IHou_PAiomS2_TZkfSbW515oIpY1iiCjMebLz_DqTtROtc69SCXIhByW0HyxezFR-RD_k0rOx6lDezN31U0whmn4p1bfQQWH56ItZ0I9zvQgokI5mi3w_8TEmAgYOcFt4qsxiYMvW4qtSQU0-tsKU0L5Z-YSbrFEs4NJSfN7oxSJAN8bF9ZU0XDKQs1iiw3ceMdUsL_SiqYZAc4kO9vcOeZ8W1AxyBdT9X3hZSbT0FtwCm7-TZ4fxmL9zPBVu_rUOocgc9R6mEjjewFAhY1SklybwZXsmuVSNK7ZlvU79n_vw0Ki0uMjoWVMiDA4Xwb6Ua6oG8zjQPFYFjm0ibUftybVoAWrR_-iUozDhij59oZzw_sUNzRGawmCGNnFsxMMMYWAv-zpJrtdhgJL4pfmbqvYdcffG36_Xov6E5_n6yyH1K8Wxbuv-Jg7s5f-0NbsXLorhnalvh_lQvv6hq9LE0bi5lomjNeziTwVcRFjQOpGRWkkuVSXy--ttslFpUPhAD_dvT2c_xMeDgVPE1AqFk09LknQEH83Y7Lzk5WPv5yq-WsmrxZLH4egtf8fD_CJsz-G88M5rixn7bXmlbDsNx-kOFynvQpQCY0pCSBpDJvI8_dCdybGqXn2ful5bHH43xbcFAvM-CKUakCMEFBaRU-7JRsLk7lcvx75ROZZ7OYM1VOLS7sOfHMaKA6VYsH_ntWs64avHcrb_S9tQqYTvwAYNpOxwHCfPPsBrOu3PP7FZ3uxTvb11PKdx7hUsSlCa0px-wg5M3H55DIcr_slVRdfFKUHzNBsHFR3xvIeJiCIto7Tp22rVRFSorenKSYStMFG9UNPk5JvMy7JUOkImEldjdl-G6pDdG0u0N1uYVcK5ylJFQgt84Y0SPbCz0KaXW6f0iSoe2Zph4gJxN6G_lJVI7h7MoZmDhSPP5Xc_YGj06ebo2kPZkrKTD2mht72EQzy4zPgfY8nips244Qf6Ke1yPrgdXieVqbzX06PFokr9nrGve5zLzY9k2BDfS0n5BxEi_UUUnz06DZxFBlLAYk_-yuJXZTbc9o5qw14PWWBxdMnUbfv16uoBbqA6GjUaM_8BXbUBDTlYFSIbrcsL_VwN07uO17aq_9lxOIvWxgS09TmbeK2OHcnDNzQ7tHm4IHutRjeyCF4KQvpuO-GsPVBMmRB0yPGAdHMWCyTsirXoRxARDCmz81ZJ81A0DhSLP0qGPAug8nRk3dMt3nm83nn5lyNkZuUeiGfpFGlZU-WXCR54RIGGxPu7VI0E57Qibm-SfPR4Bx6Bbg8PfGzPV8Q-rLuPoKqPjdSRQ28fEVkSqPzR-pPt7Ub5n1uyHGhNJupKsy7_r44p87Vh5NOYn4ci42U0lwM1jTDmON6ANpyQcn5RhS8trMYgMbfsZ8Nn2_RCYoMmayFJmAL8GxtJGxpQmMArHO7f5GR-ot_Tb_5yJArqHTtbnK9LsZYY6Z25jYFCtTCW1ohjGS4rlgRB92O3_nOSsKPUz1gT5z4AouqurxRlR61DbMvQ882eebek_eLRVS8tSwRpTPCf5FCgqPMVSiojrEnEg9hzYDZLxQcOMhmHfnjbAxTiecA0e2bgYYV6rvu--R1ao-zx5BIvpAu1YoFyWt5opwTHrMre3b-tve8MVUfYBRv0ePED9fAxbbsxRkINPSMn42lqa7Iz4SN7Q-0W9l_GwMCKRfzREixkY-1kbF3TiC2Xx5XKGOzbOvuq5lOsEVlTei4ve4swMe2C76T7EzIcAXMQpSDjshNRymOVSSxxBr8xWhEPYpmS3brNeYZVbp6wKBlH1I3aUoGoZIG9vt2hT-43D0gGJSoMY5h1a3tBPdjik24QbicotG_8giHyGe395v_C7oo5ddXSNlLVjLqLTQLO2cNUbn9choSYWkpKktChgX8XG-8ekjuE3Kpob1gTZwzheZhQVxrRVCYz1c8XhF8UOZ_RJl63MoSaFoJy0yOUF_dl51QFtSzziTZorKn08irSpJzS0FDCq5mRJzpXmiQPJF8cTbA-DuhMtdNUEiFjdi1ibfEaIK5v-lfnrVHiIVwHrHKUp5NgEG-giXXO-onCEvfftqFmFhZXwvhOsVjPXbd-8IhGVGTG4qJv3GRSPgkWdbYkrYG0PcXE504vYheBx0vitk9WHSn-QIiBCSEYE15tSSgd4EsuRtmv4I5k7JDiAIpC51UY06WWM_7--Y--Qmeez0eqe_mMKZd6tpNn_vvXPP282KOibjok1rFA17KlCEBIHm4dBjiMegcqIW1-L7hPb4oRUaVjZaDz3wkdByqEnwlB59AeG0qis7jiMK4Tgbif4OdnrItRxF08_now72JRRnS8JZ00dzm2lVQ0Wf5k5rpEtjiVuTbGUrKLTenv3FQpiky8hmce-OZLQK9kJF9pqin3LBxKdyhc7uOzgt-kQvQ-bidHy2Zk-0kD1nVqp-1BjqusNw_lXlZf_Ib1tazAcxTK5wRFNdlLd5OYwFZoX6GCUnCAS-Gmblok53J9ZQwp7UHt5jFMAXUbS1qQpwz3IQOGNnWSovGiOtkJ2JfHAR0p7WkPv2IsZS8KPmYJ4K4e51MskZkFASEz5hNkITYOqqTtGTcD59QLVOQLX6maauXSIZl6t8mg322zSzwG4IXD76upDQVIWvOM2U6bj2NInlsUQPInDc5PoDn2znB3mtyqcXV6lZ2FD2Uj1UmAe18T8Gs22y0BJlaj591YN-FFwOLEmp7BuckHH_06lhmVUU5aHfLuVnF8DgyJz2NMUNTVetfLLamk1sqJBNLV4j-PvI4FnweioIGpgxvB_qVJ8cJVpg_wPwNH8x2LvaQfPZvAA6vJgw0iBXUYr5x_wQ1X3rO2DMh7w-YOuOoY6eWBgKBHKNQwhPw_o2hrWffg3jEhEIHtdbqxxTWM82ucCsN0yo0ETeJ8Hv1sYrGY1jdkV21sWIZBsfgXJVuGykbCtJlOZarRwzFrzi_9cf9__FTgF7a3VjGpd2e1kKbAuBpYXpSLzFvdU3V9fI07ZlOdfwqM_wc3ymloFRsi9gaY2sGFoKnReUVxfdA8KOixxONVvxkK04oOXKH_A3_Ie258OHKsOy4jeofj6YLiy8p3HGlyMRECCVjShfWxK55foF2a0r3W2Mv40kNCgePwWU9xS2P0htKRLv29vT07X3F2MChVvCWBwGiUBtRuwKCknVpxnJwjfhRgaDBlxouktaUGsDyJ3SCZKsyazjR6B3uxJY4SQNjuK0gWro6wiT4THoXhjag-fZAMQoQXNGS5d7WSw&cid=CAQSTwDICaaNIu_P6I7R2nnhOrVBZxls1H7x-ws2igamv1qrqYF5Gyf1BhaQOZRIZnKenKwJdC8GcKeM04Qw_VYt2AS53cQnJGsTsC76II63-gkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=6437431762626664000&adk=4188270524&idt=134&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
527976eab06dc865779ac3f83aa369f101271f682d390393f64f2efc0d5ac18b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42209
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8383 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5617672510572&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8383 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5617672510572&version=m202309260101&ct=76&x=1&cor=3475925953146068000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8383 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BP7-AfUlP_uvaOdOn1ZU0NlLaX14ue555TWkzY8524Wtdk9uPFGfDRi4-Z7j7bgW2RUZ5edmMp9_D5pzVWIbQFblckT0PcRyBAyyxqMSBrttse2p84fHQ30AeUFAPfhVCWC59naNtA4Wi2ZfrFeAL-xSYyag6uoVmzuYJAMrwZ-7M8GUY&dbm_d=AKAmf-CuVpSEYGE-L9o_WWP25Xk5cY_BBxMDogme3HSbUsPWCehEzvt1ybT0-sQpwVagMl-HJJN2fNTHX2lrMptib4LM9FxdWeDMEMsbFxUZf_N_eDb3wrn_n5vohFJU3AnXE6B1GjEFbzH7x4C4reIYARBxJnu6tNyrE2mQimP_mwDudra8pInjZ1cxaLg6BRFZf46F36xQy8hyLpQbk-bEkbyh5l4_RekmLOSZ2aCZTonnZjRmalgc9Yflmp2b-r-wSiPC5j8YzX48RtVj0__q8Dtuux4x3m60HXl8kYelcPs_zYnGLtNRMH8FeQ0iXjNZibwlL2z3uX9kbr01P-O3p9WAj0gQoQXcowYfZQXfeqMDks8YsvwNsZjoBXa4htWi-grXmvUuoIzv0Sc5XHMmEuCmKBm9-mf14nBeTKNUOJMCWLnlJ7ZioN5vqAq_qTt54UbMtsVnBCAI8yTFk9Q3um-45oHJBxh_34-ngu-frlKaxjZhpq5Hw96Z71nDOu1IAk6ybbHwmcepAmpWsqZMTF4E94oFrAgnuF2of-rj7cwLLqtP_OKOOZQx8JS-kyBRHGjAQPg8BFRO6zdJbJSQdRbhCgml431CVaTcDtbS66a7QvGSespUEeI5GHH1ybz86mFuwsdPtMcwKEwi9-2UdHk0XZQeBTy6y7hwRxWVBKhZfNogfGeZOmbh3Ax9NXDczextYxtXeLqrQOivypZpbZvGV4tkaiMI9E8IuSiEC3bbOBmufsNRq36QlGQtzFl6MSwZ1CWu9w01VPnU-O0ASBQxX-6M6j_MXoiMAbuOwpA_KBnezMFSzfCy3_VKmykwnqECogxdXEsxPj-6PXdGXFafXjPaUwyPTTgsbTkQH26pLOojeJaJYTB2ka3QnpVOUivc4BFTjrp89NSrzc2YORwPAQFTJJUizK4twqDGrzItw-rhvAszL70OUv28rOZghxfz24dFQkKWV3nuYHPU_a8gwIawm524KnSKhUd6rsIp2ormpQUE2-CgRhmQvux2T4ZyljN8CLZrDk6Mr9CetokLgQb51Bl7O0piTad0IBxoFeRpO9-YMOhOYDHHT9Xt5zrTr-FnN24MluNgsRBJkAyI_ESOE9yMg-xvRd6tPOJ48iKCQVUISQud_r7A3xftFOaJanyktDZcHvpQYL_GIRvGwgbiSOJFB4FMZjYht16P8pVJWRx3gPPctBv6JlXxPez3MLtEYQoruPSlEX4OHF2J1UKyxjYsu9LaNQxYRdjoRf9thpzDWx8AshaySp2g4yJZUpP0PxdLG2W1aEqvVir_RjjHh-rh5AgYN8NaAyOoJoj6s09IG5Khiemm80oQQPeTxiCoiXqYAaGnUSUrfgE2tRHtV6_QCMh-dD33y8-f8bgbuZouJ7GWrGMJZguzpMvAPkk5P4ZF9Pks1os7yJsyZjg9HCzJsqwxe6IjjkQtriP_sUTL7yas87ibZF-HxU86E8f3iHkT56ESvK7kELa3VoxEIJpd5LmTOh6xM8bKDjCVB3PrYyii4lrNvKLF1RhcuVCe-8ZYM2Lt4tM7CiDXk9JYnbhYlKgA_bo0LNhjm8A10XSBSW5AQM1QBKRHBr0oPP-LiTs0Pj9ZjMnyVvBdGQPyOzYDSUcK0nNTdc9sEGw8JE7jrLU2rqYvKc1eZuoBZUdSTOrJsuENRA_uW9ZTcreJ4E7ceDJaP2gVrlDb82MDdtbYXmQLk8dxf85Nps1P2kCj5XnNQGo0DEF15lrItYCHvTtvAdU3NbAhXY2FI0gAQotAcuACrE4_Pg97sFfTeEcfJdECnP-G75qX0s96PFcJvyxuF6NcVX99OQpStFiCVrFDDVvSL7K9Wx-XOsPNy7dibjlCWqAcAY14K1fX4Corew62sczKZdYa48L-8zGH-bsYZQFUgGbvbsxodDNO4XAR-SHtRV6Ig_dUws04ZK5oUvhnExrIzpueinAT7okKq3ZuGquVyaMGTMVv0FhsOZVB4a-uEDt_YVj7t71-HXQUXPTNhgxDNEN_IbRQN4ehh_c1PFIc6upRBsvIfNHUlorSsC2_w7T60mnNfhVcrQf4qTXt_FIompD0tjMtCSD4Yn5wl9Ef-LioM47SqTcwk28bUzqFjEuQrQCahPT79bj0odLS56fHdH2_y2Kvtg2yuaWPqELqkw5a-cn8GIydw4YFpO2oWWxEDojr0S6oCVRYGMqtRFl48-UcPaGuZHLfzdxnK2lU2FeAQ0A5F252uABWWzmnM8ts-UWaWc9bHoVVJ4W67DyXoG6rFAtLCUhT1WayajTG1nHp6qDYXjAeYV0Mm5Nbx5HkfWpvMLRJ7dv0zJd-t0ajoNm-zOgLHfEOUsSeQrZ-SUwoFn2jaJc88rRpzKn0ivDuvRnQwUKUXXxaPjt5bqwZ3hU1BR9BSxwRsKTPxIBoZlZjss7TCOlxFqLRpE866QZF3Km91bhVOr5oVXGnrBysOMDKMtN_J8caXe3BuyWfwVRo_WNAb9_yWiZqhS2aSvstF81K5lJfv5_5E7hYEFhFenx_O64YHkhBdzkrLcrdkMa-7aJuCtsq3Z3TlOXFJxbIBkaZBEmD49kZKCIP5XY1zgxYGJrijCBPti0Ap0ce3JFTx70dKZCJ9Yt_M6q1uNwicowHaq3XG-iBkOrbXBEnej5llntMrhqfKU4Nf4R5cjQDhi9D-XAPkde1Ivm-uy2hFk28TnNVMotmPEW3hZQKC8DTiztuOC6E7ftbTFGT1KlgfNdDBMBBHWLSjlU_m_yaOJ9JYo_F-t8Zc4T5vKtDmdFVgpN24CJplyd3_Yknc0Ms3vsQrAHxPBjmkmKsKm8rmrJ2jNQZTYuMvAJm-2bnuhSQp4UOmq4-0kWqKTu9zjH738VGi7PfXZu-d7OBIZTYAZRHMpA6MdgMn_2ijraplTBZtqhupzeKGSrdWIzph_kKhIzlTDw3NBZDavBjbYh8XNDRi08IPisYwnhouoFskhe1zaR6Fk3YB3hR-vezSbPeTcrXOgcrIzDmZgl8eurj_CrbpcMMvG4dcoyS0swfJ8U6y78VIkKvyDpmAtz-9lY51lR-FpnYyfHAsr0U-QvOeUZ3KdTCp7lpceH3FAYZjHXV7B-O1JkB8JhHVvLFfxGsJhT3cEAfCalBzj5UFZq-kbwQECkhfGjAoAplbsGO_KWmZdteHsd7eYpqsaPiXG71zH0jsFim1OBnJRie0ezspLWQmktCsBB24GJESaPbXGXcGy6pWmAt4TUgijm96yM0bwjjjChPVp_JckyinNmz30uqyKJ-tLRn0_ItzxnpVQ7TJk8xNLAFSyjtWi7NzlsSd2i_-7PKE76BYGqACIeSqkXw1eF5ucj1UmWS2CYe4v4jJGQH14O4m3alrbbe65WosV0cIcy8nUCb6GCSJ4pZEOsGUEeLAneTaqFwpmdDngv9lx24EOtIt_Nyk41Ef0p488Hr5OqTPoKJ60m7WTgKzSyplYRqn5_IGu0beJLcAAMmSASehmnh7J5637kilL8xr4zvf0e4KwtuXRpCsARlWtsrElf-cz_vQroL2XvmnLcR6z6wUAXO5MT1R5eTZOwqvZF2o5PxBwIIp9OjLVCshkGHyQs_T_3_uyWUcS1BEp2ERYeKIuiUrjiEsziRnRWjKAbkpmpyN_bGz1oNHFd5UyS8UsNG6pOm6f3vqCk6AE2ytMeiGvh0osDhi_fxhcPUtY8-FT6boeUQCSivMDHWm8PgBtFfHwHoH2QbP7xJCGp7ml76D3kXxUjxnGO5tJV4Kiqra1VLfGkKTWPD-CNx2RmffbbCPFQtkvBGTAryZ7kZ5O4VNjB2MSpZsq5dNbAuYk70IafurnTCjTn1Ncd62CF4xJRercEYxRDWxE107o9gg3qpFLSdLeDm4KujXWGPBL1GDmns0gXbwYQFL-W_AP2_gyrIs3S60w&cid=CAQSTwDICaaNIu_P6I7R2nnhOrVBZxls1H7x-ws2igamv1qrqYF5Gyf1BhaQOZRIZnKenKwJdC8GcKeM04Qw_VYt2AS53cQnJGsTsC76II63-gkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=3475925953146068000&adk=3037181501&idt=189&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
154e447356c50065694bc44aedab64cdff3792ebc5c817a59f56b51e6cc9480f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v3
id5-sync.com/gm/ 		319 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
83d30e5d0cdf92208d94c7dd2c80782b639a74479c2ad939a21d24a96dc039c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ukr.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ukr.net
date
Tue, 05 Dec 2023 06:57:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame B60E 		256 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJ0UDnCWWms0Ai9pZNdYyx
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.32.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-32-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2d9d34a9b0197c514c6ac30d03b7570274381845a415e859cad07864df32a1c9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B60E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39993
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 19:51:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame B60E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZaZZctSmcYEo4FAZFzlTeAbSGWariuqV6Ksof1R2gOnwzLPtBhfYRobETdq0_XDGPc2GhszWDqwb7xMr3636F2Psqx8RujXbYvFB_78LyslZqsoi70u2PxE8mg8_Qn1HC-zy1yO2LN-V0cERflz2lAkemgFFehKGNvA_hI-nnv7F3n6k&dbm_d=AKAmf-CuaccSuTnKxHNjvSuzRf329Gaxl-oo-epilNrv8h3HWc2PI86mom6aFqDAM2Qop_tEwWs_2wEoDeSQAEPi9OUwZ6V5zCFuY-Kid_wH-8W5J-9FU-tDiJ4xlcEINOIthmm_jnK5znPfozPHFw7r7hE4Huuu8Doptvakx3QDa_Dee0L9plny1v2W0Vq8Ne28O242UeiRyYindyVf6-goGWMdatEfqOVwRC8uVvHnQDd8o2_erSHY8b6wWY-9VRr6B3q2wyOLEvsjjBvSHO0RFjwlJjWGdOKYyqH88cBFOOmHKgH9N-aWuPInJO4sNeJkt_da3RhhNoUb68f18ynMgJ1bCVPVypiWfyQhQIJos6BKOx4w5BWyrM3vg2Kvyu1VNnYS2ldMSEfkIVL_dblpmHYxiyYTZd3EoreqvyM-vCc3RU91r-2J_800qFsjzCPlGISqFxIadV17tf6J-6Qyo_Nz0hPU90Fp5fILLxTN5WG6cuhg5MQry-CgCX4mMUtSaZB_RMox05Juwo0OOo841EbSh6Tc2uMRUBzdUJ83eRELot5OAxpp_r1eduJwPH5AMFPcXhX6Ek97G9gBsRGx-ArjkL2wzLw1pgLfC9V21yOvy2lkV1Qz-NUkq-CbdLpHgkSnlYfrMVL7IHou_PAiomS2_TZkfSbW515oIpY1iiCjMebLz_DqTtROtc69SCXIhByW0HyxezFR-RD_k0rOx6lDezN31U0whmn4p1bfQQWH56ItZ0I9zvQgokI5mi3w_8TEmAgYOcFt4qsxiYMvW4qtSQU0-tsKU0L5Z-YSbrFEs4NJSfN7oxSJAN8bF9ZU0XDKQs1iiw3ceMdUsL_SiqYZAc4kO9vcOeZ8W1AxyBdT9X3hZSbT0FtwCm7-TZ4fxmL9zPBVu_rUOocgc9R6mEjjewFAhY1SklybwZXsmuVSNK7ZlvU79n_vw0Ki0uMjoWVMiDA4Xwb6Ua6oG8zjQPFYFjm0ibUftybVoAWrR_-iUozDhij59oZzw_sUNzRGawmCGNnFsxMMMYWAv-zpJrtdhgJL4pfmbqvYdcffG36_Xov6E5_n6yyH1K8Wxbuv-Jg7s5f-0NbsXLorhnalvh_lQvv6hq9LE0bi5lomjNeziTwVcRFjQOpGRWkkuVSXy--ttslFpUPhAD_dvT2c_xMeDgVPE1AqFk09LknQEH83Y7Lzk5WPv5yq-WsmrxZLH4egtf8fD_CJsz-G88M5rixn7bXmlbDsNx-kOFynvQpQCY0pCSBpDJvI8_dCdybGqXn2ful5bHH43xbcFAvM-CKUakCMEFBaRU-7JRsLk7lcvx75ROZZ7OYM1VOLS7sOfHMaKA6VYsH_ntWs64avHcrb_S9tQqYTvwAYNpOxwHCfPPsBrOu3PP7FZ3uxTvb11PKdx7hUsSlCa0px-wg5M3H55DIcr_slVRdfFKUHzNBsHFR3xvIeJiCIto7Tp22rVRFSorenKSYStMFG9UNPk5JvMy7JUOkImEldjdl-G6pDdG0u0N1uYVcK5ylJFQgt84Y0SPbCz0KaXW6f0iSoe2Zph4gJxN6G_lJVI7h7MoZmDhSPP5Xc_YGj06ebo2kPZkrKTD2mht72EQzy4zPgfY8nips244Qf6Ke1yPrgdXieVqbzX06PFokr9nrGve5zLzY9k2BDfS0n5BxEi_UUUnz06DZxFBlLAYk_-yuJXZTbc9o5qw14PWWBxdMnUbfv16uoBbqA6GjUaM_8BXbUBDTlYFSIbrcsL_VwN07uO17aq_9lxOIvWxgS09TmbeK2OHcnDNzQ7tHm4IHutRjeyCF4KQvpuO-GsPVBMmRB0yPGAdHMWCyTsirXoRxARDCmz81ZJ81A0DhSLP0qGPAug8nRk3dMt3nm83nn5lyNkZuUeiGfpFGlZU-WXCR54RIGGxPu7VI0E57Qibm-SfPR4Bx6Bbg8PfGzPV8Q-rLuPoKqPjdSRQ28fEVkSqPzR-pPt7Ub5n1uyHGhNJupKsy7_r44p87Vh5NOYn4ci42U0lwM1jTDmON6ANpyQcn5RhS8trMYgMbfsZ8Nn2_RCYoMmayFJmAL8GxtJGxpQmMArHO7f5GR-ot_Tb_5yJArqHTtbnK9LsZYY6Z25jYFCtTCW1ohjGS4rlgRB92O3_nOSsKPUz1gT5z4AouqurxRlR61DbMvQ882eebek_eLRVS8tSwRpTPCf5FCgqPMVSiojrEnEg9hzYDZLxQcOMhmHfnjbAxTiecA0e2bgYYV6rvu--R1ao-zx5BIvpAu1YoFyWt5opwTHrMre3b-tve8MVUfYBRv0ePED9fAxbbsxRkINPSMn42lqa7Iz4SN7Q-0W9l_GwMCKRfzREixkY-1kbF3TiC2Xx5XKGOzbOvuq5lOsEVlTei4ve4swMe2C76T7EzIcAXMQpSDjshNRymOVSSxxBr8xWhEPYpmS3brNeYZVbp6wKBlH1I3aUoGoZIG9vt2hT-43D0gGJSoMY5h1a3tBPdjik24QbicotG_8giHyGe395v_C7oo5ddXSNlLVjLqLTQLO2cNUbn9choSYWkpKktChgX8XG-8ekjuE3Kpob1gTZwzheZhQVxrRVCYz1c8XhF8UOZ_RJl63MoSaFoJy0yOUF_dl51QFtSzziTZorKn08irSpJzS0FDCq5mRJzpXmiQPJF8cTbA-DuhMtdNUEiFjdi1ibfEaIK5v-lfnrVHiIVwHrHKUp5NgEG-giXXO-onCEvfftqFmFhZXwvhOsVjPXbd-8IhGVGTG4qJv3GRSPgkWdbYkrYG0PcXE504vYheBx0vitk9WHSn-QIiBCSEYE15tSSgd4EsuRtmv4I5k7JDiAIpC51UY06WWM_7--Y--Qmeez0eqe_mMKZd6tpNn_vvXPP282KOibjok1rFA17KlCEBIHm4dBjiMegcqIW1-L7hPb4oRUaVjZaDz3wkdByqEnwlB59AeG0qis7jiMK4Tgbif4OdnrItRxF08_now72JRRnS8JZ00dzm2lVQ0Wf5k5rpEtjiVuTbGUrKLTenv3FQpiky8hmce-OZLQK9kJF9pqin3LBxKdyhc7uOzgt-kQvQ-bidHy2Zk-0kD1nVqp-1BjqusNw_lXlZf_Ib1tazAcxTK5wRFNdlLd5OYwFZoX6GCUnCAS-Gmblok53J9ZQwp7UHt5jFMAXUbS1qQpwz3IQOGNnWSovGiOtkJ2JfHAR0p7WkPv2IsZS8KPmYJ4K4e51MskZkFASEz5hNkITYOqqTtGTcD59QLVOQLX6maauXSIZl6t8mg322zSzwG4IXD76upDQVIWvOM2U6bj2NInlsUQPInDc5PoDn2znB3mtyqcXV6lZ2FD2Uj1UmAe18T8Gs22y0BJlaj591YN-FFwOLEmp7BuckHH_06lhmVUU5aHfLuVnF8DgyJz2NMUNTVetfLLamk1sqJBNLV4j-PvI4FnweioIGpgxvB_qVJ8cJVpg_wPwNH8x2LvaQfPZvAA6vJgw0iBXUYr5x_wQ1X3rO2DMh7w-YOuOoY6eWBgKBHKNQwhPw_o2hrWffg3jEhEIHtdbqxxTWM82ucCsN0yo0ETeJ8Hv1sYrGY1jdkV21sWIZBsfgXJVuGykbCtJlOZarRwzFrzi_9cf9__FTgF7a3VjGpd2e1kKbAuBpYXpSLzFvdU3V9fI07ZlOdfwqM_wc3ymloFRsi9gaY2sGFoKnReUVxfdA8KOixxONVvxkK04oOXKH_A3_Ie258OHKsOy4jeofj6YLiy8p3HGlyMRECCVjShfWxK55foF2a0r3W2Mv40kNCgePwWU9xS2P0htKRLv29vT07X3F2MChVvCWBwGiUBtRuwKCknVpxnJwjfhRgaDBlxouktaUGsDyJ3SCZKsyazjR6B3uxJY4SQNjuK0gWro6wiT4THoXhjag-fZAMQoQXNGS5d7WSw&cid=CAQSTwDICaaNIu_P6I7R2nnhOrVBZxls1H7x-ws2igamv1qrqYF5Gyf1BhaQOZRIZnKenKwJdC8GcKeM04Qw_VYt2AS53cQnJGsTsC76II63-gkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=6437431762626664000&adk=4188270524&idt=134&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
42767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:05:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame B60E 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZaZZctSmcYEo4FAZFzlTeAbSGWariuqV6Ksof1R2gOnwzLPtBhfYRobETdq0_XDGPc2GhszWDqwb7xMr3636F2Psqx8RujXbYvFB_78LyslZqsoi70u2PxE8mg8_Qn1HC-zy1yO2LN-V0cERflz2lAkemgFFehKGNvA_hI-nnv7F3n6k&dbm_d=AKAmf-CuaccSuTnKxHNjvSuzRf329Gaxl-oo-epilNrv8h3HWc2PI86mom6aFqDAM2Qop_tEwWs_2wEoDeSQAEPi9OUwZ6V5zCFuY-Kid_wH-8W5J-9FU-tDiJ4xlcEINOIthmm_jnK5znPfozPHFw7r7hE4Huuu8Doptvakx3QDa_Dee0L9plny1v2W0Vq8Ne28O242UeiRyYindyVf6-goGWMdatEfqOVwRC8uVvHnQDd8o2_erSHY8b6wWY-9VRr6B3q2wyOLEvsjjBvSHO0RFjwlJjWGdOKYyqH88cBFOOmHKgH9N-aWuPInJO4sNeJkt_da3RhhNoUb68f18ynMgJ1bCVPVypiWfyQhQIJos6BKOx4w5BWyrM3vg2Kvyu1VNnYS2ldMSEfkIVL_dblpmHYxiyYTZd3EoreqvyM-vCc3RU91r-2J_800qFsjzCPlGISqFxIadV17tf6J-6Qyo_Nz0hPU90Fp5fILLxTN5WG6cuhg5MQry-CgCX4mMUtSaZB_RMox05Juwo0OOo841EbSh6Tc2uMRUBzdUJ83eRELot5OAxpp_r1eduJwPH5AMFPcXhX6Ek97G9gBsRGx-ArjkL2wzLw1pgLfC9V21yOvy2lkV1Qz-NUkq-CbdLpHgkSnlYfrMVL7IHou_PAiomS2_TZkfSbW515oIpY1iiCjMebLz_DqTtROtc69SCXIhByW0HyxezFR-RD_k0rOx6lDezN31U0whmn4p1bfQQWH56ItZ0I9zvQgokI5mi3w_8TEmAgYOcFt4qsxiYMvW4qtSQU0-tsKU0L5Z-YSbrFEs4NJSfN7oxSJAN8bF9ZU0XDKQs1iiw3ceMdUsL_SiqYZAc4kO9vcOeZ8W1AxyBdT9X3hZSbT0FtwCm7-TZ4fxmL9zPBVu_rUOocgc9R6mEjjewFAhY1SklybwZXsmuVSNK7ZlvU79n_vw0Ki0uMjoWVMiDA4Xwb6Ua6oG8zjQPFYFjm0ibUftybVoAWrR_-iUozDhij59oZzw_sUNzRGawmCGNnFsxMMMYWAv-zpJrtdhgJL4pfmbqvYdcffG36_Xov6E5_n6yyH1K8Wxbuv-Jg7s5f-0NbsXLorhnalvh_lQvv6hq9LE0bi5lomjNeziTwVcRFjQOpGRWkkuVSXy--ttslFpUPhAD_dvT2c_xMeDgVPE1AqFk09LknQEH83Y7Lzk5WPv5yq-WsmrxZLH4egtf8fD_CJsz-G88M5rixn7bXmlbDsNx-kOFynvQpQCY0pCSBpDJvI8_dCdybGqXn2ful5bHH43xbcFAvM-CKUakCMEFBaRU-7JRsLk7lcvx75ROZZ7OYM1VOLS7sOfHMaKA6VYsH_ntWs64avHcrb_S9tQqYTvwAYNpOxwHCfPPsBrOu3PP7FZ3uxTvb11PKdx7hUsSlCa0px-wg5M3H55DIcr_slVRdfFKUHzNBsHFR3xvIeJiCIto7Tp22rVRFSorenKSYStMFG9UNPk5JvMy7JUOkImEldjdl-G6pDdG0u0N1uYVcK5ylJFQgt84Y0SPbCz0KaXW6f0iSoe2Zph4gJxN6G_lJVI7h7MoZmDhSPP5Xc_YGj06ebo2kPZkrKTD2mht72EQzy4zPgfY8nips244Qf6Ke1yPrgdXieVqbzX06PFokr9nrGve5zLzY9k2BDfS0n5BxEi_UUUnz06DZxFBlLAYk_-yuJXZTbc9o5qw14PWWBxdMnUbfv16uoBbqA6GjUaM_8BXbUBDTlYFSIbrcsL_VwN07uO17aq_9lxOIvWxgS09TmbeK2OHcnDNzQ7tHm4IHutRjeyCF4KQvpuO-GsPVBMmRB0yPGAdHMWCyTsirXoRxARDCmz81ZJ81A0DhSLP0qGPAug8nRk3dMt3nm83nn5lyNkZuUeiGfpFGlZU-WXCR54RIGGxPu7VI0E57Qibm-SfPR4Bx6Bbg8PfGzPV8Q-rLuPoKqPjdSRQ28fEVkSqPzR-pPt7Ub5n1uyHGhNJupKsy7_r44p87Vh5NOYn4ci42U0lwM1jTDmON6ANpyQcn5RhS8trMYgMbfsZ8Nn2_RCYoMmayFJmAL8GxtJGxpQmMArHO7f5GR-ot_Tb_5yJArqHTtbnK9LsZYY6Z25jYFCtTCW1ohjGS4rlgRB92O3_nOSsKPUz1gT5z4AouqurxRlR61DbMvQ882eebek_eLRVS8tSwRpTPCf5FCgqPMVSiojrEnEg9hzYDZLxQcOMhmHfnjbAxTiecA0e2bgYYV6rvu--R1ao-zx5BIvpAu1YoFyWt5opwTHrMre3b-tve8MVUfYBRv0ePED9fAxbbsxRkINPSMn42lqa7Iz4SN7Q-0W9l_GwMCKRfzREixkY-1kbF3TiC2Xx5XKGOzbOvuq5lOsEVlTei4ve4swMe2C76T7EzIcAXMQpSDjshNRymOVSSxxBr8xWhEPYpmS3brNeYZVbp6wKBlH1I3aUoGoZIG9vt2hT-43D0gGJSoMY5h1a3tBPdjik24QbicotG_8giHyGe395v_C7oo5ddXSNlLVjLqLTQLO2cNUbn9choSYWkpKktChgX8XG-8ekjuE3Kpob1gTZwzheZhQVxrRVCYz1c8XhF8UOZ_RJl63MoSaFoJy0yOUF_dl51QFtSzziTZorKn08irSpJzS0FDCq5mRJzpXmiQPJF8cTbA-DuhMtdNUEiFjdi1ibfEaIK5v-lfnrVHiIVwHrHKUp5NgEG-giXXO-onCEvfftqFmFhZXwvhOsVjPXbd-8IhGVGTG4qJv3GRSPgkWdbYkrYG0PcXE504vYheBx0vitk9WHSn-QIiBCSEYE15tSSgd4EsuRtmv4I5k7JDiAIpC51UY06WWM_7--Y--Qmeez0eqe_mMKZd6tpNn_vvXPP282KOibjok1rFA17KlCEBIHm4dBjiMegcqIW1-L7hPb4oRUaVjZaDz3wkdByqEnwlB59AeG0qis7jiMK4Tgbif4OdnrItRxF08_now72JRRnS8JZ00dzm2lVQ0Wf5k5rpEtjiVuTbGUrKLTenv3FQpiky8hmce-OZLQK9kJF9pqin3LBxKdyhc7uOzgt-kQvQ-bidHy2Zk-0kD1nVqp-1BjqusNw_lXlZf_Ib1tazAcxTK5wRFNdlLd5OYwFZoX6GCUnCAS-Gmblok53J9ZQwp7UHt5jFMAXUbS1qQpwz3IQOGNnWSovGiOtkJ2JfHAR0p7WkPv2IsZS8KPmYJ4K4e51MskZkFASEz5hNkITYOqqTtGTcD59QLVOQLX6maauXSIZl6t8mg322zSzwG4IXD76upDQVIWvOM2U6bj2NInlsUQPInDc5PoDn2znB3mtyqcXV6lZ2FD2Uj1UmAe18T8Gs22y0BJlaj591YN-FFwOLEmp7BuckHH_06lhmVUU5aHfLuVnF8DgyJz2NMUNTVetfLLamk1sqJBNLV4j-PvI4FnweioIGpgxvB_qVJ8cJVpg_wPwNH8x2LvaQfPZvAA6vJgw0iBXUYr5x_wQ1X3rO2DMh7w-YOuOoY6eWBgKBHKNQwhPw_o2hrWffg3jEhEIHtdbqxxTWM82ucCsN0yo0ETeJ8Hv1sYrGY1jdkV21sWIZBsfgXJVuGykbCtJlOZarRwzFrzi_9cf9__FTgF7a3VjGpd2e1kKbAuBpYXpSLzFvdU3V9fI07ZlOdfwqM_wc3ymloFRsi9gaY2sGFoKnReUVxfdA8KOixxONVvxkK04oOXKH_A3_Ie258OHKsOy4jeofj6YLiy8p3HGlyMRECCVjShfWxK55foF2a0r3W2Mv40kNCgePwWU9xS2P0htKRLv29vT07X3F2MChVvCWBwGiUBtRuwKCknVpxnJwjfhRgaDBlxouktaUGsDyJ3SCZKsyazjR6B3uxJY4SQNjuK0gWro6wiT4THoXhjag-fZAMQoQXNGS5d7WSw&cid=CAQSTwDICaaNIu_P6I7R2nnhOrVBZxls1H7x-ws2igamv1qrqYF5Gyf1BhaQOZRIZnKenKwJdC8GcKeM04Qw_VYt2AS53cQnJGsTsC76II63-gkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=6437431762626664000&adk=4188270524&idt=134&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:07:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
67819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11937
x-xss-protection
0
server
cafe
etag
9249472389583843189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 12:07:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B60E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
305571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
truncated
/ Frame B60E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5eab17df4b0ea5b59b953468f6ec01af82e956f0aa9c26dac495cedcd84ddd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 8383 		256 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hrUrhvOy7IUkc9ZCb-baSc
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.32.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-32-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4d67462416b2a1f8a959a96ed00d3ab8c783cd640ccc8d0e8d863bc1af229a1e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8383 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Origin
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39993
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 19:51:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 8383 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BP7-AfUlP_uvaOdOn1ZU0NlLaX14ue555TWkzY8524Wtdk9uPFGfDRi4-Z7j7bgW2RUZ5edmMp9_D5pzVWIbQFblckT0PcRyBAyyxqMSBrttse2p84fHQ30AeUFAPfhVCWC59naNtA4Wi2ZfrFeAL-xSYyag6uoVmzuYJAMrwZ-7M8GUY&dbm_d=AKAmf-CuVpSEYGE-L9o_WWP25Xk5cY_BBxMDogme3HSbUsPWCehEzvt1ybT0-sQpwVagMl-HJJN2fNTHX2lrMptib4LM9FxdWeDMEMsbFxUZf_N_eDb3wrn_n5vohFJU3AnXE6B1GjEFbzH7x4C4reIYARBxJnu6tNyrE2mQimP_mwDudra8pInjZ1cxaLg6BRFZf46F36xQy8hyLpQbk-bEkbyh5l4_RekmLOSZ2aCZTonnZjRmalgc9Yflmp2b-r-wSiPC5j8YzX48RtVj0__q8Dtuux4x3m60HXl8kYelcPs_zYnGLtNRMH8FeQ0iXjNZibwlL2z3uX9kbr01P-O3p9WAj0gQoQXcowYfZQXfeqMDks8YsvwNsZjoBXa4htWi-grXmvUuoIzv0Sc5XHMmEuCmKBm9-mf14nBeTKNUOJMCWLnlJ7ZioN5vqAq_qTt54UbMtsVnBCAI8yTFk9Q3um-45oHJBxh_34-ngu-frlKaxjZhpq5Hw96Z71nDOu1IAk6ybbHwmcepAmpWsqZMTF4E94oFrAgnuF2of-rj7cwLLqtP_OKOOZQx8JS-kyBRHGjAQPg8BFRO6zdJbJSQdRbhCgml431CVaTcDtbS66a7QvGSespUEeI5GHH1ybz86mFuwsdPtMcwKEwi9-2UdHk0XZQeBTy6y7hwRxWVBKhZfNogfGeZOmbh3Ax9NXDczextYxtXeLqrQOivypZpbZvGV4tkaiMI9E8IuSiEC3bbOBmufsNRq36QlGQtzFl6MSwZ1CWu9w01VPnU-O0ASBQxX-6M6j_MXoiMAbuOwpA_KBnezMFSzfCy3_VKmykwnqECogxdXEsxPj-6PXdGXFafXjPaUwyPTTgsbTkQH26pLOojeJaJYTB2ka3QnpVOUivc4BFTjrp89NSrzc2YORwPAQFTJJUizK4twqDGrzItw-rhvAszL70OUv28rOZghxfz24dFQkKWV3nuYHPU_a8gwIawm524KnSKhUd6rsIp2ormpQUE2-CgRhmQvux2T4ZyljN8CLZrDk6Mr9CetokLgQb51Bl7O0piTad0IBxoFeRpO9-YMOhOYDHHT9Xt5zrTr-FnN24MluNgsRBJkAyI_ESOE9yMg-xvRd6tPOJ48iKCQVUISQud_r7A3xftFOaJanyktDZcHvpQYL_GIRvGwgbiSOJFB4FMZjYht16P8pVJWRx3gPPctBv6JlXxPez3MLtEYQoruPSlEX4OHF2J1UKyxjYsu9LaNQxYRdjoRf9thpzDWx8AshaySp2g4yJZUpP0PxdLG2W1aEqvVir_RjjHh-rh5AgYN8NaAyOoJoj6s09IG5Khiemm80oQQPeTxiCoiXqYAaGnUSUrfgE2tRHtV6_QCMh-dD33y8-f8bgbuZouJ7GWrGMJZguzpMvAPkk5P4ZF9Pks1os7yJsyZjg9HCzJsqwxe6IjjkQtriP_sUTL7yas87ibZF-HxU86E8f3iHkT56ESvK7kELa3VoxEIJpd5LmTOh6xM8bKDjCVB3PrYyii4lrNvKLF1RhcuVCe-8ZYM2Lt4tM7CiDXk9JYnbhYlKgA_bo0LNhjm8A10XSBSW5AQM1QBKRHBr0oPP-LiTs0Pj9ZjMnyVvBdGQPyOzYDSUcK0nNTdc9sEGw8JE7jrLU2rqYvKc1eZuoBZUdSTOrJsuENRA_uW9ZTcreJ4E7ceDJaP2gVrlDb82MDdtbYXmQLk8dxf85Nps1P2kCj5XnNQGo0DEF15lrItYCHvTtvAdU3NbAhXY2FI0gAQotAcuACrE4_Pg97sFfTeEcfJdECnP-G75qX0s96PFcJvyxuF6NcVX99OQpStFiCVrFDDVvSL7K9Wx-XOsPNy7dibjlCWqAcAY14K1fX4Corew62sczKZdYa48L-8zGH-bsYZQFUgGbvbsxodDNO4XAR-SHtRV6Ig_dUws04ZK5oUvhnExrIzpueinAT7okKq3ZuGquVyaMGTMVv0FhsOZVB4a-uEDt_YVj7t71-HXQUXPTNhgxDNEN_IbRQN4ehh_c1PFIc6upRBsvIfNHUlorSsC2_w7T60mnNfhVcrQf4qTXt_FIompD0tjMtCSD4Yn5wl9Ef-LioM47SqTcwk28bUzqFjEuQrQCahPT79bj0odLS56fHdH2_y2Kvtg2yuaWPqELqkw5a-cn8GIydw4YFpO2oWWxEDojr0S6oCVRYGMqtRFl48-UcPaGuZHLfzdxnK2lU2FeAQ0A5F252uABWWzmnM8ts-UWaWc9bHoVVJ4W67DyXoG6rFAtLCUhT1WayajTG1nHp6qDYXjAeYV0Mm5Nbx5HkfWpvMLRJ7dv0zJd-t0ajoNm-zOgLHfEOUsSeQrZ-SUwoFn2jaJc88rRpzKn0ivDuvRnQwUKUXXxaPjt5bqwZ3hU1BR9BSxwRsKTPxIBoZlZjss7TCOlxFqLRpE866QZF3Km91bhVOr5oVXGnrBysOMDKMtN_J8caXe3BuyWfwVRo_WNAb9_yWiZqhS2aSvstF81K5lJfv5_5E7hYEFhFenx_O64YHkhBdzkrLcrdkMa-7aJuCtsq3Z3TlOXFJxbIBkaZBEmD49kZKCIP5XY1zgxYGJrijCBPti0Ap0ce3JFTx70dKZCJ9Yt_M6q1uNwicowHaq3XG-iBkOrbXBEnej5llntMrhqfKU4Nf4R5cjQDhi9D-XAPkde1Ivm-uy2hFk28TnNVMotmPEW3hZQKC8DTiztuOC6E7ftbTFGT1KlgfNdDBMBBHWLSjlU_m_yaOJ9JYo_F-t8Zc4T5vKtDmdFVgpN24CJplyd3_Yknc0Ms3vsQrAHxPBjmkmKsKm8rmrJ2jNQZTYuMvAJm-2bnuhSQp4UOmq4-0kWqKTu9zjH738VGi7PfXZu-d7OBIZTYAZRHMpA6MdgMn_2ijraplTBZtqhupzeKGSrdWIzph_kKhIzlTDw3NBZDavBjbYh8XNDRi08IPisYwnhouoFskhe1zaR6Fk3YB3hR-vezSbPeTcrXOgcrIzDmZgl8eurj_CrbpcMMvG4dcoyS0swfJ8U6y78VIkKvyDpmAtz-9lY51lR-FpnYyfHAsr0U-QvOeUZ3KdTCp7lpceH3FAYZjHXV7B-O1JkB8JhHVvLFfxGsJhT3cEAfCalBzj5UFZq-kbwQECkhfGjAoAplbsGO_KWmZdteHsd7eYpqsaPiXG71zH0jsFim1OBnJRie0ezspLWQmktCsBB24GJESaPbXGXcGy6pWmAt4TUgijm96yM0bwjjjChPVp_JckyinNmz30uqyKJ-tLRn0_ItzxnpVQ7TJk8xNLAFSyjtWi7NzlsSd2i_-7PKE76BYGqACIeSqkXw1eF5ucj1UmWS2CYe4v4jJGQH14O4m3alrbbe65WosV0cIcy8nUCb6GCSJ4pZEOsGUEeLAneTaqFwpmdDngv9lx24EOtIt_Nyk41Ef0p488Hr5OqTPoKJ60m7WTgKzSyplYRqn5_IGu0beJLcAAMmSASehmnh7J5637kilL8xr4zvf0e4KwtuXRpCsARlWtsrElf-cz_vQroL2XvmnLcR6z6wUAXO5MT1R5eTZOwqvZF2o5PxBwIIp9OjLVCshkGHyQs_T_3_uyWUcS1BEp2ERYeKIuiUrjiEsziRnRWjKAbkpmpyN_bGz1oNHFd5UyS8UsNG6pOm6f3vqCk6AE2ytMeiGvh0osDhi_fxhcPUtY8-FT6boeUQCSivMDHWm8PgBtFfHwHoH2QbP7xJCGp7ml76D3kXxUjxnGO5tJV4Kiqra1VLfGkKTWPD-CNx2RmffbbCPFQtkvBGTAryZ7kZ5O4VNjB2MSpZsq5dNbAuYk70IafurnTCjTn1Ncd62CF4xJRercEYxRDWxE107o9gg3qpFLSdLeDm4KujXWGPBL1GDmns0gXbwYQFL-W_AP2_gyrIs3S60w&cid=CAQSTwDICaaNIu_P6I7R2nnhOrVBZxls1H7x-ws2igamv1qrqYF5Gyf1BhaQOZRIZnKenKwJdC8GcKeM04Qw_VYt2AS53cQnJGsTsC76II63-gkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=3475925953146068000&adk=3037181501&idt=189&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
42767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:05:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 8383 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BP7-AfUlP_uvaOdOn1ZU0NlLaX14ue555TWkzY8524Wtdk9uPFGfDRi4-Z7j7bgW2RUZ5edmMp9_D5pzVWIbQFblckT0PcRyBAyyxqMSBrttse2p84fHQ30AeUFAPfhVCWC59naNtA4Wi2ZfrFeAL-xSYyag6uoVmzuYJAMrwZ-7M8GUY&dbm_d=AKAmf-CuVpSEYGE-L9o_WWP25Xk5cY_BBxMDogme3HSbUsPWCehEzvt1ybT0-sQpwVagMl-HJJN2fNTHX2lrMptib4LM9FxdWeDMEMsbFxUZf_N_eDb3wrn_n5vohFJU3AnXE6B1GjEFbzH7x4C4reIYARBxJnu6tNyrE2mQimP_mwDudra8pInjZ1cxaLg6BRFZf46F36xQy8hyLpQbk-bEkbyh5l4_RekmLOSZ2aCZTonnZjRmalgc9Yflmp2b-r-wSiPC5j8YzX48RtVj0__q8Dtuux4x3m60HXl8kYelcPs_zYnGLtNRMH8FeQ0iXjNZibwlL2z3uX9kbr01P-O3p9WAj0gQoQXcowYfZQXfeqMDks8YsvwNsZjoBXa4htWi-grXmvUuoIzv0Sc5XHMmEuCmKBm9-mf14nBeTKNUOJMCWLnlJ7ZioN5vqAq_qTt54UbMtsVnBCAI8yTFk9Q3um-45oHJBxh_34-ngu-frlKaxjZhpq5Hw96Z71nDOu1IAk6ybbHwmcepAmpWsqZMTF4E94oFrAgnuF2of-rj7cwLLqtP_OKOOZQx8JS-kyBRHGjAQPg8BFRO6zdJbJSQdRbhCgml431CVaTcDtbS66a7QvGSespUEeI5GHH1ybz86mFuwsdPtMcwKEwi9-2UdHk0XZQeBTy6y7hwRxWVBKhZfNogfGeZOmbh3Ax9NXDczextYxtXeLqrQOivypZpbZvGV4tkaiMI9E8IuSiEC3bbOBmufsNRq36QlGQtzFl6MSwZ1CWu9w01VPnU-O0ASBQxX-6M6j_MXoiMAbuOwpA_KBnezMFSzfCy3_VKmykwnqECogxdXEsxPj-6PXdGXFafXjPaUwyPTTgsbTkQH26pLOojeJaJYTB2ka3QnpVOUivc4BFTjrp89NSrzc2YORwPAQFTJJUizK4twqDGrzItw-rhvAszL70OUv28rOZghxfz24dFQkKWV3nuYHPU_a8gwIawm524KnSKhUd6rsIp2ormpQUE2-CgRhmQvux2T4ZyljN8CLZrDk6Mr9CetokLgQb51Bl7O0piTad0IBxoFeRpO9-YMOhOYDHHT9Xt5zrTr-FnN24MluNgsRBJkAyI_ESOE9yMg-xvRd6tPOJ48iKCQVUISQud_r7A3xftFOaJanyktDZcHvpQYL_GIRvGwgbiSOJFB4FMZjYht16P8pVJWRx3gPPctBv6JlXxPez3MLtEYQoruPSlEX4OHF2J1UKyxjYsu9LaNQxYRdjoRf9thpzDWx8AshaySp2g4yJZUpP0PxdLG2W1aEqvVir_RjjHh-rh5AgYN8NaAyOoJoj6s09IG5Khiemm80oQQPeTxiCoiXqYAaGnUSUrfgE2tRHtV6_QCMh-dD33y8-f8bgbuZouJ7GWrGMJZguzpMvAPkk5P4ZF9Pks1os7yJsyZjg9HCzJsqwxe6IjjkQtriP_sUTL7yas87ibZF-HxU86E8f3iHkT56ESvK7kELa3VoxEIJpd5LmTOh6xM8bKDjCVB3PrYyii4lrNvKLF1RhcuVCe-8ZYM2Lt4tM7CiDXk9JYnbhYlKgA_bo0LNhjm8A10XSBSW5AQM1QBKRHBr0oPP-LiTs0Pj9ZjMnyVvBdGQPyOzYDSUcK0nNTdc9sEGw8JE7jrLU2rqYvKc1eZuoBZUdSTOrJsuENRA_uW9ZTcreJ4E7ceDJaP2gVrlDb82MDdtbYXmQLk8dxf85Nps1P2kCj5XnNQGo0DEF15lrItYCHvTtvAdU3NbAhXY2FI0gAQotAcuACrE4_Pg97sFfTeEcfJdECnP-G75qX0s96PFcJvyxuF6NcVX99OQpStFiCVrFDDVvSL7K9Wx-XOsPNy7dibjlCWqAcAY14K1fX4Corew62sczKZdYa48L-8zGH-bsYZQFUgGbvbsxodDNO4XAR-SHtRV6Ig_dUws04ZK5oUvhnExrIzpueinAT7okKq3ZuGquVyaMGTMVv0FhsOZVB4a-uEDt_YVj7t71-HXQUXPTNhgxDNEN_IbRQN4ehh_c1PFIc6upRBsvIfNHUlorSsC2_w7T60mnNfhVcrQf4qTXt_FIompD0tjMtCSD4Yn5wl9Ef-LioM47SqTcwk28bUzqFjEuQrQCahPT79bj0odLS56fHdH2_y2Kvtg2yuaWPqELqkw5a-cn8GIydw4YFpO2oWWxEDojr0S6oCVRYGMqtRFl48-UcPaGuZHLfzdxnK2lU2FeAQ0A5F252uABWWzmnM8ts-UWaWc9bHoVVJ4W67DyXoG6rFAtLCUhT1WayajTG1nHp6qDYXjAeYV0Mm5Nbx5HkfWpvMLRJ7dv0zJd-t0ajoNm-zOgLHfEOUsSeQrZ-SUwoFn2jaJc88rRpzKn0ivDuvRnQwUKUXXxaPjt5bqwZ3hU1BR9BSxwRsKTPxIBoZlZjss7TCOlxFqLRpE866QZF3Km91bhVOr5oVXGnrBysOMDKMtN_J8caXe3BuyWfwVRo_WNAb9_yWiZqhS2aSvstF81K5lJfv5_5E7hYEFhFenx_O64YHkhBdzkrLcrdkMa-7aJuCtsq3Z3TlOXFJxbIBkaZBEmD49kZKCIP5XY1zgxYGJrijCBPti0Ap0ce3JFTx70dKZCJ9Yt_M6q1uNwicowHaq3XG-iBkOrbXBEnej5llntMrhqfKU4Nf4R5cjQDhi9D-XAPkde1Ivm-uy2hFk28TnNVMotmPEW3hZQKC8DTiztuOC6E7ftbTFGT1KlgfNdDBMBBHWLSjlU_m_yaOJ9JYo_F-t8Zc4T5vKtDmdFVgpN24CJplyd3_Yknc0Ms3vsQrAHxPBjmkmKsKm8rmrJ2jNQZTYuMvAJm-2bnuhSQp4UOmq4-0kWqKTu9zjH738VGi7PfXZu-d7OBIZTYAZRHMpA6MdgMn_2ijraplTBZtqhupzeKGSrdWIzph_kKhIzlTDw3NBZDavBjbYh8XNDRi08IPisYwnhouoFskhe1zaR6Fk3YB3hR-vezSbPeTcrXOgcrIzDmZgl8eurj_CrbpcMMvG4dcoyS0swfJ8U6y78VIkKvyDpmAtz-9lY51lR-FpnYyfHAsr0U-QvOeUZ3KdTCp7lpceH3FAYZjHXV7B-O1JkB8JhHVvLFfxGsJhT3cEAfCalBzj5UFZq-kbwQECkhfGjAoAplbsGO_KWmZdteHsd7eYpqsaPiXG71zH0jsFim1OBnJRie0ezspLWQmktCsBB24GJESaPbXGXcGy6pWmAt4TUgijm96yM0bwjjjChPVp_JckyinNmz30uqyKJ-tLRn0_ItzxnpVQ7TJk8xNLAFSyjtWi7NzlsSd2i_-7PKE76BYGqACIeSqkXw1eF5ucj1UmWS2CYe4v4jJGQH14O4m3alrbbe65WosV0cIcy8nUCb6GCSJ4pZEOsGUEeLAneTaqFwpmdDngv9lx24EOtIt_Nyk41Ef0p488Hr5OqTPoKJ60m7WTgKzSyplYRqn5_IGu0beJLcAAMmSASehmnh7J5637kilL8xr4zvf0e4KwtuXRpCsARlWtsrElf-cz_vQroL2XvmnLcR6z6wUAXO5MT1R5eTZOwqvZF2o5PxBwIIp9OjLVCshkGHyQs_T_3_uyWUcS1BEp2ERYeKIuiUrjiEsziRnRWjKAbkpmpyN_bGz1oNHFd5UyS8UsNG6pOm6f3vqCk6AE2ytMeiGvh0osDhi_fxhcPUtY8-FT6boeUQCSivMDHWm8PgBtFfHwHoH2QbP7xJCGp7ml76D3kXxUjxnGO5tJV4Kiqra1VLfGkKTWPD-CNx2RmffbbCPFQtkvBGTAryZ7kZ5O4VNjB2MSpZsq5dNbAuYk70IafurnTCjTn1Ncd62CF4xJRercEYxRDWxE107o9gg3qpFLSdLeDm4KujXWGPBL1GDmns0gXbwYQFL-W_AP2_gyrIs3S60w&cid=CAQSTwDICaaNIu_P6I7R2nnhOrVBZxls1H7x-ws2igamv1qrqYF5Gyf1BhaQOZRIZnKenKwJdC8GcKeM04Qw_VYt2AS53cQnJGsTsC76II63-gkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=3475925953146068000&adk=3037181501&idt=189&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:07:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
67819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11937
x-xss-protection
0
server
cafe
etag
9249472389583843189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 12:07:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8383 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
305571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
truncated
/ Frame 8383 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a641578b6410cab5687a3b7f01747a701ce70678c381ae4171ff6f4760e086a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D07A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
119363
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame B60E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_98luZZpSnJOO7A_N5YOIBg&cbFunctionName=goog_wrapCb_98luZZpSnJOO7A_N5YOIBg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassba...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_98luZZpSnJOO7A_N5YOIBg&cbFunctionName=goog_wrapCb_98luZZpSnJOO7A_N5YOIBg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2440:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id
4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding
gzip
via
1.1 a7922bb75420f6c3485eed5adcb99ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
age
39835
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 04 Dec 2023 19:54:03 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
7D9WiiPTtM2wmR4DWmlmItRJiIudJsB5-tBuLUm6NZp6l9Y3VuN41A==

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_98luZZpSnJOO7A_N5YOIBg&cbFunctionName=goog_wrapCb_98luZZpSnJOO7A_N5YOIBg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame C1B9 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 00:45:54 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 a7922bb75420f6c3485eed5adcb99ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
age
11859125
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
UKOWFPuxhuhwcPH-YZsQimSOkFnfkGSTuY1gGsD6sWM7RLwm_o0lJA==
dt
dt.adsafeprotected.com/ Frame 79F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=765b10b7-4bc3-b5c9-a1a3-c93f5c6bde09&tv=%7Bc:vU2SCy,pingTime:-10,time:593,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701759479230%7C%7C0785ad36ec4f8ca4956e303f93bbb09e%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7Cf483dd45ab6f62644abcc547b4505444%7C%7C63a92a12506d678ee2f427b20d09d46d%7C%7Cc9d0c93c05cccfc436846d2321d05edf%7C%7C07c5e16c6b81a425ba7f0cf930b1fa05%7C%7C200b8982fa10db1447c73dad64aa5365%7C%7C1663701684%7D
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B60E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f85b4c99-385a-da2a-cb08-7652b1553548&tv=%7Bc:vU2SCE,pingTime:-3,time:45,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlBl+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e*.990511-61634100%7C1e1%7C1e2%7C1f1,idMap:1e*,rmeas:1,rend:0,renddet:svg.us,siq:18%7D&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B60E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f85b4c99-385a-da2a-cb08-7652b1553548&tv=%7Bc:vU2SCF,pingTime:-6,time:46,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlBl+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e*.990511-61634100%7C1e1%7C1e2%7C1f1,idMap:1e*,rmeas:1,rend:0,renddet:svg.us,siq:18%7D&tpiLookup=ao:www.ukr.net*&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index.html
s0.2mdn.net/sadbundle/8545329873006492075/ Frame F1CD 		142 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
38213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22810
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:21:06 GMT
expires
Tue, 03 Dec 2024 20:21:06 GMT
last-modified
Wed, 09 Feb 2022 10:36:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B60E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrqGpV4ATg_b-pBx0Oy4FVL788-aKXMBthMTIRUVUSYa_i1BxEroX5nJichk0k5O3RwSjgGux0jyBCV3YR93hZUaTfqFhzrw3YfgI34MThJyRdN9q8quJDhhOVju7MU-qu63qA4539T71IWHLPlTsyUP4eqnjvhCdw0N_2mvtPx_TARhA1koCNKCovXearPZU8PIZjdbHldT177DRISjUcLyag1UEY-v-Oj3ZM8fvtij2pJwIboBY5-vcgH9dHozeBXfmm7bwB10xszxpmr-KLOyYegYhvFqUsnKKJUe1GKO5pDKXYU_H8TCvtB0cn8ESTf0jAI60ACfGQKbbUn9hkdz-3wtJNWGB9NXbcFA4y21iQq-lf_mSdtXlJ1N8OlDYnl-wPtPuhek3c139X4qSziPLNktszXrSL6Wmki9bv6uenSH7t8uTo6vw2e2znqO1cZAUAB0HYSW_QCuRGNiGCRkPTGERw2IAziXCnI4gBGFvwCXMN2sFggChHMK0ssk7E18kU7Pr6949DvinUznbueoB9076sDwu-uq3ULkNViZcB8NAlaFXn0ZJ5e083ibF7H6YRfW7dNqyKrPcVNp4gnGv_Uu8LjKrw4cGHjCiy9ru7YimrsNLhTQSoiqEPBKk1Q0JQzbDH7ceEppbqBBvGp5QcH1VF2TCFr8JvdgMPHcxR1AT2YV7XFVOpbYtVln8Pd0ps0wWpI9nTjbUkeClAo_Inum--gDHOmO-FD2qGSwdTFrGQq4RqdzDGHloeEb4075LObCn1eemOwvSnmui-ojEsNbu2nGYccFmnRfv-1IrU4rfaoGlFTJHs9uoXrXi3YF8Wwe1HcoLLevDcZfXLcE_i7fvMzvhipmWXCUDmrdq0sEG2-k8-rHWiLLxWDlE4F-MXLmcrJMrastZA3wYF4UnefLAVfl5dAS2sFbYhUVz62ydtKXCnzIBMkYFoc2lfErLX-70AiT-JylkWPYMAuojjWEWPVxJnNtU7BSGyIs_rwn6PWKrToEA6uPXGXAScolrdqE2fJCCj-kedY5PPCAmD78xxe5R7ppbQz2dc-rM-6BhXuPFoIXGJZiicS0cyyMo0aOkIHVNZpih7FZ64fy2OpRWP6Y-K0jrpAfBU_a_kMXGP04TLLSUoskAv2VWrzYhAkYh7Ek4eTHUJMXUntiWWJiCx3mI9Lks0--3hLeXm2p_4hrxTF2ozXgSsnQtLhh8KhIVPjv4M9cfRfNwCWEdapWSf72i7N_9IzXYHTCa0GVVFZlSUubqVfkM0c0kKwbNCgtaRL85f387bk66bTE4WgKXeXJIEvUpRVfcBRfXg-ojDHST5FaNXtx5msb8r145M6JdiCvyV740-valXB98tAl8hHw7q_28KAbS5b3plnQrkwXb-3aiA5Kqb1P9aL-mjJvPyVz7chqufVaODHQU2S8roQnIYVjLCCzPIJ6npWB-SYsKFWDZsnjg33lbTYvXHWKgHoCMvSm_R5g&sai=AMfl-YT5fhnUvoC22Q2P77R_edMsDZYe79oQAjKCWBk72S3nsx5iR-VlPpPBaLT-z87CxN1RVAseVfKqfkXGspHDv6tgLz97mQzz_Jo493SOwLY3BfSsPneYJjwT3s53sy6i1Qr2R7Lf8XC0tz0DOVTUD7svyIxwefx0zDnnhwlECR_BvHJC0v7EQDyXgIaT4N_w743CRkK-Zg-X_uq7YZTjIbVGNw04he25nyGZQV0_m3ShM38VRUkXKIpbRt6KMIJB_DGCvG5lR0ySL15Gh8x_bq4nBOGLOq5FkR3ZXZsO6G3OUMxJGqIKRs95B_s05qMu8A&sig=Cg0ArKJSzK2HGYxsQiNpEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=140&cbvp=1&cstd=140&cisv=r20231130.20697&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame B60E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f85b4c99-385a-da2a-cb08-7652b1553548&tv=%7Bc:vU2SCR,pingTime:-2,time:58,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:424,beZ:425,mfA:427,cmA:427,inA:427,inZ:430,prA:430,prZ:438,si:441,poA:441,poZ:454,cmZ:454,mfZ:454,loA:469,loZ:471,ltA:481,ltZ:481%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1.990511-61634092%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e*.990511-61634100%7C1e1%7C1e2%7C1f1,idMap:1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:18,sinceFw:40,readyFired:true%7D&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 558D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDn0NH9Evzjrux9REXSBpC_qnAjgqJhX7pokCs06ug8370t9tifGNToxel_9SxapUGsjkf2Wf8sNZVLF3Kgg_jB0ZKgGuL_rI0tJcbUb1SIMNdF26PmwqKX5KbCUyz1cka54QXF2paoBxtbuvXbJQOp3GKVv7EkN7CrwRhmqDp_btX9FTgaZQqCYuEO7azNOy8nl0-DJwQcOKC_ts3WB6WeHh4EUC8qWcoLgH5w6ytDNkG5bF9mm1whl2ImTLhaMy40diLSJZsAkUNKn3Xf4LHN96AjfVdXNUuM4Q5ib_J6adSjjG8ylzS76qTIQwwxQ0LMyej_lqrT11HRle7hT7Dd6hVIlUMDku2KRn6qfxDvuou9qxbIQoGY3GhzfcICoK6sIQ1tRKlRflSXZQApDNxk7cynM8u-sX5X3QYgZhvZ4290VhLNL_jlACPQQMlIUdSDoNYdjbccEhXCRJplOeVwA2xuONRhPkizewUTBkEb7SUWShM2ck-qiGxBpYyS8mrGqcEDywXJqpzg3fdgBTO98J8hWt_VEUQPJuAjebCwWIJ1PLdzDKIqWPH4HLgFyYHMhKSbg4d8sKBbxmgsV0kYiGW7EASeuuhcPeru7Ur4mKRHrVGzTes3L12G0qmV2wnjxbHZJCuil0RLP4rjHCA460sdcXYAJCMymdkBVUIuxX28b6aaR1oRiyWaVMoXRHN-Ymb7q9UpN2El6Nu6CfL0o7BpvTgE1hxO_XooVfDuxabCj8mrr6zsyRegKpAayRXoe5AvrOqLhrLeO577t7ytB1JdN83k3w0lNvZu6lZ9SAfX2GBpzmtVOCFCFA4_e-apvTC91o7QXm8JUsO2w7G5LTjfSLG7lXUaJEhOnGXt1AxqK7yFB0EGx4oJZtWpBHKmmzg-_DdKhq1zxmui_6lYezDen7sErp34gm9Aem-_baRHZlNQ8o_MA78XgcUQ6tiY345RFAOoUt68yG86nLNPykCtQCX88mWH53QHVptSByuZ-KD2uZnjulbMG-ul8WHYEnxiN_rtfIURT5XalsHsmvt2oUuaxkVF2TmVKstO_1re4X9IdLVl7S7kEUffrPc5cJ-O03yiD2DR4rOF3CoutYsjWMfRG3LfuprkJwGAYkpTmvhe7tEXbI_6PpGaNnuoI_nXboMxadJ7BtAqmOZ7I_9S9QS7kIVbotpOF82rc0PTxqXVIVGySsv2uNh36XSSFxb2GQ-hFX6uYn9SnLw4o_vg3NH9Zn-bHBkf11G8eAwQKzT51sk5eeyH7jZHGTpJvKmf8hETPlH-m30NyD4N-lRYN4poXbF-h7qf-Z2RDHQa18lKFmCi0ClWFaVAqS5_JInaS8_ADWhSSauBlsQKGKeaa0PCAwXQkg&sai=AMfl-YSZnTaoJ4dZOfttsDWSoI4s-lUpxTBIfJ1b2eKUsujthX1Vlx3kUS18HmgPUzncR8ChA3nOB1ju1toNEPhZM1oNAT46Z-dRbpJDBUltkA0opwT11MUfTkHZoKjNzPUtR-WeG4QhIbUpyugA_Y-MhCRc0MPvIM5JkW1UapF9jH3fIN6sipfd&sig=Cg0ArKJSzKM6hBPBE7j2EAE&cid=CAQSTgDICaaNjPv5VwRJbpPtDt89p9MDc-UdSOLVNc9i0HGHU36cuMyUQ7XgAqtV8jDk41R1Jl_JMgzia0kJBw6GSrO12wk9KN01oyo_8IXyaxgB&id=ampim&o=0,601&d=160,600&ss=1600,1200&bs=160,600&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=430&tls=1442&g=100&h=100&tt=1443&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 243C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
119363
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/8545329873006492075/ Frame B5E5 		142 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
38213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22810
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:21:06 GMT
expires
Tue, 03 Dec 2024 20:21:06 GMT
last-modified
Wed, 09 Feb 2022 10:36:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8383 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu87_cg21mgrE1IoUpIg1BIeckFM4Yb519JsjkJVeZrgpsgaZqg6yaVBw-qIX8h7stpHoRkLK8FBe6HB7Q1z-_d8r1rnx9uEP45BA2OL6wVYjz5elybJ5jluDY8IODWaA8YNXXqVx73ynKCsbwfLOathPNlROrsGPhjWaquFdDv5JkWOiv3uh6dG9EFxoehU04c08UGFjpj5aXzH0H_zNBhugZoghQIOCoCAZSWGejkbBYk2AJUE6XQ9xooQkxJWh0tiZBgtARX5gmNnisbFfROieCJOiRyCOXCCikxE-MXk4q5n2rxlWyBCq61R1lfYqSicjRGwz2vErK93gwvAzFTiGFP2C09-ybIR1OFfKk1tqvkjMRPNYoJ5_qNm5x-_iQMGcmvvW-Y2fTzd4b-HhSDJEmIbBT33zMpeB7DDLmEsEVWqdyUsPKVEwmyzbiLad1J_cxEpMlsFKMDPOOfQwRJ7cuNcFzMnCVOiQIpkZqYtLgynuOp9Z7P5ZBHgcTu00hUs5uBbNAsW-URxTNUB0G0p9SebdjgBzUiKPlgeXmKNRHy9Q3mP3DQmIIuWCQ9pHMCb8BcvkMjh5C1PJxdKMwRMyM3NhVNNQ-aXSluXa5LSYxqLlI3L_pKHP-XoplMG0RRbPwJpxlpCPMV23k_gAwuOPxSKYu3C4KSxyrsNHjNmqdfEX-wglyjd12U8F9bhd9g-Y97VYi5-y9Ihnk-qabEVPKiUgwbzUKDP0xiK07k9UHRKtbISihla0c-dlWWbirlkLfBC7oDB0XCMStxTNDS7tSOfuDBU7k5YtpJLoWG91m-KkmNbr9Gkd1UZpXuIRW7tNsH9geimzveEwLz9wMFABmaPAGrG9n85-xLwJTa92NUfKgiM701znQ_66QfzBmGIipXlQ6lqOIVwmeki7WanAiCcut2wMhPi-QHUwSYuEAjTIi5u1Di7ZUsq5LDTWZmZ1VB42AXZ3EiiRKyja7x0NXlqptigqkHq-He0TmzQ1fkLqCBQAXlCNAzSpCAA5GGC21DoPPAWsG7dKu4fWxC4Wv0MUq9TxXlMHQVjxifW1Zx80wfhUtB0BXRCctTxDS5gdBDA0OBL6MYpl7MX8lFneuB--RmA2XQdcuNu7rgJ-Mx2aoj98CQJ1G2FulxpP3K4yETKkBQYAt1r8NgczjzwtYwu0W2GbbFExaTXZq1pLU7Nrzqt71Kn2It8dFS1sYJyT9tlVqCX6V-bynDYAwglBy1evGWWj9Mt7F2knB7j2t8Aj2ZRg15E9Xri5QWR2uTvqi2lDW1TB94wWVZ8rLLCA50EF2HeMgIBcic-KXCzMubW-V_GdJeEPHpEcjfWdD3KX4XkAUzYCPgt-KRfKicK16R118qGGi9h2cbkiUmm9xfjPvX4_pL6HndyVi2jjN_fRBs8R1SnXTF6d4EAFh2xQznOJiPZRSd9TDkYjjoVOKJZjN-fJYGvZFFVsEs6uVRPl1g4tsofrALXvfIFQ&sai=AMfl-YTcBFDSAhvbkH9NlqrNR64ctIiJRzB83HCKeif79FnkRFrtyhhraY5F1q9gJcqciO3fjD367F2QyepwTY8J49x4M_T-hzDdN5yQZMK1hSpnWPGivLvvv6mZWtD5K6SqP9L4EMaWx6DtPD4oVPtWrv9UnWjOVtd4Cb4lmIxRpoQg63LMkwHAI3kitcTQ6ZoGYSmxmFuTSlKV7Luy_a8pXCVmp0tEWWZff69LGnXEy0GD9xz05uOKp1-AkNoSH1_a-fUfztR1PFvxIIrz7osaM53to21Y4kj4gPy5_QQOE1myensI6Rgvo8KSgjcE4qIuXw&sig=Cg0ArKJSzGlq7iSka-XMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=97&cbvp=1&cstd=96&cisv=r20231130.08879&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 8383
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7005813411879006&ias_chanId=1&ias_placementId=20343398390&bidurl=https://www.ukr.net/&ias_...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_98luZdeEBPWSjuwP-Oy66Ak&cbFunctionName=goog_wrapCb_98luZdeEBPWSjuwP-Oy66Ak&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_98luZdeEBPWSjuwP-Oy66Ak&cbFunctionName=goog_wrapCb_98luZdeEBPWSjuwP-Oy66Ak&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2440:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id
4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding
gzip
via
1.1 a7922bb75420f6c3485eed5adcb99ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
age
39835
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 04 Dec 2023 19:54:03 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
yTlYBa8_VMWMaMgci6eZ-l6ASlvYV1KI5pHwiLyBMJ45Virh2K80CA==

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_98luZdeEBPWSjuwP-Oy66Ak&cbFunctionName=goog_wrapCb_98luZdeEBPWSjuwP-Oy66Ak&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5A00 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 00:45:54 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 a7922bb75420f6c3485eed5adcb99ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
age
11859125
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
0Y578zENerT6Y1YRlSeggNickkiJucebJ3OvfWtxr6llSl1s8UuR-g==
dt
dt.adsafeprotected.com/ Frame 8383 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8e8c0a89-165d-eb7b-eda5-7e03af545041&tv=%7Bc:vU2SDD,pingTime:-3,time:43,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlCm+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.990511-61634100%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:0,renddet:DIV,siq:21%7D&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8383 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8e8c0a89-165d-eb7b-eda5-7e03af545041&tv=%7Bc:vU2SDD,pingTime:-6,time:43,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlCm+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.990511-61634100%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:0,renddet:DIV,siq:21%7D&tpiLookup=ao:www.ukr.net*&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D07A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
23047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 00:33:52 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame F1CD 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 15:16:12 GMT
dt
dt.adsafeprotected.com/ Frame 8383 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8e8c0a89-165d-eb7b-eda5-7e03af545041&tv=%7Bc:vU2SDK,pingTime:-2,time:50,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:482,beZ:483,mfA:484,cmA:485,inA:485,inZ:487,prA:487,prZ:499,si:502,poA:503,poZ:516,cmZ:516,mfZ:516,loA:525,loZ:526,ltA:532,ltZ:532%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1.990511-61634092%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e.990511-61634100%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.990511-61634100%7C1f1%7C1f2%7C1f3,idMap:1f*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:21,sinceFw:29,readyFired:true%7D&br=c
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 243C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
23047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 00:33:52 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame B5E5 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 15:16:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B60E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrqGpV4ATg_b-pBx0Oy4FVL788-aKXMBthMTIRUVUSYa_i1BxEroX5nJichk0k5O3RwSjgGux0jyBCV3YR93hZUaTfqFhzrw3YfgI34MThJyRdN9q8quJDhhOVju7MU-qu63qA4539T71IWHLPlTsyUP4eqnjvhCdw0N_2mvtPx_TARhA1koCNKCovXearPZU8PIZjdbHldT177DRISjUcLyag1UEY-v-Oj3ZM8fvtij2pJwIboBY5-vcgH9dHozeBXfmm7bwB10xszxpmr-KLOyYegYhvFqUsnKKJUe1GKO5pDKXYU_H8TCvtB0cn8ESTf0jAI60ACfGQKbbUn9hkdz-3wtJNWGB9NXbcFA4y21iQq-lf_mSdtXlJ1N8OlDYnl-wPtPuhek3c139X4qSziPLNktszXrSL6Wmki9bv6uenSH7t8uTo6vw2e2znqO1cZAUAB0HYSW_QCuRGNiGCRkPTGERw2IAziXCnI4gBGFvwCXMN2sFggChHMK0ssk7E18kU7Pr6949DvinUznbueoB9076sDwu-uq3ULkNViZcB8NAlaFXn0ZJ5e083ibF7H6YRfW7dNqyKrPcVNp4gnGv_Uu8LjKrw4cGHjCiy9ru7YimrsNLhTQSoiqEPBKk1Q0JQzbDH7ceEppbqBBvGp5QcH1VF2TCFr8JvdgMPHcxR1AT2YV7XFVOpbYtVln8Pd0ps0wWpI9nTjbUkeClAo_Inum--gDHOmO-FD2qGSwdTFrGQq4RqdzDGHloeEb4075LObCn1eemOwvSnmui-ojEsNbu2nGYccFmnRfv-1IrU4rfaoGlFTJHs9uoXrXi3YF8Wwe1HcoLLevDcZfXLcE_i7fvMzvhipmWXCUDmrdq0sEG2-k8-rHWiLLxWDlE4F-MXLmcrJMrastZA3wYF4UnefLAVfl5dAS2sFbYhUVz62ydtKXCnzIBMkYFoc2lfErLX-70AiT-JylkWPYMAuojjWEWPVxJnNtU7BSGyIs_rwn6PWKrToEA6uPXGXAScolrdqE2fJCCj-kedY5PPCAmD78xxe5R7ppbQz2dc-rM-6BhXuPFoIXGJZiicS0cyyMo0aOkIHVNZpih7FZ64fy2OpRWP6Y-K0jrpAfBU_a_kMXGP04TLLSUoskAv2VWrzYhAkYh7Ek4eTHUJMXUntiWWJiCx3mI9Lks0--3hLeXm2p_4hrxTF2ozXgSsnQtLhh8KhIVPjv4M9cfRfNwCWEdapWSf72i7N_9IzXYHTCa0GVVFZlSUubqVfkM0c0kKwbNCgtaRL85f387bk66bTE4WgKXeXJIEvUpRVfcBRfXg-ojDHST5FaNXtx5msb8r145M6JdiCvyV740-valXB98tAl8hHw7q_28KAbS5b3plnQrkwXb-3aiA5Kqb1P9aL-mjJvPyVz7chqufVaODHQU2S8roQnIYVjLCCzPIJ6npWB-SYsKFWDZsnjg33lbTYvXHWKgHoCMvSm_R5g&sai=AMfl-YT5fhnUvoC22Q2P77R_edMsDZYe79oQAjKCWBk72S3nsx5iR-VlPpPBaLT-z87CxN1RVAseVfKqfkXGspHDv6tgLz97mQzz_Jo493SOwLY3BfSsPneYJjwT3s53sy6i1Qr2R7Lf8XC0tz0DOVTUD7svyIxwefx0zDnnhwlECR_BvHJC0v7EQDyXgIaT4N_w743CRkK-Zg-X_uq7YZTjIbVGNw04he25nyGZQV0_m3ShM38VRUkXKIpbRt6KMIJB_DGCvG5lR0ySL15Gh8x_bq4nBOGLOq5FkR3ZXZsO6G3OUMxJGqIKRs95B_s05qMu8A&sig=Cg0ArKJSzK2HGYxsQiNpEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=272&vt=11&dtpt=132&dett=3&cstd=140&cisv=r20231130.20697&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame F1CD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:07:10 GMT
flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame F1CD 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1508
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 06:59:50 GMT
head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame F1CD 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:00:40 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame F1CD 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
661
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:01:58 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame F1CD 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:00:02 GMT
300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame F1CD 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:52 GMT
x-content-type-options
nosniff
age
7
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38528
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:12:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8383 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu87_cg21mgrE1IoUpIg1BIeckFM4Yb519JsjkJVeZrgpsgaZqg6yaVBw-qIX8h7stpHoRkLK8FBe6HB7Q1z-_d8r1rnx9uEP45BA2OL6wVYjz5elybJ5jluDY8IODWaA8YNXXqVx73ynKCsbwfLOathPNlROrsGPhjWaquFdDv5JkWOiv3uh6dG9EFxoehU04c08UGFjpj5aXzH0H_zNBhugZoghQIOCoCAZSWGejkbBYk2AJUE6XQ9xooQkxJWh0tiZBgtARX5gmNnisbFfROieCJOiRyCOXCCikxE-MXk4q5n2rxlWyBCq61R1lfYqSicjRGwz2vErK93gwvAzFTiGFP2C09-ybIR1OFfKk1tqvkjMRPNYoJ5_qNm5x-_iQMGcmvvW-Y2fTzd4b-HhSDJEmIbBT33zMpeB7DDLmEsEVWqdyUsPKVEwmyzbiLad1J_cxEpMlsFKMDPOOfQwRJ7cuNcFzMnCVOiQIpkZqYtLgynuOp9Z7P5ZBHgcTu00hUs5uBbNAsW-URxTNUB0G0p9SebdjgBzUiKPlgeXmKNRHy9Q3mP3DQmIIuWCQ9pHMCb8BcvkMjh5C1PJxdKMwRMyM3NhVNNQ-aXSluXa5LSYxqLlI3L_pKHP-XoplMG0RRbPwJpxlpCPMV23k_gAwuOPxSKYu3C4KSxyrsNHjNmqdfEX-wglyjd12U8F9bhd9g-Y97VYi5-y9Ihnk-qabEVPKiUgwbzUKDP0xiK07k9UHRKtbISihla0c-dlWWbirlkLfBC7oDB0XCMStxTNDS7tSOfuDBU7k5YtpJLoWG91m-KkmNbr9Gkd1UZpXuIRW7tNsH9geimzveEwLz9wMFABmaPAGrG9n85-xLwJTa92NUfKgiM701znQ_66QfzBmGIipXlQ6lqOIVwmeki7WanAiCcut2wMhPi-QHUwSYuEAjTIi5u1Di7ZUsq5LDTWZmZ1VB42AXZ3EiiRKyja7x0NXlqptigqkHq-He0TmzQ1fkLqCBQAXlCNAzSpCAA5GGC21DoPPAWsG7dKu4fWxC4Wv0MUq9TxXlMHQVjxifW1Zx80wfhUtB0BXRCctTxDS5gdBDA0OBL6MYpl7MX8lFneuB--RmA2XQdcuNu7rgJ-Mx2aoj98CQJ1G2FulxpP3K4yETKkBQYAt1r8NgczjzwtYwu0W2GbbFExaTXZq1pLU7Nrzqt71Kn2It8dFS1sYJyT9tlVqCX6V-bynDYAwglBy1evGWWj9Mt7F2knB7j2t8Aj2ZRg15E9Xri5QWR2uTvqi2lDW1TB94wWVZ8rLLCA50EF2HeMgIBcic-KXCzMubW-V_GdJeEPHpEcjfWdD3KX4XkAUzYCPgt-KRfKicK16R118qGGi9h2cbkiUmm9xfjPvX4_pL6HndyVi2jjN_fRBs8R1SnXTF6d4EAFh2xQznOJiPZRSd9TDkYjjoVOKJZjN-fJYGvZFFVsEs6uVRPl1g4tsofrALXvfIFQ&sai=AMfl-YTcBFDSAhvbkH9NlqrNR64ctIiJRzB83HCKeif79FnkRFrtyhhraY5F1q9gJcqciO3fjD367F2QyepwTY8J49x4M_T-hzDdN5yQZMK1hSpnWPGivLvvv6mZWtD5K6SqP9L4EMaWx6DtPD4oVPtWrv9UnWjOVtd4Cb4lmIxRpoQg63LMkwHAI3kitcTQ6ZoGYSmxmFuTSlKV7Luy_a8pXCVmp0tEWWZff69LGnXEy0GD9xz05uOKp1-AkNoSH1_a-fUfztR1PFvxIIrz7osaM53to21Y4kj4gPy5_QQOE1myensI6Rgvo8KSgjcE4qIuXw&sig=Cg0ArKJSzGlq7iSka-XMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=239&vt=11&dtpt=142&dett=3&cstd=96&cisv=r20231130.08879&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame B5E5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:07:10 GMT
flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame B5E5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1508
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 06:59:50 GMT
head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame B5E5 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:00:40 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame B5E5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
661
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:01:58 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame B5E5 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:00:02 GMT
300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame B5E5 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 06:57:52 GMT
x-content-type-options
nosniff
age
7
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38528
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 07:12:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 79F4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUO4UVuLoyiPxz-7wvJu6foOytCokZfLeoTTMc5ar8TgzkfQzEgXNHsGy400o0d86xp3ZsClA3Wf1iNyajzBhwuuJlDZIz6fc0j6-aXXsOqVkBfid629BmcXvyfwPojlK8jRuAwDCOQe6V&sai=AMfl-YSEMRHwcrggkm5Itcc6-yXmwJUS7xqMaaEvCJ2GEYjh0KgiY6gJ-LVKkmndEES3cYHfBIg8PKlcU3S-qHyId4D_pfn6qOcMjUdgIAo7w7QFStmxAo6ZM0dSJzCWfLAB22uXz-bNzo21pfQxALFi8Yn4Oky1vtbMcQM&sig=Cg0ArKJSzHPUs_RxP58eEAE&cid=CAQSTgDICaaNjPv5VwRJbpPtDt89p9MDc-UdSOLVNc9i0HGHU36cuMyUQ7XgAqtV8jDk41R1Jl_JMgzia0kJBw6GSrO12wk9KN01oyo_8IXyaxgB&id=lidar2&mcvt=1005&p=0,0,50,300&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=216364347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701759477880&rpt=514&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D07A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkTvO98luZZpSnJOO7A_N5YOIBgAAAAA4AeAEAg&bg=!4uGl4a7NAAY3kmNgF5I7ADQBe5WfOGlIyYq7WkAeqMI_aioq558Fr47Oe7AIMPyq1WZZqVYoDgf9z17qfF7ce-EYodjwAgAAAEtSAAAAAmgBB5kC-OFlMUK-odpFhSCjG2-odtjP_Hnpfiumisf2RMQ-zIGFyROfNjenlKQvCMUMHlXFe8VoKjpJlhmsgei51GIj9J6m0B2fafdmmCV-_-M-21ekSQFUmNLqpMnG_PpNhS_U_dWhk2zHsQXAJx0hxy6rBss7hwY_JsKzuaSXt6z-tnOM-kWiDH0ShVbx03RmoLcHKxTc2WMQZjPVjw2SKzlG5TLnFIoCvSYyBg7dx4NXdPXTno6dKfGybiSn4McDDIuXvc7_m1wINQPbd6dYXDbyPBHW2g70nl33vZLg9axFQGEcwcGzd-00-7Yhkojunv93E9tntqYpe4pa96295WCGaBjV9P_JbUfNX3wpTWGMh7JAHqhXkYR3aPRyHvDayZW53Iwxo0Ke3DTuVnvkmfUGKsK4Je5Grr_uD1CEWyoi-pLNkV_b-FGKBPCi3nRL7yu6ZRHjlbqWdT6AXBJKRRmMqMzu5CoXVVkmDsaJASyrqp1nPaQeNOMhF09rOMIbeZzCGAXpGgjWepvpkXy7Fx68qvf-fLzIitTwpHuez0JmBzNFS_jrY8JaCDppAbIc1f_GA4E4av_jj7S7HM6IIVqMGwof6bKuxStJJUxuvY3FSNvZgtPLCmT_3tJK7M2G9QVxsF6XFkixbQc3XIHHZLkV9Sr9vMR6WBnt6qyuq4i9i_ddA0VtCcSpArCLaa0aagWjroqMcHZUVVMbsGYqi4LLu3AWLt7JeW6ajY7-qSwxmN4qAdVuGXktpoFOuZExxLcSrVqAlRFJeXfyMQxD8JQO5Ow_uK-dpRyy6__ZQRiSU3i4AY6dh8QShfaPEfZam2crtsDOhVcxKB8qYBLoi8iQBDxjJPvaUij8IBnMKmVFF2oHtysSmm6YAqHo8uE0Zpzx4AhcLHR5oRx4FXisvrnHCpoxW-FOfOO9ngPUsmpeaDXmH6yy2DluxhYnumOZzOXAgTiaPS7cLaPxuqN4Qz2ZxPp8pksqjY6lMOJmVXKBHznsILnzKwJtQUI
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 243C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bpqkn98luZdeEBPWSjuwP-Oy66AkAAAAAOAHgBAI&bg=!Y2ClYC_NAAY3kmNgF5I7ADQBe5WfOOInAKRm0XLvFxW0GXDA94nuZgynzWYbOCI38q8eCG8MLmbCDiShgEE6EuVIfHwSAgAAAEZSAAAAAWgBB5kC_-IhXQRIeBbJHKTgbLHBLQ8z22Fx5EYxgALxwtDcXjy1meoLiFey6mr8YuZQVFED1tqGBv_hxD0oS_rvYUoSgKHHXxISVV9IADGDSyTvtAF6MuwiWHhueNcICsvFc874zZYr-EqmWm7hnlhcRHfQoDVc9tBWCENexV8bBpJiFHdDOZ-mpGczF9ryLLrchmTgsWijHwYjHVfR1Jd69f6jX2Z92RCYWGAlFUx8DMLfr49KVLV3PY54ROnosyw8vOx2VXxR_qODaJGEe6vEb3m6aZGXRMhJuFXANZjMh4JqUDztEjWY1t3U922nnv4Jf_DruzdPwwGgZq0E5hXbGPxoFQB1ZocANZODgxDZ4tS6evEfoKdksBjOEv57KOpY_0eGEjD-O2F7t7_2rUudaRhY0hbThYanjOJ9eM-30-E99hqRYuu90hvF-xnuk3z1av6zPPaO_Duk5zM1CVbUI2jt4QCnL2kK4-VLEsUsVGUK_XthLYvWjJIFSEE3rFvnbNBhSY-zXQ0IYcT6A24v4Pl72UtnWas5_k6nHbFBQM50xuWEQyqkDNMpT9XmXeDZ1em0dXmwLs2zYntzQHNyNSdVRCp3f4QWcUGCFHlTAa307Dlde_YTf_-mWTaLYc_ppToMROb_VX64X5K0sxVeA__NxBPq_CvP2YiFCU5qUZ7NU3kxEhvUio4g9VuxcKuhE1yEnaZoe_JecPz0lpb26ZP3rijWnyWEoBNTBcIuJmT_QpYLEzYEKDTyoAtzxNOvu9Y3LVizSZ6eWiE3LPlr4OdlY_a2tMC3irncDqA0z3ZiLmMqOyM2PdaMocTBXBjzzdRBIvgAHHAKlJfU7EXvgH0X3bCrMGL7u-HXhCvIedfZhrHc6qnHyF5ILHfG6hZXpKvto2rwYf2bCgsy_6wq-vjRmAV6gAdmdTYX8M0wJptEkHTTtrnrG4JTh_yXpa_JLBG9gTSrYFz8QqPJzCA5D2bQGd5mdZdYtQwxWIt04CF4eea4TTocEEVd7nOW3k8HADaN
Requested by
Host: 2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
URL: https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B60E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f85b4c99-385a-da2a-cb08-7652b1553548&tv=%7Bc:vU2SI4,pingTime:-10,time:381,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701759479572%7C%7Cab57edb60235bfa14dc063db899c69db%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C1114ddd63403420424e296912dc67e4f%7C%7C8c570f877b66263c171f604a3ff38bfd%7C%7Ce55e25b57311959fc924d9b226a80483%7C%7C1ba2f053a032e3f36c582ef525b27022%7C%7C1d0f24f734084e2f2e4d9e9e62f7af80%7C%7C1663701684%7D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8383 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8e8c0a89-165d-eb7b-eda5-7e03af545041&tv=%7Bc:vU2SJD,pingTime:-10,time:415,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701759479572%7C%7Cab57edb60235bfa14dc063db899c69db%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C1114ddd63403420424e296912dc67e4f%7C%7C8c570f877b66263c171f604a3ff38bfd%7C%7Ce55e25b57311959fc924d9b226a80483%7C%7C1ba2f053a032e3f36c582ef525b27022%7C%7C1d0f24f734084e2f2e4d9e9e62f7af80%7C%7C1663701684,sca:%7Bspg:f85b4c99-385a-da2a-cb08-7652b1553548%7D%7D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 79F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=765b10b7-4bc3-b5c9-a1a3-c93f5c6bde09&tv=%7Bc:vU2SJQ,pingTime:0,time:1045,type:pf,im:%7Bpci:%7Btdr:1007%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:16%7D,%7Bpiv:100,vs:i,r:,t:1044%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1044,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1041~0,0~100%5D,as:%5B1041~300.50%5D%7D%7D,%7Bsl:i,t:1044,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1041~0,0~100%5D,as:%5B1041~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:252,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1*.990511-61634092%7C1c11%7C1c12%7C1c13%7C1e.990511-61634100%7C1f.990511-61634100,idMap:1c1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:16,sis:293%7D&br=c
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B60E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f85b4c99-385a-da2a-cb08-7652b1553548&tv=%7Bc:vU2SKN,time:550,type:e,im:%7Bpci:%7Btdr:507%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B545~0%5D,as:%5B54~0.0,491~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:236,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1.990511-61634092%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e*.990511-61634100%7C1e1%7C1e2%7C1f.990511-61634100%7C1f1,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:181%7D&br=c
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 093F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH1b8TGlkAdZ0f_rYRAc4hWkSuS1tCdvTKHtF3xGDmZOEtytJ7jupqw4LP7T2-3RQT5gA10aPKkpTnkLCfFkNdcT69RmSkUWMnh70AmdSy-xD38dlYvF5j2s-FlW4L_sLSxmHlRGj-zAbN&sai=AMfl-YQV-UFozWMnANi7wl9lhgfWc6K-FpnrsRFhkE5XoI9wXNT4fRrKC7Gv1K_EP0XtmVc5Vo7WX2MlVfsJWussNKCaXSJaPEKbv8eAKGv790EkBv4v3uu1uqxAeDsXDtqqOv_VJo8biVuQ-59K1JscVyr4SyC4PYiF8uC7&sig=Cg0ArKJSzIVPu23Dl2FLEAE&cid=CAQSTwDICaaNIu_P6I7R2nnhOrVBZxls1H7x-ws2igamv1qrqYF5Gyf1BhaQOZRIZnKenKwJdC8GcKeM04Qw_VYt2AS53cQnJGsTsC76II63-gkYAQ&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1008&mtos=0,0,1008,1008,1008&tos=0,0,1008,0,0&tfs=166&tls=1174&g=100&h=100&tt=1174&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 8383 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8e8c0a89-165d-eb7b-eda5-7e03af545041&tv=%7Bc:vU2STY,time:1056,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1056,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1051~0%5D,as:%5B1051~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:203,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1.990511-61634092%7C1c11%7C1c12%7C1c13%7C1c14%7C1d%7C1e.990511-61634100%7C1e1%7C1e2%7C1e3%7C1e4%7C1f*.990511-61634100%7C1f1%7C1f2%7C1f3,idMap:1f*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:147%7D&br=c
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:58:00 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 79F4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7266050620733&version=m202309260101&ct=76&x=1&cor=7220626662911969000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:58:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B60E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1809710950369&version=m202309260101&ct=76&x=1&cor=6437431762626664000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:58:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8383 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5617672510572&version=m202309260101&ct=76&x=1&cor=3475925953146068000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:58:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 79F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=765b10b7-4bc3-b5c9-a1a3-c93f5c6bde09&tv=%7Bc:vU2T02,pingTime:1,time:2049,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:16%7D,%7Bpiv:100,vs:i,r:,t:1044%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1006,o:1044,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1041~0,0~100%5D,as:%5B1041~300.50%5D%7D%7D,%7Bsl:i,t:1044,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:202,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1*.990511-61634092%7C1c11%7C1c12%7C1c13%7C1e.990511-61634100%7C1f.990511-61634100,idMap:1c1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:16,sis:293%7D&br=c
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:58:00 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 79F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=765b10b7-4bc3-b5c9-a1a3-c93f5c6bde09&tv=%7Bc:vU2T03,pingTime:1,time:2050,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:16%7D,%7Bpiv:100,vs:i,r:,t:1044%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1006,o:1044,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1041~0,0~100%5D,as:%5B1041~300.50%5D%7D%7D,%7Bsl:i,t:1044,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:202,fm:tXxTlsp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C1761%7C1762%7C1763%7C1764%7C1765%7C1766%7C1767%7C177%7C178%7C18%7C19%7C1a%7C1b%7C1c1*.990511-61634092%7C1c11%7C1c12%7C1c13%7C1e.990511-61634100%7C1f.990511-61634100,idMap:1c1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:16,sis:293,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 06:58:00 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=627626f4-46d4-4e40-52ac-b2d96cd1456a&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| documentPictureInPicture object| dataLayer undefined| src undefined| dst boolean| is_desktop function| GetCookie function| SetCookie function| DeleteCookie function| getCookieVal function| LocalCache function| ajaxCash function| $ function| jQuery function| _ object| ifvisible function| MailWidget object| Core string| LANG_PREFIX object| Bookmarks boolean| brandsActiv string| fschema string| magicHash object| LoginErrors string| fr_text_nonew string| fr_text_new1 string| fr_text_new2 object| globalCommercialData undefined| adUkrNet number| adEcbrStart number| adEcbrDone undefined| rootLeft undefined| rootRight undefined| rootFuel object| ant string| basesearchurl function| isElementInView function| checkElementViewability function| fixSidebar function| setReload_branding function| ellipsizeTextBox object| portalCache object| App object| Lazyload object| Synchronization function| checkAttr object| Services object| Currency object| Fuel function| onCaptcaConfirm function| SHA1 function| transliterate function| ToPlural object| User object| News object| Holydays object| Clicks number| bc_a string| bc_g function| parse_20 object| arrForScrollRefresh function| setReload_300x250 function| onGeoData object| DateFormat object| Columns function| getBase64 function| aGo function| ecbrStart function| collectCommercialData function| go_search object| Fifa function| detectIE object| googletag object| vmpbjs object| vpb object| __advShowDeferred boolean| alreadyExistBrand boolean| alreadyExistTop boolean| alreadyExistOther object| topSlot undefined| topSlot2 object| topSlot3 object| topSlot4 object| topSlot5 object| brandSlot function| initGoogletag function| gosmart boolean| alreadyExistBanner function| showBanner object| widget function| __reCaptchaLoad undefined| bgURL1280 undefined| bgURL1366 undefined| bgURL1600 undefined| back_color_1280 undefined| back_color_1366 undefined| back_color_1600 boolean| brand_exist string| brand_href number| crash function| brandsActivion function| brandsParameters function| setbrandsActivion string| a object| cnts object| d object| n string| fr number| tz object| s number| wd number| size function| go boolean| alreadyExistBanner1 function| showBanner1 object| regionsList object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal object| _mgIntExchangeNews object| MarketGidInfC1516503 boolean| mg_loaded_422574_1516503 function| _mgWidgetLoad1516503 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint422574 object| _mgPageView422574 object| _mgPvidList string| _mgPvid string| _mgCanonicalUri object| _mgUserPages undefined| google_measure_js_timing object| vmpbjsChunk object| ADAGIO object| mnet string| nobidVersion object| nobid number| google_unique_id object| onClickExcludes function| mgReject1516503 function| mgLoadAds1516503_15720 function| _mgConsentWait1516503_15720 function| MarketGidCReject1516503 function| MarketGidLoadGoods1516503_15720 object| _mgSessionPages string| _mgSessionId number| _mgSessionPagesNumber object| _mgSessionsTimeList object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| _mgViewrate1516503 string| _mgUniqueHash1516503_15720 boolean| i.js.loaded object| PWT object| pbjs object| regeneratorRuntime object| ID5 object| __id5_instances object| owpbjsChunk object| owpbjs boolean| _mgPubmaticExists

95 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARDUFgoGCKIBENQW
.ukr.net/ Name: news_lang
Value: ua
.ukr.net/ Name: un_news_region
Value: 9
.ukr.net/ Name: snr
Value: 9
.ukr.net/ Name: scr
Value: 9
.ukr.net/ Name: sfr
Value: 9
.ukr.net/ Name: uid
Value: Cj1tBGVuyfR/rfiUBjZcAg==
.mgid.com/ Name: __cf_bm
Value: s3WrC6rR54ZDz90GQEePCVdZBaTdeS__nxs8lHSxYpw-1701759476-0-ATqbxj2wKA75NKv1OtZc9o9jFRoFGokUOhBW/iiu6s/AkIQEDV1BhVe5vCsW1pLC2LGdmvElq4VUbFXScdBnqPc=
.ukr.net/ Name: fuelId
Value: 3
m.mixadvert.com/ Name: c1155b9141eab38c856de52734d4ecca
Value: 444320
m.mixadvert.com/ Name: 64c7f8e7dd8cc8d9c72f6e1f0957ab88
Value: 1
.ukr.net/ Name: tracknew
Value: 1701759476893789.1701759476.1
.go.rcvlink.com/ Name: cache
Value: tJra6dPUvmnz
.ukr.net/ Name: _ga_75WQ2FHNW7
Value: GS1.1.1701759477.1.0.1701759477.60.0.0
.ukr.net/ Name: _ga
Value: GA1.1.885425914.1701759477
www.ukr.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ukr.net/ Name: _pubcid
Value: 4fb4d038-ad80-438a-9bde-9a38547da797
.ukr.net/ Name: pcity
Value: 102950159
.adtelligent.com/ Name: vmuid
Value: 30752ccc17f974e8
www.ukr.net/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1516503%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701759477381%22%7D%7D
a4p.adpartner.pro/ Name: apuid
Value: ac55e2a9-67b7-45f2-b604-0c5236f8274f
ads.us.e-planning.net/ Name: CT
Value: 1
.trafmag.com/ Name: vid
Value: 5925842609754788
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 7f04eaed-caf1-4ccd-ba68-44d33142efec
.e-planning.net/ Name: E
Value: AL5QCVu2ZelodPcC
.adnxs.com/ Name: uuid2
Value: 5006077730567657017
www.ukr.net/ Name: cbtYmKname
Value: 58898c5801e26893
.ukr.net/ Name: cto_bundle
Value: A9AkDF94QWdUandXb29CT1RVdFlObVduWUQ3MzVleUdxSCUyQkJHTFhkOEdlJTJCc2lSWnNhU3VpQkJ3M25jc1NtSkVrdktlQ01VaklFRCUyQjBqWTZ4RHBCZFMzS016anBvdmdyRk5Vb2RFcWd3TUJxRDFqOTJuVjlPJTJCVE1RdlZ1MU0wendhekpTZ3piOHBTdnM1WEZuSG4lMkZTV1NkRllBJTNEJTNE
.adtelligent.com/ Name: a307558
Value: 3725f268-1b80-4cfc-8bc5-d7229c70fdb9
.zeotap.com/ Name: zc
Value: 627626f4-46d4-4e40-52ac-b2d96cd1456a
.zeotap.com/ Name: zsc
Value: %ED%07FX%E4%BFij%B73e%9F%1F%1A%91%15%96%83%10W%7F%F6%C3%96%AA%14J%D8r%D1OQ%E4%1D%0Ev%3D%9F%0A%B8%9E%95%DB4%3E%24h%D9%27%DF%96%DAy%3B%E3%99%07%90%D2%F4%E1%27Av2%19%2F%9Efg%F6%92%FB%93%E0Z%C3%D2%7B%89%12%F2%18u%B3%FC4KE%EC3%C5%98ig%5C%CA%A4R%BB%05cG%3A%01%25%FC%FF%BB%EB%A7%B9l%3D%2Fk%FA8%BD%C6%DB%5C%EE%BC%FE%1C%F0%A2.%A3%C2%01%88%DC%F4%CAo%C1%D4%D0Z%3BB%188%1Ez%BDY%3F%81%3B%F3%9F%40-%F8%A9WZ%E3%7D%D5%D8%E0%86pC%AA%29%CA
.casalemedia.com/ Name: CMID
Value: ZW7J9ThIhiur-uDaCl5S8QAA
.casalemedia.com/ Name: CMPS
Value: 5167
.casalemedia.com/ Name: CMPRO
Value: 5167
.adtelligent.com/ Name: a754412
Value: 0000EEA
.adtelligent.com/ Name: a751004
Value: 8822236028279171789
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_8332866d-d56e-47ba-9462-21b9aa3ef35b
.mgid.com/ Name: lmg_usr
Value: d2ded5aa-531c-46ec-9fd7-d3ba60f71927
.mgid.com/ Name: lmg_r
Value: 25
.adtelligent.com/ Name: a297253
Value: 212101622280528343
.adtelligent.com/ Name: a584890
Value: 5006077730567657017
.adtelligent.com/ Name: a753378
Value: d2ded5aa-531c-46ec-9fd7-d3ba60f71927
.adtelligent.com/ Name: a307971
Value: AL5QCVu2ZelodPcC
.gumgum.com/ Name: vst
Value: e_8949e081-3ff3-4f32-83cb-9e1e8549f9a1
.demdex.net/ Name: demdex
Value: 24281732729008460640661513992818066364
.go.sonobi.com/ Name: HAPLB8G
Value: s8658|ZW7J+
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-2b7dc4f4-cff2-3965-b94a-31d2e615c35b
.dpm.demdex.net/ Name: dpm
Value: 24281732729008460640661513992818066364
loadercdn.net/ Name: vui
Value: e98b41ee4a5040eabd23936b0bb8119c
.bidswitch.net/ Name: tuuid
Value: da18f873-e89f-4800-b211-575f6ba50b33
.bidswitch.net/ Name: c
Value: 1701759477
.adform.net/ Name: C
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ctnsnet.com/ Name: cid_f36211d445c0471890840fffc2163399
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1701759477948
.tapad.com/ Name: TapAd_DID
Value: 25f27c46-3983-4023-b62e-6e3a39b4e41f
.bidswitch.net/ Name: tuuid_lu
Value: 1701759478
.adform.net/ Name: uid
Value: 4657187938654012922
.adfarm1.adition.com/ Name: UserID1
Value: 7309001303669667994
.doubleclick.net/ Name: IDE
Value: AHWqTUmxubg7STwgYZylqHgQ2pH_gibEHEmY6JYJZ3DbAtnhP2EcNbzWajm2NoKG
.creativecdn.com/ Name: u
Value: 2PtvVZiPRxvMzzP99BFT
.creativecdn.com/ Name: g
Value: 2PtvVZiPRxvMzzP99BFT_1701759478084
.creativecdn.com/ Name: ts
Value: 1701759478
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9a38b9b1bf236078
.weborama.fr/ Name: AFFICHE_W
Value: B04rTwURltoH22
.yahoo.com/ Name: A3
Value: d=AQABBPbJbmUCEEb2ggf56-KXgirTNLgfc5sFEgEBAQEbcGV4ZeAKyiMA_eMAAA&S=AQAAAlYNb_ZQxkgoj4_3GBSwMyY
.agkn.com/ Name: ab
Value: 0001%3A4pz53QhuuLDHFymzVOwU05uxNVoNsoK9
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2ffi
.krxd.net/ Name: _kuid_
Value: P9MccRT1
.doubleclick.net/ Name: APC
Value: AfxxVi4UGk9LSWMK3aFk7qu3IpVdR4m26haAmqj2OmwaVBb1WU9l9g
.fwmrm.net/ Name: _uid
Value: umeb608_7309003544587251232
.liadm.com/ Name: lidid
Value: 9ab9c74e-7475-451d-9349-e484830ef3b1
.turn.com/ Name: uid
Value: 3029932789337987170
.amazon-adsystem.com/ Name: ad-id
Value: A8blV0Rc80bDrs2EJRqt-hA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZW7J9gAEnq1hdgBU
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-aa5024c1-3ac0-5b98-4a2d-0f791f16ed50.CyQtJzZFAuKYlTXKkKO3MdIpzxyk70T%2FYbHibercwXY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-aa5024c1-3ac0-5b98-4a2d-0f791f16ed50.CyQtJzZFAuKYlTXKkKO3MdIpzxyk70T%2FYbHibercwXY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AqlAkwTrAW5hKLQ95HxbtUFLHgiU.s4dAym%2FggfhT5LOFcoLvw5n%2BXqjXlZJjRqjB0jYYKjU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AqlAkwTrAW5hKLQ95HxbtUFLHgiU.s4dAym%2FggfhT5LOFcoLvw5n%2BXqjXlZJjRqjB0jYYKjU
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILt15BgJL1qSjzbQfWWWqWolS8WqKIxRmpMjwwGvNVXiEHwYBCD2k7urBjABOgSVjvJGQgTWbf0d.DiZ9Vlo%2BNXZIqTwRaF9OgunKjkf2xYjXcSAK%2BWMfQws
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILt15BgJL1qSjzbQfWWWqWolS8WqKIxRmpMjwwGvNVXiEHwYBCD2k7urBjABOgSVjvJGQgTWbf0d.DiZ9Vlo%2BNXZIqTwRaF9OgunKjkf2xYjXcSAK%2BWMfQws
.ipredictive.com/ Name: cu
Value: dd400ebc-381b-4958-a273-06cf4e7b822d|1701759478367
.quantserve.com/ Name: d
Value: EG8BDQHLKuvLswA
.quantserve.com/ Name: mc
Value: 656ec9f6-6e3b1-daee1-26af2
.ukr.net/ Name: __gads
Value: ID=beac28ace23b487c:T=1701759477:RT=1701759477:S=ALNI_MbwFo1OkCvDUphIoOjw5Yp59u2bmw
.ukr.net/ Name: __gpi
Value: UID=00000d0afc742478:T=1701759477:RT=1701759477:S=ALNI_MbiD_ctRmlOEjaRbA0IbG8bLsJe9w
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilcv9y0'!]td48i_iqf!oN/@E'zz<*Z0QuSct8su'ugH#n(C/f36/hf-N4w/VE[TF]6FTD._*PlZ[C[-kX-Og$!P
.rezync.com/ Name: zync-uuid
Value: 19c6f3cc-e475-4f34-8bb7-2c7b68904c44:1701759479.2894151
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MrcwNzE3MjM1tRDiM9RNDklzNSjzLggpzi0GAGEE1x8lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MrcwNzE3MjM1tRDiM9RNDklzNSjzLggpzi0GAGEE1x8lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4ITkyIHlcGMKsXJ3v4te2mdJ9oJhOAuW3bQp9s4aEPA4hzMKrHtmwcN_H-NYwToAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IsQ2AMAwEwAmoModRnLzzMePYIgNRUjIpJRLl3VWonmP1TDlBE6wOmRGUlowxvSKBQ1mV5qDvbTrU9C7bl6Pa8_MLknCPN1oAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsWwZYWLmNGVxOyyRZxPzPefX6-5B0wf2xb783aDnnfvjaAvuqlDvmAXn-rPSEDeUQSocDCyCESCZwDdOu9vttcH9fxSeMyqTpDJofLhE5KYReUS5Q0oiJmz6NnSsjpFiShJw_nH7g0JZc.ZW7J9w.e2QULId4-K2fhTffNq1Ck82Auy0

10 Console Messages

Source Level URL
Text
network error URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Message:
Failed to load resource: the server responded with a status of 599 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=126bd6bdc617e589
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D126bd6bdc617e589%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=627626f4-46d4-4e40-52ac-b2d96cd1456a&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=627626f4-46d4-4e40-52ac-b2d96cd1456a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=627626f4-46d4-4e40-52ac-b2d96cd1456a&reqId=c6652d38-915b-4ceb-5586-640097047983&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=19c6f3cc-e475-4f34-8bb7-2c7b68904c44%3A1701759479.2894151&_=1701759479.2913725
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2b4f538974812345ec4027fcfc21e303.safeframe.googlesyndication.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.ukr.net
ad.turn.com
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
c.mgid.com
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.mgid.com
cm-x.mgid.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
cookies.nextmillmedia.com
counter.ukr.net
creativecdn.com
d.turn.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
go.rcvlink.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbx.media.net
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
jsc.mgid.com
lb.eu-1-id5-sync.com
live.rezync.com
loadercdn.net
loadeu.exelator.com
m.mixadvert.com
mail.ukr.net
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pinformer.sinoptik.ua
pixel.rubiconproject.com
pixel.tapad.com
player.adtcdn.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
region1.analytics.google.com
rtb.gumgum.com
rtb.openx.net
s-img.mgid.com
s.amazon-adsystem.com
s.e-planning.net
s.zfctrack.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
sghb.adtelligent.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.admanmedia.com
sync.adtelligent.com
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.tidaltv.com
t.trafmag.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trafmag.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
ukr.net
ups.analytics.yahoo.com
upst.fwdcdn.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
vid.vidoomy.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ukr.net
x.bidswitch.net
bn01.er.bemail.it
sync.tidaltv.com
104.18.36.155
13.248.245.213
136.243.84.74
141.95.98.64
142.250.186.66
142.250.186.98
147.135.189.55
151.101.130.49
162.19.138.118
162.55.236.224
18.173.233.125
18.173.233.95
18.198.126.47
18.198.247.190
184.30.16.195
184.30.22.30
185.15.245.82
185.184.8.90
185.187.81.40
185.187.81.41
185.83.71.234
185.86.138.155
193.0.160.130
193.200.65.2
193.200.65.5
193.3.178.1
193.3.178.3
198.47.127.19
2.18.160.23
2001:4860:4802:34::36
208.93.169.131
211.120.53.205
212.42.73.60
212.42.75.249
212.42.75.253
212.42.76.151
23.56.202.187
2600:1901:0:1728::
2600:1901:0:b0a7::
2600:1f13:800:7781:5f9f:1259:c76c:3ebc
2600:1f18:6593:f601:31be:eaee:1d8c:9fe8
2600:9000:2440:5800:8:48e:53c0:93a1
2606:4700:10::6816:1857
2606:4700:10::ac43:266a
2606:4700:1::6813:824c
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:803::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::c
2a02:6ea0:c700::17
2a04:4e42:600::300
2a05:d018:d29:3601:357b:9971:3f66:201
2a06:98c1:3121::3
2a0c:5c87:5241::2
3.224.5.201
3.33.220.150
3.65.68.8
3.71.149.231
3.75.62.37
34.111.113.62
34.111.131.239
34.160.236.64
34.226.187.58
34.241.138.233
34.247.233.198
34.250.32.32
34.95.81.168
34.98.64.218
35.186.193.173
35.186.253.211
35.210.239.72
35.244.174.68
37.157.2.229
37.252.173.215
44.197.32.198
44.215.169.187
45.133.44.3
46.228.164.11
46.228.164.13
50.31.142.63
51.89.9.254
52.19.46.71
52.211.88.8
52.215.12.121
52.29.184.165
52.45.83.84
52.46.155.104
52.94.223.167
54.225.102.15
54.38.197.123
54.73.3.247
63.251.14.14
67.202.105.21
69.166.1.35
69.173.144.138
69.173.144.165
69.192.160.219
8.18.47.7
8.2.110.161
8.2.110.26
85.114.159.118
00207e5ef7753a1a13a155d469c582c0df746a56540b9c3e02a91b2113b00df6
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701
154e447356c50065694bc44aedab64cdff3792ebc5c817a59f56b51e6cc9480f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17ba78553cef460543b4903830439e903068349fa58d097b91203410377ebd7a
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a9e4383cb7bb63aac4dfb4f89e9b838df79144cb1f16ee80aa9b751758cf449
1c7d4b42c92fe796b17bb31dd01a76a013739c5d1d3b1099a9006ca1be554377
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2991242b89a97b10a60cad81650fd80fa972a0e9cb7db8a48f8c0f6462a9cebc
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2d755bf5e913048783ea51c777d7fcfeb453a65001b14e2055d7766c28ebae73
2d9d34a9b0197c514c6ac30d03b7570274381845a415e859cad07864df32a1c9
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34b0f57cd7c006ad946f6ca99b64b210d7a530aa1e8131e54dcc023b39096489
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
3b8c28eda5cfc79ef7c0a1cac11a9dd69eb9ab6d933baa39ac2492a73f64bfe5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47155d5cf009c71c7b651e696e5023767b4ab8a13b3a716b8f18ccc08fe13488
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47a4b754222d5c0d359defa72a305b7de523e964a95096d049cfcc70d380384f
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d67462416b2a1f8a959a96ed00d3ab8c783cd640ccc8d0e8d863bc1af229a1e
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
527976eab06dc865779ac3f83aa369f101271f682d390393f64f2efc0d5ac18b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53eb3dc82e8b9acffe1290f0805da70cb0c69b58dd71ea191011224ced01bb48
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5a476d550586b4638bceb8b7c3dbad3ac4c35ec68b7dbee0f586f1bdf61b7ac2
5af68897381a7032cf348dad66f968ee8fce88d456fd8d881229ea7c46a08f95
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6561500c649236328b9152352b37fee33955520b17bbd4a86bb296f70bea3d32
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d
6b07c4e5c3d3d7ff6b74ed9b07cd3767d73af333de9477b1fca3fe68e995be1b
6b4f4a405ef88b4c167f248b2749274d306280ed8c458a3699fd60ca306f3742
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c8b8006ff7b3d1d381eb255bd490ab7c620fb42c5d8fd4204761d6dab15f973
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
6f2077a90676edf41fc4631f0241688148eb3303fd3fd85b5cca5398801b6cbb
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e
7722d0083512372bbb403ffe51878be59b0f31a411eac8987a040c342e77be03
780756123232b9d63eae9802709613efe0940a9a3ba2f11ddb8e400f85fbcf8c
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ae384474cd6f47bbb969a7013282e94e5ca07c7762ff20efc35bfb6a6e89c86
7c20ab166b5d83ae5f50545536fad6e1c0af8fb77d2bf10086470049fb188323
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff
7dcffa40d30dcc6299163c843fcc850bc047c8125836c2fa9bb3ba468a548261
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
80cbcde9410b93c02d11d9eac11dbbe50b22c05209bff919df17317973a07668
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
83d30e5d0cdf92208d94c7dd2c80782b639a74479c2ad939a21d24a96dc039c2
846a93669a4bb91146f245de74a56312277a94e07ac74721056459bcc8035aae
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20
8642227e7e812e308996435f91b80801fdb672f699ca10bbed5fdd5f0db87075
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8d5eab17df4b0ea5b59b953468f6ec01af82e956f0aa9c26dac495cedcd84ddd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9cd8f70ac868a2ef49819dc1322632684738fae890caa93b11118f01ade0fa9d
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a12b5969b9438d933adcc03b041d4b4ce929f5104c9130a945c90668f39cc6e5
a15812db7980e3cb5e90fc985dfc1ffd9f2eab6cddc7f16460fde5cf074ae0eb
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a30e28b0526a840a98dee23f6f814183f52936735510f5dc2fd2315e0e82e0d7
a48682c3d7c0da087fc57642fff2362fe718e663579a4416926935dd6ee1f3b7
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a641578b6410cab5687a3b7f01747a701ce70678c381ae4171ff6f4760e086a2
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
a77ef35dc75fe0dc49333b228c888a75ca777d8999a8862f35469fffddb2a9c1
a9930bf724039651faa40a19099715d7aca11ccd98c8bfc4b63f255465c9366e
a9e6ed62d5ff953eb0b609a2970f0734f80b70522e0a4af2a93d870807520ea9
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf08f9d9b284aa6386fd40e1de697afe21768e417267b9a26d025daff7f6fda
be47bc7f8267bfbe3794e5382273c3c2ca7aff938dc733b6589b0213b5f784e0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5c2f9ac6784afb4ce0f878acbe367b8f372088325d9db185d27adc6786c71c9
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c61aac88471ed1d304a17b962bcbc8fec0382fcf8f7107a5de32eb4a8fb9bde1
c8fc9bc2bc960ec9a8f3f9ec4fbd9c565b06b46d9c52b6df7fbd14c6fb6f38a8
cc43dab60b728537533bca689cf28f6d238f6425cf3e307e7073e3a5d5b55b13
cc4f13e3ada6d878e608e4eda53a8c16e8f58834526baaa90d464d430bac6325
cc88e0004534e009708a1e32155e031861f7877f7ab21bf96501c2d0f1aa93af
d186a1523110b8b4f9fb7f42398d82d169a55e51eeda6474fe7a17ceea2e4df7
d3269a13e60e1a676fefb07de5d6d92f2a32541b3d362b5be58cbda94e511888
d87e5c678ee913c6729c07135f98835f36dd22174f4a0f71172b690b91297acc
da8a77bbd22c94c51ab51e4f0b6db120408fd529e8b6ea936e28281dedc1c6e3
dada31613ec07643549dd0ba2fccbbbb2063c5af7ddd3e2377c6cdb5ade0cc04
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e4eb542de3aacb807d6311234bee92c7eb8545741ce0303aebc6d82dadceea8c
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2006912c5dc591deaefe84b76a6acfb2ab76ce59dd008ca3884a1a541efe9c
f012661914947909dc3d2aeeac3fdf260f0b94c74ad0321c7fc5e2e42e5c7959
f1cf5caad40b1f6f5a766a7f2efc2ce5d03e783a783a3a27482afe989816a98c
f3d5b442ff551168311e3f06373293b3c8adc105996e1bda61832dd230ce453f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
fc5d7c001f82e9fce9c615abcda38a61f3bbd2553609f923515659b31dc5e68f
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583
fd4c7bf340db270ba2c99bf7daf5c725b2bf110e3cd28c0863326336320f43a9
ffc77fc27332a12d5e7a5f908a36c1c75c996306b2a3e84a6ca07a4de8725de6