Submitted URL: http://discovered.com.ua/
Effective URL: https://discovered.com.ua/
Submission: On July 10 via api from GB — Scanned from GB

Summary

This website contacted 78 IPs in 12 countries across 63 domains to perform 223 HTTP transactions. The main IP is 2a01:4f8:10b:2c15::, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is discovered.com.ua.
TLS certificate: Issued by R3 on June 25th 2022. Valid for: 3 months.
This is the only time discovered.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2a01:4f8:10b:... 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 54.38.64.100 16276 (OVH)
1 2.21.20.210 20940 (AKAMAI-ASN1)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 145.239.192.166 16276 (OVH)
4 51.75.86.98 16276 (OVH)
2 2620:116:800d... 16509 (AMAZON-02)
1 54.228.48.187 16509 (AMAZON-02)
1 108.156.253.167 16509 (AMAZON-02)
3 7 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 148.251.233.147 24940 (HETZNER-AS)
1 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 7 37.252.173.27 29990 (ASN-APPNEX)
3 5 142.250.185.66 15169 (GOOGLE)
3 35.71.131.137 16509 (AMAZON-02)
2 2 52.211.136.172 16509 (AMAZON-02)
1 1 35.156.83.159 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 54.216.212.103 16509 (AMAZON-02)
3 141.95.98.70 16276 (OVH)
2 178.250.0.157 44788 (ASN-CRITE...)
1 54.228.198.182 16509 (AMAZON-02)
1 35.158.200.114 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 14 172.67.10.198 13335 (CLOUDFLAR...)
5 188.42.191.196 7979 (SERVERS-COM)
1 147.75.85.234 54825 (PACKET)
9 138.201.65.74 24940 (HETZNER-AS)
1 2602:803:c003... 26667 (RUBICONPR...)
2 64.74.236.95 22075 (AS-OUTBRAIN)
2 2 204.237.133.120 3257 (GTT-BACKB...)
2 3 185.86.137.110 201081 (SMARTADSE...)
1 1 37.252.172.250 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
6 185.86.137.113 201081 (SMARTADSE...)
9 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 2.18.235.93 16625 (AKAMAI-AS)
2 92.123.194.140 20940 (AKAMAI-ASN1)
2 23.211.6.95 16625 (AKAMAI-AS)
2 151.101.129.108 54113 (FASTLY)
8 37.252.173.38 29990 (ASN-APPNEX)
1 2a02:2638::b 44788 (ASN-CRITE...)
6 104.92.74.8 16625 (AKAMAI-AS)
1 2602:803:c003... 26667 (RUBICONPR...)
3 2.21.20.215 20940 (AKAMAI-ASN1)
10 23.54.113.52 16625 (AKAMAI-AS)
3 23.35.236.188 16625 (AKAMAI-AS)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 178.250.0.163 44788 (ASN-CRITE...)
2 3 52.95.125.22 16509 (AMAZON-02)
1 4 69.173.144.138 26667 (RUBICONPR...)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 178.250.2.135 44788 (ASN-CRITE...)
1 178.250.2.150 44788 (ASN-CRITE...)
2 23.216.77.25 20940 (AKAMAI-ASN1)
1 13.248.245.213 16509 (AMAZON-02)
7 7 52.59.173.142 16509 (AMAZON-02)
1 1 146.0.227.109 29066 (VELIANET-...)
1 138.201.65.66 24940 (HETZNER-AS)
2 2 193.232.150.68 48061 (UMA-TECH-AS)
1 72.251.249.9 29791 (VOXEL-DOT...)
1 151.236.71.19 204720 (CDNETWORKS)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 2 54.247.7.78 16509 (AMAZON-02)
1 23.211.5.91 16625 (AKAMAI-AS)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 1 50.31.142.191 ()
1 198.47.127.19 ()
3 3 31.172.81.159 ()
2 2 89.108.119.43 ()
1 2 2a02:6b8::90 ()
1 1 23.75.240.210 ()
1 2 2001:6d0:4001... ()
1 18.196.134.24 ()
223 78
Apex Domain
Subdomains
Transfer
22 media.net
contextual.media.net — Cisco Umbrella Rank: 529
warp.media.net — Cisco Umbrella Rank: 2255
lg3.media.net — Cisco Umbrella Rank: 3752
hblg.media.net — Cisco Umbrella Rank: 1467
316 KB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com — Cisco Umbrella Rank: 408
cdn.adnxs.com — Cisco Umbrella Rank: 1344
fra1-ib.adnxs.com — Cisco Umbrella Rank: 6795
acdn.adnxs.com — Cisco Umbrella Rank: 591
140 KB
18 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1422
ww1097.smartadserver.com — Cisco Umbrella Rank: 28090
csync.smartadserver.com — Cisco Umbrella Rank: 3885
68 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
eus.rubiconproject.com — Cisco Umbrella Rank: 573
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9721
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
token.rubiconproject.com — Cisco Umbrella Rank: 711
secure-assets.rubiconproject.com
pixel-eu.rubiconproject.com
37 KB
14 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5711
csync.smilewanted.com — Cisco Umbrella Rank: 4693
static.smilewanted.com — Cisco Umbrella Rank: 10226
18 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
pix.eu.criteo.net — Cisco Umbrella Rank: 6881
csm.eu.criteo.net — Cisco Umbrella Rank: 7033
67 KB
12 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 28133
225 KB
10 otm-r.com
ssp.otm-r.com — Cisco Umbrella Rank: 114707
sync.dmp.otm-r.com — Cisco Umbrella Rank: 14937
3 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 391
mug.criteo.com — Cisco Umbrella Rank: 2727
ads.eu.criteo.com — Cisco Umbrella Rank: 7052
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8758
widget.fr.eu.criteo.com — Cisco Umbrella Rank: 15254
49 KB
8 discovered.com.ua
discovered.com.ua
124 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
4 KB
7 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
1 KB
7 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1705
mwzeom.zeotap.com — Cisco Umbrella Rank: 1343
22 KB
6 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2197
cache.betweendigital.com — Cisco Umbrella Rank: 19765
5 KB
6 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 28008
2 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10550
2 KB
5 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9072
s.cpx.to — Cisco Umbrella Rank: 2286
6 KB
4 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1713
res-a.akamaihd.net — Cisco Umbrella Rank: 6852
50 KB
4 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 865
ads.pubmatic.com — Cisco Umbrella Rank: 488
image6.pubmatic.com
6 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3472
an.yandex.ru
71 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 820
364 B
4 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 7816
ced-ns.sascdn.com — Cisco Umbrella Rank: 2856
41 KB
4 gstatic.com
fonts.gstatic.com
39 KB
3 bumlam.com
sync.bumlam.com
2 KB
3 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
2 KB
3 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 4247
b1sync.zemanta.com
560 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 550
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
793 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
ajax.googleapis.com — Cisco Umbrella Rank: 307
32 KB
2 tns-counter.ru
www.tns-counter.ru
706 B
2 aidata.io
x01.aidata.io
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 501
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
2 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1867
646 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4190
sync-eu.connectad.io — Cisco Umbrella Rank: 3137
910 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 622
727 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 10669
823 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 641
eb2.3lift.com — Cisco Umbrella Rank: 410
648 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 987
sync.mathtag.com — Cisco Umbrella Rank: 462
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
2 KB
2 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2765
564 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5133
www.google.com — Cisco Umbrella Rank: 8
849 B
2 a-ads.com
acceptable.a-ads.com — Cisco Umbrella Rank: 79127
static.a-ads.com — Cisco Umbrella Rank: 47763
25 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1029
pixel.quantserve.com — Cisco Umbrella Rank: 443
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
110 KB
1 kargo.com
crb.kargo.com
360 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 660
277 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2560
582 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 395
705 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 635
98 B
1 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1058
194 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1220
278 B
1 4dex.io
mp.4dex.io — Cisco Umbrella Rank: 3646
599 B
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 32075
528 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 445
535 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 991
1 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 495891
43 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 28409
6 KB
1 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2293
2 KB
0 sddan.com Failed
kvt.sddan.com Failed
223 63
Domain Requested by
12 ads.themoneytizer.com discovered.com.ua
ads.themoneytizer.com
10 contextual.media.net ads.themoneytizer.com
contextual.media.net
discovered.com.ua
9 csync.smilewanted.com 1 redirects ads.themoneytizer.com
csync.smilewanted.com
9 csync.smartadserver.com discovered.com.ua
csync.smartadserver.com
9 ssp.otm-r.com ads.themoneytizer.com
8 fra1-ib.adnxs.com ads.themoneytizer.com
discovered.com.ua
cdn.adnxs.com
8 discovered.com.ua 1 redirects discovered.com.ua
7 x.bidswitch.net 7 redirects
7 static.criteo.net ads.eu.criteo.com
7 ib.adnxs.com 2 redirects ads.themoneytizer.com
acdn.adnxs.com
csync.smilewanted.com
6 lg3.media.net discovered.com.ua
6 eus.rubiconproject.com discovered.com.ua
eus.rubiconproject.com
ads.themoneytizer.com
cache.betweendigital.com
6 ww1097.smartadserver.com ced.sascdn.com
6 c.tmyzer.com ads.themoneytizer.com
5 ads.betweendigital.com ads.themoneytizer.com
ads.betweendigital.com
5 mc.yandex.com 2 redirects discovered.com.ua
5 cm.g.doubleclick.net 3 redirects discovered.com.ua
5 mwzeom.zeotap.com discovered.com.ua
4 pix.eu.criteo.net ads.eu.criteo.com
4 token.rubiconproject.com 4 redirects
4 hblg.media.net discovered.com.ua
4 prebid.smilewanted.com ads.themoneytizer.com
4 s.cpx.to p.cpx.to
discovered.com.ua
4 onetag-sys.com ads.themoneytizer.com
cache.betweendigital.com
4 fonts.gstatic.com fonts.googleapis.com
3 sync.bumlam.com 3 redirects
3 pixel.rubiconproject.com 1 redirects discovered.com.ua
csync.smilewanted.com
3 aax-eu.amazon-adsystem.com 2 redirects discovered.com.ua
3 acdn.adnxs.com discovered.com.ua
ads.themoneytizer.com
3 ced-ns.sascdn.com csync.smartadserver.com
3 sync.smartadserver.com 2 redirects discovered.com.ua
3 id5-sync.com discovered.com.ua
ads.themoneytizer.com
ced.sascdn.com
3 match.adsrvr.org discovered.com.ua
3 gum.criteo.com 1 redirects ads.themoneytizer.com
2 www.tns-counter.ru 1 redirects
2 an.yandex.ru 1 redirects
2 x01.aidata.io 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 ice.360yield.com 2 redirects
2 creativecdn.com 2 redirects
2 px.adhigh.net 2 redirects
2 res-a.akamaihd.net discovered.com.ua
2 cdn.adnxs.com ads.themoneytizer.com
2 warp.media.net ads.themoneytizer.com
2 qsearch-a.akamaihd.net ads.themoneytizer.com
2 image2.pubmatic.com 2 redirects
2 b1h.zemanta.com ads.themoneytizer.com
2 mug.criteo.com discovered.com.ua
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dpm.demdex.net 2 redirects
2 www.google.co.uk discovered.com.ua
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects discovered.com.ua
2 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
2 www.googletagmanager.com discovered.com.ua
www.googletagmanager.com
2 fonts.googleapis.com discovered.com.ua
cdnjs.cloudflare.com
1 crb.kargo.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 b1sync.zemanta.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 ads.pubmatic.com csync.smilewanted.com
1 sync.mathtag.com 1 redirects
1 cdn.connectad.io csync.smilewanted.com
1 static.smilewanted.com csync.smilewanted.com
1 cache.betweendigital.com ads.betweendigital.com
1 ap.lijit.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 inv-nets.admixer.net 1 redirects
1 eb2.3lift.com ads.themoneytizer.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 px.ads.linkedin.com discovered.com.ua
1 id.rlcdn.com discovered.com.ua
1 ads.yahoo.com discovered.com.ua
1 widget.fr.eu.criteo.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 beacon-ams3.rubiconproject.com discovered.com.ua
1 ads.eu.criteo.com discovered.com.ua
1 www.google.com discovered.com.ua
1 secure.adnxs.com 1 redirects
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 prebid.a-mo.net ads.themoneytizer.com
1 mp.4dex.io ads.themoneytizer.com
1 tlx.3lift.com ads.themoneytizer.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 pixel.quantserve.com discovered.com.ua
1 static.a-ads.com acceptable.a-ads.com
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 rules.quantcount.com secure.quantserve.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 cmp.quantcast.com quantcast.mgr.consensu.org
1 acceptable.a-ads.com discovered.com.ua
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 quantcast.mgr.consensu.org discovered.com.ua
0 kvt.sddan.com Failed ads.themoneytizer.com
223 104

This site contains no links.

Subject Issuer Validity Valid
www.discovered.com.ua
R3
2022-06-25 -
2022-09-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
1266287590.rsc.cdn77.org
R3
2022-05-24 -
2022-08-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.cmp.quantcast.com
R3
2022-06-24 -
2022-09-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
c.tmyzer.com
R3
2022-05-30 -
2022-08-28
3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA
2021-09-13 -
2022-09-13
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-04 -
2023-06-03
a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2
2021-09-12 -
2022-09-12
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2022-01-13 -
2023-01-13
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-05-21 -
2022-10-31
5 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2021-12-08 -
2023-01-08
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.co.uk
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2022-01-17 -
2023-01-17
a year crt.sh
*.id5-sync.com
R3
2022-05-31 -
2022-08-29
3 months crt.sh
adtrack.adleadevent.com
Amazon
2022-06-13 -
2023-07-12
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-15 -
2023-01-15
a year crt.sh
*.a-mo.net
R3
2022-07-04 -
2022-10-02
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.otm-r.com
AlphaSSL CA - SHA256 - G2
2022-05-27 -
2023-06-28
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-29 -
2022-08-29
a year crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-27 -
2022-08-25
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-18 -
2022-08-13
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-12 -
2022-09-12
3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2
2022-05-27 -
2023-06-28
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-24 -
2023-02-24
a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3
2022-04-15 -
2023-04-15
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh

This page contains 43 frames:

Primary Page: https://discovered.com.ua/
Frame ID: D7774874169FC5F74C435AA07AB7217B
Requests: 99 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1657436698504
Frame ID: F97E407C9A413CBE6B6F010762065D45
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1993075
Frame ID: 236851B75335571DAD6E692B24F7B006
Requests: 3 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Frame ID: 417C0E0176C695DBDA9E5FAAD7A294BA
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Frame ID: A98D41C0810E96D11E043F67C8AC81C1
Requests: 13 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Frame ID: 68A3974AD9198E159D1EF7203B4C37EC
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Frame ID: D88CCB5912DA98EC9F1062505272CE8C
Requests: 13 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Frame ID: D69171D0FCAA570D6B3536A23123A742
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Frame ID: E07ADD7E4739904D4EA102AEF977C422
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: 679933D391C34A50A4C1E902BCCE20DE
Requests: 10 HTTP requests in this frame

Frame: https://beacon-ams3.rubiconproject.com/beacon/d/6f201d8e-d7d1-44da-b012-2a967d79dd2e?oo=0&accountId=11740&siteId=39550&zoneId=1078234&sizeId=10&e=6A1E40E384DA563BC72AB33BC3C3BE9D233AFE259D244BEE02597C259ECFF64B364135558E44E79CDDB70DBBBE0BD1447A3220A15E3EC91D71B33D956FCDE5FD84963E761FD6DCEAA8C3DECD1E151D79525C91F6DA33F6AE8CD809E11B28FCCB34D5BB51330850C3FEC40C9B4A448F63A4FC08EBBCDDD9690D5C3CB989C6CFC3D3FB47A64E4252F910AEB793F49E9B0694AD8B3D8DC83AA3FA04C152AE357C244026E984540E56ED65F6B5ACFAB8A5FBBD195C394BC268202E981A72AE1A4382E2B49BFDACFE5588135CF6E6EE96DE3E789B838B280545148F26EF813EEC9F97EB25A38EAE6E4E78B739638661180A61F6B095F93CA9B007C44A3DA46A89C660FEA4EC5C5D6EBA495C3251C71E2B303ECD98542DE217D5564AD8DD30D9A854A2D0FCCA094EB9DBE92252A016D502ACBD3070D08231B8566BDBD20C0D3B56C3F0391E940DE71EBAB07A21BE4C829934C253644F2E34E90C5BCADD63566474CB1C446E67E8D50DFDE9CA2275A392DBE7B1BFBDC8024A4CD17ECADD93B03CFAF8196B514DA28F74D5CB922029101DD8C27822D9BD2E11EEF5EFFB6AE4AB94CE593DF1C2373F089A7E45C2A4F8DD4223796DD9950118FF0E07463A442D4641D94A68B9A066484021C549713C577CE58DAF766E373E3EEBE63FC9D16B2E1AF40E5D48E7CCC90433EF92E44BAD169B9A398D0E269AC4ABF532F4E4A25F65E7FD61EC3021BAFE3F711B6B41EFDCB38F3E58D5812B02832C9B8EF62ECEC727456D4FA65D2318895102A38009A8C86638E93FFABDA09DE2C8890062814A212690FD2E691AFBA79AD8227AE46D8FF27E2D89026FF0DA8501F1891D476FE6B7390062A56854260FA58C221BCB2A626C58E40BDC168D297E7D266011C0F741FF9A3FAF75111314E1CF13EF6C13C19B5A6A7489D36AD51C9BBC57D729D14AEE8CA8CB77DB21C61FF25E0F0D1C121060D6D9131996C359CDA10306204D320B
Frame ID: EF15E0C6FEA22DABF9DDF23125A423D3
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: 8191B7CB06590F25E8521E335A65FBBC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 50B8852A4683A6393D6FBB7A1B8DB16E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 9EBB6574712354E91B75F92B4F8AB4CC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2078805
Frame ID: 38BB5CCD1E2EB3AD6D157961409318DF
Requests: 2 HTTP requests in this frame

Frame: https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=7944&cb=62ca7a1b3a3955b5fea9a3a1f39764f3
Frame ID: E9167E00332B5A2A07F0F2381A55CFE7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: 79648677A7EA2090B11B0356E06AD227
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: E0F40D2ECD429D587E1B6ACD257A1A0F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: B909E82A8880C831DF2C156C0AF0D6B1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2078805
Frame ID: 1F659F090B8FAE433948BE41255E7823
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: C3EA44F9186B0D7EEB567AF263F73147
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: E7BEE7C0A0353E46A8915DB72E4E21DD
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: E9EAC47C8AEA14C11BFDA640A4C4970B
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1657436699202&gdpr=0
Frame ID: 2C5F20AD6E7C6FAC2D5EF0D1A205E689
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: C7E70BA05F5CCC98CDDFFDEDEACFCE53
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 787BEC839207015748A917E2F42277A1
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0A26DF5073648328E628A416A9A23722
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 34EB3CE58CC73447C603518CF89E4933
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f5305887-ce07-52bf-9f74-b66afdbecc71&CACHEBUSTER=49067
Frame ID: 4D44204198438A532505FFD1201F37AA
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: BC81944324551649843400703AB0C2D3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7Oii1gYPTrpC2lUm2rIE?pi=smilewanted&tc=1
Frame ID: 806EE2CF1F1C0A680F301659DF082E1F
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=84ca53966bd9d432752b6ad9b1b901ad
Frame ID: DD00A92BD58CB720E5F9B757972C79EC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 3E5D2E5470FA86C0F03BFF5AD140D07B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/
Frame ID: 6A2D253A5CAEB7D69BDE5748B80C2F2C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/b50de5bb-bac4-4b54-b6f9-74f341737ec9&partner_id=1010
Frame ID: A66D9B6FC4878549BEB814FFD5E8FB0A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 45E064AC6536ADD78B6098215EEB1C76
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: F4B0D92D5C3A6D01385F3EBBF16A6F6F
Requests: 2 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 8CA950F31AABEB0CF487BBAB34BB9BB2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ysp6Hz9bn1P8Wtjlr0TOUAAA%265172
Frame ID: 23FE571E91A3FAABB9B71C450A34A798
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/9f0c92c9-001e-11ed-87d9-1626150c0306
Frame ID: E8B09E0D6065E12B52F22F8043418212
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: D7DC15136B16EB3E4218B8F9720EACF0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 5023B9F71598C485DBE4CB79C71FBBF5
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: B1D7DE102409C409872230029D8F2269
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Discovered — О финансах и не только…

Page URL History Show full URLs

  1. http://discovered.com.ua/ HTTP 301
    https://discovered.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

223
Requests

89 %
HTTPS

32 %
IPv6

63
Domains

104
Subdomains

78
IPs

12
Countries

1590 kB
Transfer

4710 kB
Size

78
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://discovered.com.ua/ HTTP 301
    https://discovered.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db0e2de66-1a2f-4a45-68cc-18bb52767500%26reqId%3D2a04c57b-2701-4656-6b7a-45bd0cac7dea%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=7266520154083601316&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Request Chain 43
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDOeJRF0q-TRrPCKZ2GKRSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Request Chain 45
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b0e2de66-1a2f-4a45-68cc-18bb52767500&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db0e2de66-1a2f-4a45-68cc-18bb52767500%26reqId%3D2a04c57b-2701-4656-6b7a-45bd0cac7dea%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b0e2de66-1a2f-4a45-68cc-18bb52767500&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db0e2de66-1a2f-4a45-68cc-18bb52767500%26reqId%3D2a04c57b-2701-4656-6b7a-45bd0cac7dea%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=24986795589164907920299297895408656007&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Request Chain 46
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=NyBbmvkNyxF1ZDGA66WFsE9%2FZ%2FDHUMTA%2BS41iYitP1U%3D
Request Chain 47
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db0e2de66-1a2f-4a45-68cc-18bb52767500%26reqId%3D2a04c57b-2701-4656-6b7a-45bd0cac7dea%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=175262ca-7a1b-4a00-a88b-051f3511cdc2&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Request Chain 53
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiscovered.com.ua%2F&domain=discovered.com.ua&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=1CCgrnx6Um1RcHIwMmdtc0g1UkpZdGhHVXdxM3hFVnp0Uk44SkFBcXo3bWNGUzN1TjZiVkNNeTJpSEpsTEREZitkYVlWbXhSQzdYak91cTU4STVhVkZBYjZOeFF2VU1rZURyRjBiRTBOSDI1QkNjMjYwQmRCdWMvcVdZNTZDR2c1NkRIbzM5dFhjM0hScFJOQXlCUUdHdzlkM1ZOMk1Pd2JEZFNCbmdpNmFrUmdPOU90dEFWVzBHSXpackVkRXVmS05RQVlod1pnVnowc0J1clNzL0ZWNUowQ1ZvYWFoSjBNOXl6ZWZtMXdBZ29PTkNrPXw&cppv=2
Request Chain 58
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9695.nwO3zjRuHpftL3munRZKdZrtauGJuXEQxC6FS1jspLCw0U5tbEcnJAUOuX6UEupJ.rM1rRbuvg6BqaneOxV9yDyhvLX8%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9695.gt_5z9Y1b3ltR3JJyFFc0jlplB3oBseHxBEqf0KPLNU85b7iN1imiFpAG5JVqoQeNMOFgaud5vKSWnxDQ74C0Q%2C%2C.Hsktc8x2Ow5E8kMK_U3DSX51mIA%2C
Request Chain 87
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dc546d24c-a56e-4a24-883c-2bb193b1c10b HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dc546d24c-a56e-4a24-883c-2bb193b1c10b HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=86765434-5564-4AEC-B900-EC01CE41A9D8&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b&google_gid=CAESEK9uLbHGM1QpvAeLkw-4qek&google_cver=1
Request Chain 89
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dc546d24c-a56e-4a24-883c-2bb193b1c10b&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b&gdpr=0&cklb=1
Request Chain 90
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Fdiscovered.com.ua%252F%26hn_ver%3D40%26fid%3Dc546d24c-a56e-4a24-883c-2bb193b1c10b HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=7266520154083601316&pid=12762&ref=&url=https%3A%2F%2Fdiscovered.com.ua%2F&hn_ver=40&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
Request Chain 94
  • https://mc.yandex.com/watch/28298426?wmode=7&page-url=https%3A%2F%2Fdiscovered.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A1127%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A348040792201%3Ahid%3A303532227%3Az%3A0%3Ai%3A20220710070459%3Aet%3A1657436699%3Ac%3A1%3Arn%3A324085401%3Arqn%3A1%3Au%3A1657436699997512692%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657436697313%3Ads%3A0%2C120%2C544%2C1%2C240%2C0%2C%2C356%2C0%2C%2C%2C%2C1266%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657436699%3At%3ADiscovered%20%E2%80%94%20%D0%9E%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B0%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%E2%80%A6&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/28298426/1?wmode=7&page-url=https%3A%2F%2Fdiscovered.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A1127%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A348040792201%3Ahid%3A303532227%3Az%3A0%3Ai%3A20220710070459%3Aet%3A1657436699%3Ac%3A1%3Arn%3A324085401%3Arqn%3A1%3Au%3A1657436699997512692%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657436697313%3Ads%3A0%2C120%2C544%2C1%2C240%2C0%2C%2C356%2C0%2C%2C%2C%2C1266%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657436699%3At%3ADiscovered%20%E2%80%94%20%D0%9E%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B0%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%E2%80%A6&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 146
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PHnoUGbSR6e2U6eSk2jK0g&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PHnoUGbSR6e2U6eSk2jK0g&gdpr=0
Request Chain 147
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5EZ0M3E-6-CNBH&sigv=1&esig=2~67435355e4f58668209303764b14532ccd68c96b&gdpr=0
Request Chain 149
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5EZ0M3E-6-CNBH&gdpr=0
Request Chain 150
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVFWjBNM0UtNi1DTkJI&gdpr=0
Request Chain 152
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjlkOTFmZjBiMDIzZmE4ZmRiYmE2NWZiMDIyZmUyZTVmOWIyZTg4YQ&gdpr=0
Request Chain 200
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3Db18c268c-4d31-45ed-839d-f2dc30beede1%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=00a7dea12e2e4323922c63bb7d4c6b09&ssp=between&bsw_param=b18c268c-4d31-45ed-839d-f2dc30beede1&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
Request Chain 202
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=xUpO3iLvIAH.AikABlGB5u0Kiw
Request Chain 208
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7Oii1gYPTrpC2lUm2rIE?pi=smilewanted&tc=1
Request Chain 209
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=84ca53966bd9d432752b6ad9b1b901ad
Request Chain 211
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/
Request Chain 212
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D7ed83b15-3a2d-4823-836c-e2e49e6f5dcd&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=175262ca-7a1b-4a00-a88b-051f3511cdc2&expires=30&ssp=between&bsw_param=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
Request Chain 213
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b50de5bb-bac4-4b54-b6f9-74f341737ec9&partner_id=1010
Request Chain 217
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ysp6Hz9bn1P8Wtjlr0TOUAAA%265172
Request Chain 218
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=9f0c9308-001e-11ed-87d9-1626150c0306 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/9f0c92c9-001e-11ed-87d9-1626150c0306
Request Chain 219
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 221
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARig9KmWBqIBEJ9iI74AHhHtv2IAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9f6223be-001e-11ed-bf62-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9f6223be-001e-11ed-bf62-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=Lzx%2BFrFENjMAzfOJbIoSEg& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/9f6223be-001e-11ed-bf62-002590c82437 HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/9f6223be-001e-11ed-bf62-002590c82437?redir-setuniq=1
Request Chain 222
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 225
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/49067 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/49067
Request Chain 226
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f5305887-ce07-52bf-9f74-b66afdbecc71&expires=60 HTTP 302
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

223 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
discovered.com.ua/
Redirect Chain
  • http://discovered.com.ua/
  • https://discovered.com.ua/
42 KB
10 KB
Document
General
Full URL
https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:2c15:: Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d0e9e217d004ce2ccd678f9fa4d2b0655ae7fead66c402d7e5eb8643984a9f47

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:04:58 GMT
server
nginx
vary
Accept-Encoding,User-Agent
x-hyper-cache
stop - no cache header, gzip on the fly
x-ray
wn1584:0.480/wa1584:D=479309

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 10 Jul 2022 07:04:57 GMT
Location
https://discovered.com.ua/
Server
nginx
x-ray
wn1584:0.000/
autoptimize_58b392d1ec5a7eb10f59111c13151cdf.css
discovered.com.ua/wordpress/wp-content/cache/autoptimize/css/
182 KB
40 KB
Stylesheet
General
Full URL
https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/css/autoptimize_58b392d1ec5a7eb10f59111c13151cdf.css
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:2c15:: Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a0452473ec210240d40eeaecc451434508dd54ba3e31952d07d38f211d79626

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
wn1584:0.000/
content-encoding
br
last-modified
Thu, 26 May 2022 15:37:37 GMT
server
nginx
etag
W/"628f9ec1-2d634"
content-type
text/css
cache-control
max-age=2592000
date
Sun, 10 Jul 2022 07:04:58 GMT
expires
Tue, 09 Aug 2022 07:04:58 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3a4c890d6116d466e36e0d16fbb919fb40aed7a1af570e403065b4d09f3d43a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Jul 2022 07:04:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 10 Jul 2022 07:04:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Jul 2022 07:04:58 GMT
jquery.min.js
discovered.com.ua/wordpress/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://discovered.com.ua/wordpress/wp-includes/js/jquery/jquery.min.js
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:2c15:: Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
wn1584:0.000/
content-encoding
br
last-modified
Sun, 29 Aug 2021 20:38:21 GMT
server
nginx
etag
W/"612bf03d-15db1"
content-type
application/javascript
cache-control
max-age=2592000
date
Sun, 10 Jul 2022 07:04:58 GMT
expires
Tue, 09 Aug 2022 07:04:58 GMT
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1qhFJdIn/uyoAAA
x-accel-expires
@1657512159
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
TNbewynhAf4
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
10939
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/
107 KB
14 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d01705c36caeca13e04eaba33377f708a4f4016d938812c32a78d17694fd038d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1qhHm1pb/ZR8AAA
x-accel-expires
@1657515061
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
nrb7WsKYDwg
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
8037
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1qhFccOX/uyoAAA
x-accel-expires
@1657512159
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
Z6wGH8KlnvE
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
x-cache
HIT
x-age
10939
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/
106 KB
14 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=2
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e884e5580bd2bfb6fde520d58ebaa7e289088054f135f990a81e84ba552511f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1qhGY5Sj/ZR8AAA
x-accel-expires
@1657515061
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
kY1sHI9ZYN4
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
8037
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=3
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1qhHPd47/uyoAAA
x-accel-expires
@1657512159
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
aAYUkMpZ0cU
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
10939
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/
106 KB
14 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=3
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a495d2b2854a79f4489e81747f15895de1411df94e8d3905f90f67d00f3b2a27

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1qhHMz73/ZR8AAA
x-accel-expires
@1657515061
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
omsjXH2so3o
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
8037
x-77-pop
frankfurtDE
js
www.googletagmanager.com/gtag/
196 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DLD9124WME
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65065476317136966a59b7560a0bc5a73ac741a04b7869def71ee8c1d479ee46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71283
x-xss-protection
0
expires
Sun, 10 Jul 2022 07:04:58 GMT
autoptimize_a7acf200f82b87260e937add551f5619.js
discovered.com.ua/wordpress/wp-content/cache/autoptimize/js/
52 KB
17 KB
Script
General
Full URL
https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/js/autoptimize_a7acf200f82b87260e937add551f5619.js
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:2c15:: Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
8454a5675ebc2aa69f5a59db3ac1c70931619c5b04df82c8cd1080e5c2647a0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
wn1584:0.000/
content-encoding
br
last-modified
Wed, 15 Jun 2022 10:58:10 GMT
server
nginx
etag
W/"62a9bb42-d143"
content-type
application/javascript
cache-control
max-age=2592000
date
Sun, 10 Jul 2022 07:04:58 GMT
expires
Tue, 09 Aug 2022 07:04:58 GMT
choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
3 KB
2 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 13:53:56 GMT
server
AmazonS3
age
51
etag
W/"c53bd785b1ee57b613221019d7d72626"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
uvYszsYhMVG6X9Icd-P8KsdJuF3274Hw5QzKl8g-Aow8GZhcbPC9Kg==
star.png
discovered.com.ua/wordpress/wp-content/themes/twentythirteen/images/headers/
22 KB
22 KB
Image
General
Full URL
https://discovered.com.ua/wordpress/wp-content/themes/twentythirteen/images/headers/star.png
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/css/autoptimize_58b392d1ec5a7eb10f59111c13151cdf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:2c15:: Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e411633c11930c9ce6429782d6dc4e5aeabed7e7fb5a65f082f006004227d07f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/css/autoptimize_58b392d1ec5a7eb10f59111c13151cdf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
wn1584:0.000/
last-modified
Tue, 01 Feb 2022 22:13:01 GMT
server
nginx
etag
"61f9b06d-585c"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 10 Jul 2022 07:04:58 GMT
accept-ranges
bytes
content-length
22620
expires
Tue, 09 Aug 2022 07:04:58 GMT
search-icon.png
discovered.com.ua/wordpress/wp-content/themes/twentythirteen/images/
422 B
612 B
Image
General
Full URL
https://discovered.com.ua/wordpress/wp-content/themes/twentythirteen/images/search-icon.png
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/css/autoptimize_58b392d1ec5a7eb10f59111c13151cdf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:2c15:: Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
77cc2a262c38bdfeaf27050d2e54b5927c5744f4d80e2fa466c526d524e7c2ae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/css/autoptimize_58b392d1ec5a7eb10f59111c13151cdf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
wn1584:0.000/
last-modified
Tue, 01 Feb 2022 22:13:00 GMT
server
nginx
etag
"61f9b06c-1a6"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 10 Jul 2022 07:04:58 GMT
accept-ranges
bytes
content-length
422
expires
Tue, 09 Aug 2022 07:04:58 GMT
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18Smxg.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
916 B
2 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18Smxg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
259feab5acef00ed8d670dca4bc902525f83d507e72bc606c5836096511b1f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://discovered.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 00:17:32 GMT
x-content-type-options
nosniff
age
283646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
916
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Jul 2023 00:17:32 GMT
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdd99d2c3e8e201d74478aae63335ae605ee193fc052cd650a34c79108a7785d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://discovered.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 19:31:21 GMT
x-content-type-options
nosniff
age
300817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12556
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 19:31:21 GMT
moneybile.js
ads.themoneytizer.com/
38 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1qhEdBzb/vc0CAA
pragma
public
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
CEsZN1pHh4A
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
183741
x-77-pop
frankfurtDE
x-accel-expires
@1658289757
/
c.tmyzer.com/c/
0
282 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=92235&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:04:58 GMT
Server
nginx
X-IPLB-Request-ID
52C78225:9638_36264064:01BB_62CA7A1A_1308A1DB:13C4F
X-IPLB-Instance
38438
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
geo
rbx
smart.js
ced.sascdn.com/tag/1097/
93 KB
31 KB
Script
General
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:04:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
31943
Expires
Sun, 10 Jul 2022 07:19:58 GMT
sync
gum.criteo.com/
49 B
373 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2684
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/
61 KB
20 KB
Script
General
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
728772c66cfb7777-LHR
date
Sun, 10 Jul 2022 07:04:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/
5 KB
6 KB
Script
General
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:04:58 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
52C78225:D9F0_91EFC0A6:01BB_62CA7A1A_177977B4:4507
ETag
"6167dbf8-15ab"
X-IPLB-Instance
30195
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame F97E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1657436698504
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/
24 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
gzip
etag
"Sy8yk7L2ihxjBP+YyKUKJg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 17 Jul 2022 07:04:58 GMT
px.js
p.cpx.to/p/12762/
2 KB
2 KB
Script
General
Full URL
https://p.cpx.to/p/12762/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.48.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-48-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dce50eee3fdc1e23dfbd66dd3cabcbb1e9499fd49f63912e416552e450d7591a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:04:58 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1769
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/
25 KB
26 KB
Script
General
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.253.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-253-167.dus51.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 05:23:34 GMT
Via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
20597
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-P2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
8s5umsdZKw5_Hx7MuVVbTPYySlnB7X1X8zpzKsU0HvT1Dfk__VHPyw==
prebid.js
ads.themoneytizer.com/moneybid7_1/build/dist/
629 KB
159 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8fce39ec7a63f40eac85498fb8aca9f7b595f1787bc1afd5e94a8823e99240b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1qhFrian/vc0CAA
pragma
public
date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
etag
W/"62a8971d-9d355"
last-modified
Tue, 14 Jun 2022 14:11:41 GMT
server
CDN77-Turbo
x-77-nzt-ray
xtAO+pI2JJ0
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
183741
x-77-pop
frankfurtDE
x-accel-expires
@1658289757
truncated
/
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0

Request headers

Referer
Origin
https://discovered.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
/
c.tmyzer.com/c/
0
272 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=92235&f=2&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 10 Jul 2022 07:04:02 GMT
Server
nginx
X-IPLB-Request-ID
52C78225:964A_36264064:01BB_62CA7A1A_1304B9B9:2F1E7
X-IPLB-Instance
24858
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 2368
37 B
37 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Type
image/gif
/
c.tmyzer.com/c/
0
271 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=92235&f=3&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 10 Jul 2022 07:04:58 GMT
Server
nginx
X-IPLB-Request-ID
52C78225:9650_36264064:01BB_62CA7A1A_13049298:D9DF
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.js
mc.yandex.ru/metrika/
204 KB
70 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
last-modified
Fri, 08 Jul 2022 09:23:14 GMT
etag
"62c7cd52-1180a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71690
expires
Sun, 10 Jul 2022 08:04:58 GMT
1993075
acceptable.a-ads.com/ Frame 2368
23 KB
6 KB
Document
General
Full URL
https://acceptable.a-ads.com/1993075
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/js/autoptimize_a7acf200f82b87260e937add551f5619.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.233.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.147.233.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
202c313c0e1c9c9c0b05519c58f6f555d8a427a10cf976c669feb2a1bb4eaa4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sun, 10 Jul 2022 07:04:58 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
https://discovered.com.ua/
X-Powered-By
Phusion Passenger(R)
X-XSS-Protection
1; mode=block
smush-lazyloader-3.gif
discovered.com.ua/wordpress/wp-content/plugins/wp-smushit/app/assets/images/
5 KB
5 KB
Image
General
Full URL
https://discovered.com.ua/wordpress/wp-content/plugins/wp-smushit/app/assets/images/smush-lazyloader-3.gif
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/css/autoptimize_58b392d1ec5a7eb10f59111c13151cdf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:2c15:: Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
436ea3a822c7b83deb5612793164e608f28202b40b23d39156f19b474d4315fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/wordpress/wp-content/cache/autoptimize/css/autoptimize_58b392d1ec5a7eb10f59111c13151cdf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
wn1584:0.000/
last-modified
Sat, 18 Jun 2022 14:30:25 GMT
server
nginx
etag
"62ade181-12ff"
content-type
image/gif
cache-control
max-age=2592000
date
Sun, 10 Jul 2022 07:04:58 GMT
accept-ranges
bytes
content-length
4863
expires
Tue, 09 Aug 2022 07:04:58 GMT
cmp2.js
cmp.quantcast.com/tcfv2/42/
177 KB
43 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
age
27
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 05 Jul 2022 18:40:23 GMT
server
AmazonS3
etag
W/"a18627a302da47ec97015f587007f1a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
tTMyWoJA9akeBiNHcspK5V6RKJDQJOiMgxXdFUOMoXxq3YjlfZ8Z5w==
/
spl.zeotap.com/
2 KB
965 B
XHR
General
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5c6f778b58539efe04eaa0efdf454f42b71b843a5562a906f072d7746484f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
728772c6fdc87777-LHR
date
Sun, 10 Jul 2022 07:04:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 02:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Jul 2023 02:49:27 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
1 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:a200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 06:43:29 GMT
content-encoding
gzip
age
1290
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
YY4QblMGdBZTMqF-ZKkwD9nEXJs04SDsPqf1M81FIGuRfjBsMsmIMg==
js
www.googletagmanager.com/gtag/
103 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59479635-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DLD9124WME
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5746274c151a0c0eaad5d03c5b6f704116a7007142d5ef4e1072ae802109411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40372
x-xss-protection
0
last-modified
Sun, 10 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Jul 2022 07:04:58 GMT
collect
region1.analytics.google.com/g/
0
348 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DLD9124WME&gtm=2oe6t0&_p=1001091915&_z=ccd.v9B&_gaz=1&cid=27081062.1657436699&ul=en-us&sr=1600x1200&_s=1&sid=1657436698&sct=1&seg=0&dl=https%3A%2F%2Fdiscovered.com.ua%2F&dt=Discovered%20%E2%80%94%20%D0%9E%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B0%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%E2%80%A6&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DLD9124WME
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
348 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DLD9124WME&cid=27081062.1657436699&gtm=2oe6t0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DLD9124WME
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DLD9124WME&cid=27081062.1657436699&gtm=2oe6t0&aip=1&z=1281281004
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db0e2de66-1a2f-4a45-68cc-18bb52767...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=7266520154083601316&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
95 B
187 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=7266520154083601316&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772c9798d7777-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:04:59 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8a7563ed-a8ac-469d-9f30-20816fe44a2a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=7266520154083601316&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDOeJRF0q-TRrPCKZ2GKRSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEDOeJRF0q-TRrPCKZ2GKRSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772c9da4f7777-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEDOeJRF0q-TRrPCKZ2GKRSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db0e2de66-1a2f-4a45-68cc-18bb52767500%26reqId%3D2a04c57b-2701-4656-6b7a-45bd0cac7dea%26zdid%3D1258&gdpr=1&gdpr_consent=
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b0e2de66-1a2f-4a45-68cc-18bb52767500&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b0e2de66-1a2f-4a45-68cc-18bb52767500&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=24986795589164907920299297895408656007&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0c...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=24986795589164907920299297895408656007&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772c9ea897777-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v036-0459dd4f0.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
s1nfZ2M9RMw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=24986795589164907920299297895408656007&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=NyBbmvkNyxF1ZDGA66WFsE9%2FZ%2FDHUMTA%2BS41iYitP1U%3D
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=NyBbmvkNyxF1ZDGA66WFsE9%2FZ%2FDHUMTA%2BS41iYitP1U%3D
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772c9da4e7777-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=NyBbmvkNyxF1ZDGA66WFsE9%2FZ%2FDHUMTA%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db0...
  • https://mwzeom.zeotap.com/mw?cid=175262ca-7a1b-4a00-a88b-051f3511cdc2&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=175262ca-7a1b-4a00-a88b-051f3511cdc2&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772c9da527777-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Sun, 10 Jul 2022 07:04:59 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x33 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=175262ca-7a1b-4a00-a88b-051f3511cdc2&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b0e2de66-1a2f-4a45-68cc-18bb52767500&reqId=2a04c57b-2701-4656-6b7a-45bd0cac7dea&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sun, 10 Jul 2022 07:04:58 GMT
120x60
static.a-ads.com/a-ads-banners/401420/ Frame 2368
18 KB
19 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/401420/120x60?region=eu-central-1
Requested by
Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1993075
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.233.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.147.233.251.148.clients.your-server.de
Software
nginx /
Resource Hash
7daad585125ad482b8c3011bde111fb4a8e3c60e9c690d33e800693a36277434

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acceptable.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:04:58 GMT
Last-Modified
Fri, 08 Jul 2022 09:16:11 GMT
Server
nginx
x-amz-request-id
1YXP19887YMJHSZ7
ETag
"964d1760f43b99caee349bd5964038b0"
Content-Type
image/png
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
18942
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
rX9amX9FRIkoMlxWoRWtoDwXSmnR8N5y
x-amz-id-2
TMqpbkKjU8cGMiuRj8ePCMVyB1iedvGpYDwmXfGiNnSNmv+0QHDTUQ1YAhahoMBGT4ygWmxd+LY=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59479635-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
8
date
Sun, 10 Jul 2022 07:04:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 10 Jul 2022 09:04:51 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiscovered.com.ua%2F&domain=discovered.com.ua&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://discovered.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 10 Jul 2022 07:04:58 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1417
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
fire.js
s.cpx.to/
845 B
1 KB
Script
General
Full URL
https://s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Fdiscovered.com.ua%2F&hn_ver=40&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12762/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.212.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-212-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0cefeac29154ea5873740fa8a1dcdcb04b464920b9a1a82cddc862e07a915e9c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sun, 10 Jul 2022 07:04:59 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
845
Expires
Thu, 30 Jun 2022 08:52:27 UTC
9.gif
id5-sync.com/i/12/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216620.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:58 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiscovered.com.ua%2F&domain=discovered.com.ua&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=1CCgrnx6Um1RcHIwMmdtc0g1UkpZdGhHVXdxM3hFVnp0Uk44SkFBcXo3bWNGUzN1TjZiVkNNeTJpSEpsTEREZitkYVlWbXhSQzdYak91cTU4STVhVkZBYjZOeFF2VU1rZURyRjBiRTBOSDI1QkNjMjYwQmRCdWMvcVdZNT...
353 B
622 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=1CCgrnx6Um1RcHIwMmdtc0g1UkpZdGhHVXdxM3hFVnp0Uk44SkFBcXo3bWNGUzN1TjZiVkNNeTJpSEpsTEREZitkYVlWbXhSQzdYak91cTU4STVhVkZBYjZOeFF2VU1rZURyRjBiRTBOSDI1QkNjMjYwQmRCdWMvcVdZNTZDR2c1NkRIbzM5dFhjM0hScFJOQXlCUUdHdzlkM1ZOMk1Pd2JEZFNCbmdpNmFrUmdPOU90dEFWVzBHSXpackVkRXVmS05RQVlod1pnVnowc0J1clNzL0ZWNUowQ1ZvYWFoSjBNOXl6ZWZtMXdBZ29PTkNrPXw&cppv=2
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
186eb40eb307c86b8a32c2a61f3d27933cd841d965b4c6d096ea9942541ae531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3026
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:58 GMT
location
https://mug.criteo.com/sid?cpp=1CCgrnx6Um1RcHIwMmdtc0g1UkpZdGhHVXdxM3hFVnp0Uk44SkFBcXo3bWNGUzN1TjZiVkNNeTJpSEpsTEREZitkYVlWbXhSQzdYak91cTU4STVhVkZBYjZOeFF2VU1rZURyRjBiRTBOSDI1QkNjMjYwQmRCdWMvcVdZNTZDR2c1NkRIbzM5dFhjM0hScFJOQXlCUUdHdzlkM1ZOMk1Pd2JEZFNCbmdpNmFrUmdPOU90dEFWVzBHSXpackVkRXVmS05RQVlod1pnVnowc0J1clNzL0ZWNUowQ1ZvYWFoSjBNOXl6ZWZtMXdBZ29PTkNrPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1511
content-length
482
expires
0
12.json
id5-sync.com/g/v2/
213 B
624 B
XHR
General
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216620.ip-141-95-98.eu
Software
/
Resource Hash
3a4600684e5fae2ee16a25c733aaae5125ad01aaa8e6ef20a33897d5a9439b09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://discovered.com.ua
date
Sun, 10 Jul 2022 07:04:58 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
s
kvt.sddan.com/api/v1/public/p/29567/d/50/
0
0

pixel;r=1694158972;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fdiscovered.com.ua%2F;uht=2;fpan=1;fpa=P0-302704468-1657436698943;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-2022...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1694158972;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fdiscovered.com.ua%2F;uht=2;fpan=1;fpa=P0-302704468-1657436698943;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220628170050;cm=;gdpr=0;us_privacy=1---;ref=;d=discovered.com.ua;dst=0;et=1657436698942;tzo=0;ogl=locale.ru_RU%2Ctype.website%2Ctitle.Discovered%2Cdescription.%D0%9E%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B0%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%252E%252E%252E%2Curl.https%3A%2F%2Fdiscovered%252Ecom%252Eua%2F%2Csite_name.Discovered
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
notifyme.php
adtrack.adleadevent.com/
0
528 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.198.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-198-182.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:04:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Jul 2022 07:04:59 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://discovered.com.ua
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9695.nwO3zjRuHpftL3munRZKdZrtauGJuXEQxC6FS1jspLCw0U5tbEcnJAUOuX6UEupJ.rM1rRbuvg6BqaneOxV9yDyhvLX8%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9695.gt_5z9Y1b3ltR3JJyFFc0jlplB3oBseHxBEqf0KPLNU85b7iN1imiFpAG5JVqoQeNMOFgaud5vKSWnxDQ74C0Q%2C%2C.Hsktc8x2Ow5E8kMK_U3DSX51mIA%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9695.gt_5z9Y1b3ltR3JJyFFc0jlplB3oBseHxBEqf0KPLNU85b7iN1imiFpAG5JVqoQeNMOFgaud5vKSWnxDQ74C0Q%2C%2C.Hsktc8x2Ow5E8kMK_U3DSX51mIA%2C
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9695.gt_5z9Y1b3ltR3JJyFFc0jlplB3oBseHxBEqf0KPLNU85b7iN1imiFpAG5JVqoQeNMOFgaud5vKSWnxDQ74C0Q%2C%2C.Hsktc8x2Ow5E8kMK_U3DSX51mIA%2C
date
Sun, 10 Jul 2022 07:04:59 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
136 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
last-modified
Fri, 08 Jul 2022 09:23:14 GMT
etag
"62c7cd52-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 10 Jul 2022 08:04:59 GMT
prebid-request
onetag-sys.com/
15 B
364 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://discovered.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
tlx.3lift.com/header/
19 B
508 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.1.0&referrer=https%3A%2F%2Fdiscovered.com.ua%2F&tmax=3000&gdpr=false
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.200.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-200-114.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/
114 B
599 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ca47b4e209bacd475e9921bff202d313f839c02a1d738389aa7adc228a7436

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
728772ca6870885f-LHR
pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
/
prebid.smilewanted.com/
0
76 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772ca6da906e9-LHR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
438 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772ca6dab06e9-LHR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772ca6dac06e9-LHR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://discovered.com.ua
access-control-allow-credentials
true
cf-ray
728772ca6dae06e9-LHR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
adjson
ads.betweendigital.com/
2 B
913 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
c
prebid.a-mo.net/a/
0
278 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://discovered.com.ua
date
Sun, 10 Jul 2022 07:04:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
6
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/
67 KB
18 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
00f41e1bb22127f136fdbc0ce51d2661a81ad9b856ec8fb14e8b82813dbc827a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 10 Jul 2022 07:04:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6c414f3a-2964-4ea2-bff0-5984a9958107
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://discovered.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ssp.otm-r.com/
2 B
301 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=600&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=35d53b93d0f5403&transactionid=92aade47-58de-4c19-82e8-c6a94537ae5c&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
301 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=250&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=35d53b93d0f5403&transactionid=92aade47-58de-4c19-82e8-c6a94537ae5c&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
301 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=728&h=90&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=36244dc4c4e496a&transactionid=6b152fa1-967e-470f-b554-a9764e21f1b5&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
301 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=320&h=50&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=36244dc4c4e496a&transactionid=6b152fa1-967e-470f-b554-a9764e21f1b5&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
301 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=50&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=36244dc4c4e496a&transactionid=6b152fa1-967e-470f-b554-a9764e21f1b5&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
300 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=320&h=100&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=36244dc4c4e496a&transactionid=6b152fa1-967e-470f-b554-a9764e21f1b5&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
301 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=100&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=36244dc4c4e496a&transactionid=6b152fa1-967e-470f-b554-a9764e21f1b5&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
300 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=250&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=370b1715f4c274a&transactionid=c3aaefbd-8d37-47ae-9368-c226e0f447f6&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
301 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=168&domain=discovered.com.ua&l=https%3A%2F%2Fdiscovered.com.ua%2F&s=29778&cur=RUB&bidid=370b1715f4c274a&transactionid=c3aaefbd-8d37-47ae-9368-c226e0f447f6&auctionid=107658a9-4734-47ab-b303-8d568789b00e&bidfloor=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
nginx/1.17.4
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
moneybid.js
ads.themoneytizer.com/bidder1/
75 B
362 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=92235&adid=11&formatid=video&size=desktop&country=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1qhGYOiz/KAIAAA
x-accel-expires
@1657522547
date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
+sApJsOnxAU
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://discovered.com.ua
cache-control
max-age=86400
x-cache
HIT
x-age
552
x-77-pop
frankfurtDE
moneybid.js
ads.themoneytizer.com/bidder1/
628 B
653 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=92235&adid=3&formatid=26323&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ce32c496a3a5c15115fa58fd274a23d6567d404a33f11789f89bec7e7b4c47f6

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1qhHOIQ7/KAIAAA
x-accel-expires
@1657522547
date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
Dz2Z7LRVaxM
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://discovered.com.ua
cache-control
public, max-age=86400
x-cache
HIT
x-age
552
x-77-pop
frankfurtDE
moneybid.js
ads.themoneytizer.com/bidder1/
624 B
639 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=92235&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b0af9b5ba26620df690934c69d688052098d97dd00864efe96222e7e47ef2f73

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1qhFfnZ//KAIAAA
x-accel-expires
@1657522547
date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
cLPgA9J7n3E
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://discovered.com.ua
cache-control
max-age=86400
x-cache
HIT
x-age
552
x-77-pop
frankfurtDE
moneybid.js
ads.themoneytizer.com/bidder1/
626 B
646 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=92235&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1955401a4589f6a764dbc564649ea12e459382de2f954c1b8a5fc55dae0b0c26

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1qhGhEiP/KAIAAA
x-accel-expires
@1657522547
date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
EOFS9PEdauI
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://discovered.com.ua
cache-control
public, max-age=86400
x-cache
HIT
x-age
552
x-77-pop
frankfurtDE
fastlane.json
fastlane.rubiconproject.com/a/api/
4 KB
4 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39550&zone_id=1078234&size_id=15%3B2%3B15&alt_size_ids=10%3B19%2C43%2C44%2C117%3B&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,87494,1,,,&eid_pubcid.org=61475532-19e8-4cd5-9187-231692f709bc%5E1&rf=https%3A%2F%2Fdiscovered.com.ua&kw=92235&tg_i.name=discovered.com.ua&tg_i.siteid=92235&tg_i.pbadslot=%2F92235%2Fdiscovered.com.ua%2Fdesktop%2F26323%3B%2F92235%2Fdiscovered.com.ua%2Fdesktop%2F26322%3B%2F92235%2Fdiscovered.com.ua%2Fdesktop%2F26300&tk_flint=pbjs_lite_v7.1.0&x_source.tid=92aade47-58de-4c19-82e8-c6a94537ae5c%3B6b152fa1-967e-470f-b554-a9764e21f1b5%3Bc3aaefbd-8d37-47ae-9368-c226e0f447f6&l_pb_bid_id=445e0c63e693e4f%3B458709e20e19931%3B46d143f8108c2ab&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F92235%2Fdiscovered.com.ua%2Fdesktop%2F26323%3B%2F92235%2Fdiscovered.com.ua%2Fdesktop%2F26322%3B%2F92235%2Fdiscovered.com.ua%2Fdesktop%2F26300&slots=3&rand=0.8444915753369187
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b25720be254e49fcc11316fd458f4f425f20771eea0e2f735d7f5ba628f7b77f

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:04:59 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://discovered.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2559
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
b1h.zemanta.com/api/bidder/prebid/bid/
0
123 B
XHR
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://discovered.com.ua
Access-Control-Allow-Credentials
true
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1001091915&t=pageview&_s=1&dl=https%3A%2F%2Fdiscovered.com.ua%2F&ul=en-us&de=UTF-8&dt=Discovered%20%E2%80%94%20%D0%9E%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B0%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%E2%80%A6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1672267759&gjid=72865824&cid=27081062.1657436699&tid=UA-59479635-1&_gid=2074905746.1657436699&_r=1&gtm=2ou6t0&z=1122443357
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=1CCgrnx6Um1RcHIwMmdtc0g1UkpZdGhHVXdxM3hFVnp0Uk44SkFBcXo3bWNGUzN1TjZiVkNNeTJpSEpsTEREZitkYVlWbXhSQzdYak91cTU4STVhVkZBYjZOeFF2VU1rZURyRjBiRTBOSDI1QkNjMjYwQmRCdWMvcVdZNTZDR2c1NkRIbzM5dFhjM0hScFJOQXlCUUdHdzlkM1ZOMk1Pd2JEZFNCbmdpNmFrUmdPOU90dEFWVzBHSXpackVkRXVmS05RQVlod1pnVnowc0J1clNzL0ZWNUowQ1ZvYWFoSjBNOXl6ZWZtMXdBZ29PTkNrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 10 Jul 2022 07:04:58 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1096
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dc546d24c-a56e-4a24-883c-2bb193b1c10b
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dc546d24c-a56e-4a24-883c-2bb193b1c10b
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=86765434-5564-4AEC-B900-EC01CE41A9D8&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
95 B
881 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=86765434-5564-4AEC-B900-EC01CE41A9D8&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Server
54.216.212.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-212-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sun, 10 Jul 2022 07:05:00 UTC

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=86765434-5564-4AEC-B900-EC01CE41A9D8&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
date
Sun, 10 Jul 2022 07:05:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
  • https://s.cpx.to/ca.png?dsp=dbm&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b&google_gid=CAESEK9uLbHGM1QpvAeLkw-4qek&google_cver=1
95 B
804 B
Image
General
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b&google_gid=CAESEK9uLbHGM1QpvAeLkw-4qek&google_cver=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Server
54.216.212.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-212-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sun, 10 Jul 2022 07:04:59 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b&google_gid=CAESEK9uLbHGM1QpvAeLkw-4qek&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dc546d24c-a56e-4a24-883c-2bb193b1c10b&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b&gdpr=0&cklb=1
0
316 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b&gdpr=0&cklb=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b&gdpr=0&cklb=1
pragma
no-cache
date
Sun, 10 Jul 2022 07:04:58 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Fdiscovered.com.ua%252F%26hn_ver%3D40%26fid%3Dc546d24c-a5...
  • https://s.cpx.to/an_fire?app_nexus_uid=7266520154083601316&pid=12762&ref=&url=https%3A%2F%2Fdiscovered.com.ua%2F&hn_ver=40&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
95 B
865 B
Image
General
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=7266520154083601316&pid=12762&ref=&url=https%3A%2F%2Fdiscovered.com.ua%2F&hn_ver=40&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Server
54.216.212.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-212-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sun, 10 Jul 2022 07:04:59 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sun, 10 Jul 2022 07:04:59 UTC

Redirect headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:04:59 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f5b07d9b-494e-461d-b10c-e8370b61227e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=7266520154083601316&pid=12762&ref=&url=https%3A%2F%2Fdiscovered.com.ua%2F&hn_ver=40&fid=c546d24c-a56e-4a24-883c-2bb193b1c10b
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
102.json
id5-sync.com/g/v2/
213 B
624 B
XHR
General
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216620.ip-141-95-98.eu
Software
/
Resource Hash
8b1ed50588db97da6384ef1e7e749613693ed22a3130d83d2c9c3256badea01e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://discovered.com.ua
date
Sun, 10 Jul 2022 07:04:58 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
collect
stats.g.doubleclick.net/j/
7 B
28 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-59479635-1&cid=27081062.1657436699&jid=1672267759&gjid=72865824&_gid=2074905746.1657436699&_u=YADAAUAAAAAAAC~&z=1811017495
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 10 Jul 2022 07:04:59 GMT
content-type
text/plain
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/28298426/
Redirect Chain
  • https://mc.yandex.com/watch/28298426?wmode=7&page-url=https%3A%2F%2Fdiscovered.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A1127%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/28298426/1?wmode=7&page-url=https%3A%2F%2Fdiscovered.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A1127%3Afu%3A0%3Aen%3Autf...
331 B
413 B
XHR
General
Full URL
https://mc.yandex.com/watch/28298426/1?wmode=7&page-url=https%3A%2F%2Fdiscovered.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A1127%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A348040792201%3Ahid%3A303532227%3Az%3A0%3Ai%3A20220710070459%3Aet%3A1657436699%3Ac%3A1%3Arn%3A324085401%3Arqn%3A1%3Au%3A1657436699997512692%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657436697313%3Ads%3A0%2C120%2C544%2C1%2C240%2C0%2C%2C356%2C0%2C%2C%2C%2C1266%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657436699%3At%3ADiscovered%20%E2%80%94%20%D0%9E%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B0%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%E2%80%A6&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e1f333cef09cc9eff58a4aa2d1887cedfb156d91fab92f366d4f569665c192b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 10-Jul-2022 07:04:59 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://discovered.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Sun, 10-Jul-2022 07:04:59 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
last-modified
Sun, 10-Jul-2022 07:04:59 GMT
location
/watch/28298426/1?wmode=7&page-url=https%3A%2F%2Fdiscovered.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A1127%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A348040792201%3Ahid%3A303532227%3Az%3A0%3Ai%3A20220710070459%3Aet%3A1657436699%3Ac%3A1%3Arn%3A324085401%3Arqn%3A1%3Au%3A1657436699997512692%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657436697313%3Ads%3A0%2C120%2C544%2C1%2C240%2C0%2C%2C356%2C0%2C%2C%2C%2C1266%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657436699%3At%3ADiscovered%20%E2%80%94%20%D0%9E%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B0%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%E2%80%A6&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://discovered.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 10-Jul-2022 07:04:59 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59479635-1&cid=27081062.1657436699&jid=1672267759&_u=YADAAUAAAAAAAC~&z=1872841727
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
63 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59479635-1&cid=27081062.1657436699&jid=1672267759&_u=YADAAUAAAAAAAC~&z=1872841727
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://discovered.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://discovered.com.ua
date
Sun, 10 Jul 2022 07:04:59 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://discovered.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://discovered.com.ua
date
Sun, 10 Jul 2022 07:04:59 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://discovered.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://discovered.com.ua
date
Sun, 10 Jul 2022 07:04:59 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/
2 KB
1 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
2e76e73d3fa47de2ff3b0bc2657204b78e67a4f444876c6c4b2d29336035be88

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
281 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=92235&f=2&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:04:59 GMT
Server
nginx
X-IPLB-Request-ID
52C78225:9650_36264064:01BB_62CA7A1A_1304929F:D9DF
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
geo
rbx
genericpost
ww1097.smartadserver.com/
2 KB
1 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0ac506080502c1fc731dd19e2bc167d1c17fb4d93a5516f9e5d68a0ab63eaffa

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
282 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=92235&f=1&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:04:59 GMT
Server
nginx
X-IPLB-Request-ID
52C78225:964A_36264064:01BB_62CA7A1A_1304B9C0:2F1E7
X-IPLB-Instance
24858
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
geo
rbx
genericpost
ww1097.smartadserver.com/
2 KB
1 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
babcc8e3cb043034309762c0e0a9812959a2f9e99a76869f37e577e4addfb748

Request headers

Referer
https://discovered.com.ua/
accept-language
en-GB,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:04:59 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://discovered.com.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
272 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=92235&f=3&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92235&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 10 Jul 2022 07:04:59 GMT
Server
nginx
X-IPLB-Request-ID
52C78225:9638_36264064:01BB_62CA7A1A_1308A1E1:13C4F
X-IPLB-Instance
38438
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame 417C
435 B
744 B
Document
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Sun, 10 Jul 2022 07:05:00 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
nmedianet.js
contextual.media.net/ Frame A98D
138 KB
47 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b0331603117bda3d3b3429536045440340f8c48528b00f758e86d93361444d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-8
content-encoding
gzip
server
Apache
etag
"d7bc358521f8c4a4ecda58bb73ac0ee3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sun, 10 Jul 2022 07:05:00 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-32
expires
Sun, 10 Jul 2022 07:10:00 GMT
log
qsearch-a.akamaihd.net/ Frame A98D
35 B
329 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=24726273&other_prv=9&jar_err=&current_day=0.0&adtyp=0&req_id=3673195370729927490&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=7.1890&exp=&second_bidder=*&search_res=16&floor_bucket=0.00&gpid_format=&seat=&size=300x250&f_seg=&prdp=0.0168&ogcbdp=0.0200&dfpbd=0.0168&server=1&ogerpm_wd_bkt=0-1&model_version=202207100213_generic_appn_2-cid_1&viewability=0.3000&dmm_r=0.1640&cut=16&dmm_l=0.0170&as_cache=1&tcyerpm=&sc=BY&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=discovered.com.ua%2F&bidrestime=1657436699228&cc=DE&strg=harmony&ss=&current_hour=6&time_stamp=2022-07-10+07%3A04%3A59&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=Nuremberg&akey=&mnckfl=0&bdp_bucket=0.00&algo=default&dc=eu_be&splid=24726273&dim4=exploration&dn=discovered.com.ua&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=0e1a70b0dca8478591b4b2143e7fb6a5&infl=&o_ver=NT+10.0&br_ver=99.0.4844.51&bdmm_m6=1.0000&bdmm_m7=1.2080&bdmm_m5=1.0000&ver=8.12.0&totalTimeBucket=2&visibility=0&totalTime=2661510&dmm_m1=2022-07-10+07%3A04%3A59.241507698&e_rpm=0.0290&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=1.2080&cid=8CU6M287B&bcrid=352460669&rawbid=0.0200&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-7c49fd9fd9-rxvlv.BE&dfp_bucket=0.0&adblk=&itype=appnexus&pvid_seat=9&cliIP=1388806656&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=15&gpid=&iwb=1&dmm_d22=0.01&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.02
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.194.140 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-194-140.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 10 Jul 2022 07:05:00 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame A98D
61 KB
62 KB
Script
General
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.6.95 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-6-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sun, 10 Jul 2022 07:05:00 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=66258
access-control-allow-credentials
true
content-length
62892
expires
Mon, 11 Jul 2022 01:29:18 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame A98D
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Age
11743590
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21930-LGA, cache-hhn4080-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1657436700.316620,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
495611, 2464117
it
fra1-ib.adnxs.com/ Frame A98D
0
815 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fdiscovered.com.ua%252F&e=wqT_3QLZBPBMWQIAAAMA1gAFAQib9KmWBhDB2NGGtuj-yCgYpNf6ysmy9-tkKjYJnMQgsHJokT8RzgGCOXr8jj8ZAAAAIIXrwT8hzgGCOXr8jj8pnMQJJNAxAAAA4FG4nj8wgZblCziVHECVCUhgUP2-iKgBWNzdmgFgAGiM-E54ydcFgAEBigEDVVNEkgUG8P2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8kPgAuWWLOoCGmh0dHBzOi8vZGlzY292ZXJlZC5jb20udWEvgAMAiAMBkAMAmAMXoAMBqgNBEhgzNjczMTk1MzcwNzI5OTI3NDkwX3NiaWQaEzI5MjMzOTM4OTk5NDYwNzcyNDkiCTM1MjQ2MDY2OSoFTTExNzPAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzeoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBCUhWIgFAZgFAKAFwubd96b38_wywAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB8nXBdIHDRV3ATgI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=8345dab949f2087e812a30b0f9550da8633d21cb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a33697fb-7169-417a-a414-84b05365a8f4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame 68A3
435 B
744 B
Document
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Sun, 10 Jul 2022 07:05:00 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
nmedianet.js
contextual.media.net/ Frame D88C
138 KB
47 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bc0d8eff58d4a635c2b1e9d07ea5104ae2db876c59ae3f3f2768608eec8eba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-8
content-encoding
gzip
server
Apache
etag
"d7bc358521f8c4a4ecda58bb73ac0ee3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sun, 10 Jul 2022 07:05:00 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-32
expires
Sun, 10 Jul 2022 07:10:00 GMT
log
qsearch-a.akamaihd.net/ Frame D88C
35 B
329 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=24726361&other_prv=9&jar_err=&current_day=0.0&adtyp=0&req_id=3673195370729927490&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=10.9139&exp=&second_bidder=*&search_res=28&floor_bucket=0.00&gpid_format=&seat=&size=320x100&f_seg=&prdp=0.0288&ogcbdp=0.0400&dfpbd=0.0288&server=1&ogerpm_wd_bkt=0-1&model_version=202207100213_generic_appn_2-cid_1&viewability=0.2300&dmm_r=0.1700&cut=28&dmm_l=0.0170&as_cache=0&tcyerpm=&sc=BY&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=discovered.com.ua%2F&bidrestime=1657436699235&cc=DE&strg=harmony&ss=&current_hour=7&time_stamp=2022-07-10+07%3A04%3A59&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0400&ct=Nuremberg&akey=&mnckfl=0&bdp_bucket=0.05&algo=default&dc=eu_be&splid=24726361&dim4=exploration&dn=discovered.com.ua&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&buyer_id=&dmm_m10=874578&bdp_wider_bucket=1&acid=b6633931b0794d9084721b59c3934725&infl=&o_ver=NT+10.0&br_ver=99.0.4844.51&bdmm_m6=1.0000&bdmm_m7=1.2080&bdmm_m5=1.0000&ver=8.12.0&totalTimeBucket=3&visibility=0&totalTime=3556530&dmm_m1=2022-07-10+07%3A04%3A59.241018941&e_rpm=0.0290&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=1.2080&cid=8CU6M287B&bcrid=352460760&rawbid=0.0400&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-7c49fd9fd9-rxvlv.BE&dfp_bucket=0.0&adblk=&itype=appnexus&pvid_seat=9&cliIP=1388806656&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=30&gpid=&iwb=1&dmm_d22=0.01&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.04
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.194.140 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-194-140.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 10 Jul 2022 07:05:00 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame D88C
61 KB
62 KB
Script
General
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.6.95 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-6-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sun, 10 Jul 2022 07:05:00 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=66258
access-control-allow-credentials
true
content-length
62892
expires
Mon, 11 Jul 2022 01:29:18 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame D88C
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Age
11743589
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21929-LGA, cache-hhn4065-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1657436700.316670,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
980508, 1142769
it
fra1-ib.adnxs.com/ Frame D88C
0
815 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fdiscovered.com.ua%252F&e=wqT_3QLXBPBMVwIAAAMA1gAFAQib9KmWBhDyhvC0qe7f1FEYpNf6ysmy9-tkKjYJGQRWDi2ynT8RIJijx-9tmj8ZAAAA4FG4vj8hIJijx-9tmj8pGQQJJAAxCRu4nj8w2ZblCziVHECVCUhgUNi_iKgBWNzdmgFgAGiM-E54ydcFgAEBigEDVVNEkgEBBvRIAZgBwAKgAWSoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvJD4ALllizqAhpodHRwczovL2Rpc2NvdmVyZWQuY29tLnVhL4ADAIgDAZADAJgDF6ADAaoDQRIYMzY3MzE5NTM3MDcyOTkyNzQ5MF9zYmlkGhM1ODg0Mzc0NTE4MjY2MDY5ODc0IgkzNTI0NjA3NjAqBU0xMTczwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjM3qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNi_iKgBiAUBmAUAoAXC5t33pvfz_DLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYADTEk0Aav8QHaBhYKEAURHQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHydcF0gcNCRE7ATgI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=a8142e188d0db4d5e3fa4163851f5add519c599a
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
17e381f5-f449-4749-9ab6-12a365e06041
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame D691
435 B
744 B
Document
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Sun, 10 Jul 2022 07:05:00 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
afr.php
ads.eu.criteo.com/delivery/r/ Frame E07A
145 KB
46 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6dea72a19f31a4791eeccf5fb3914603b8091ea77b361b2896369e251ff48ed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 07:05:00 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=blq_3M5lYK5xVqOVlNt_-dPMx2FA94a6PHoRYbttfYGq-HLZ-VeZAQjRcHm0kyHBPwxzNWY7TvUOAnuL0MVa8WkCJkpZo9GCffjoUyqSsZhbx8C4eq8NwCCt7ziZYgyvIh_IHJfn9KcmTofr4oAzuNGZpiH1lCqKSzAXgJffTRf8LBdX8ZzXWnBQNMlvAfbBk0SKmiheg07FEnbl6sciP_WejvQrfmSS2InBoL6dY0O3Ziy8Qycei1gqYBL-_2J9iArI_Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
117783662
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6799
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Jul 2022 07:05:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
6f201d8e-d7d1-44da-b012-2a967d79dd2e
beacon-ams3.rubiconproject.com/beacon/d/ Frame EF15
43 B
354 B
Image
General
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/6f201d8e-d7d1-44da-b012-2a967d79dd2e?oo=0&accountId=11740&siteId=39550&zoneId=1078234&sizeId=10&e=6A1E40E384DA563BC72AB33BC3C3BE9D233AFE259D244BEE02597C259ECFF64B364135558E44E79CDDB70DBBBE0BD1447A3220A15E3EC91D71B33D956FCDE5FD84963E761FD6DCEAA8C3DECD1E151D79525C91F6DA33F6AE8CD809E11B28FCCB34D5BB51330850C3FEC40C9B4A448F63A4FC08EBBCDDD9690D5C3CB989C6CFC3D3FB47A64E4252F910AEB793F49E9B0694AD8B3D8DC83AA3FA04C152AE357C244026E984540E56ED65F6B5ACFAB8A5FBBD195C394BC268202E981A72AE1A4382E2B49BFDACFE5588135CF6E6EE96DE3E789B838B280545148F26EF813EEC9F97EB25A38EAE6E4E78B739638661180A61F6B095F93CA9B007C44A3DA46A89C660FEA4EC5C5D6EBA495C3251C71E2B303ECD98542DE217D5564AD8DD30D9A854A2D0FCCA094EB9DBE92252A016D502ACBD3070D08231B8566BDBD20C0D3B56C3F0391E940DE71EBAB07A21BE4C829934C253644F2E34E90C5BCADD63566474CB1C446E67E8D50DFDE9CA2275A392DBE7B1BFBDC8024A4CD17ECADD93B03CFAF8196B514DA28F74D5CB922029101DD8C27822D9BD2E11EEF5EFFB6AE4AB94CE593DF1C2373F089A7E45C2A4F8DD4223796DD9950118FF0E07463A442D4641D94A68B9A066484021C549713C577CE58DAF766E373E3EEBE63FC9D16B2E1AF40E5D48E7CCC90433EF92E44BAD169B9A398D0E269AC4ABF532F4E4A25F65E7FD61EC3021BAFE3F711B6B41EFDCB38F3E58D5812B02832C9B8EF62ECEC727456D4FA65D2318895102A38009A8C86638E93FFABDA09DE2C8890062814A212690FD2E691AFBA79AD8227AE46D8FF27E2D89026FF0DA8501F1891D476FE6B7390062A56854260FA58C221BCB2A626C58E40BDC168D297E7D266011C0F741FF9A3FAF75111314E1CF13EF6C13C19B5A6A7489D36AD51C9BBC57D729D14AEE8CA8CB77DB21C61FF25E0F0D1C121060D6D9131996C359CDA10306204D320B
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame D691
9 KB
3 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.215 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 11:31:40 GMT
Server
AkamaiNetStorage
ETag
"49623d3e5c04865dd012dafa25c82381:1645098702.977678"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2929
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame D691
64 KB
15 KB
Script
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
11daf6f1f81c0e60c33e75464791f001280c50524a42dfcb70cedca62bd32f74

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 May 2022 10:03:17 GMT
Server
AkamaiNetStorage
ETag
"217e486a6056a4c3f795a92c8453b8e4:1651494309.29287"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15343
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame D691
140 KB
5 KB
Script
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7898425d5cdbc2eeab116722a0b0aa19e66ba822e915db0fe213d488405d07aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jun 2022 15:32:46 GMT
Server
AkamaiNetStorage
ETag
"1b6e178951444fb1c6a686c7bf615d71:1655136014.501549"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4684
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 417C
9 KB
3 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.215 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 11:31:40 GMT
Server
AkamaiNetStorage
ETag
"49623d3e5c04865dd012dafa25c82381:1645098702.977678"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2929
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 417C
64 KB
15 KB
Script
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
11daf6f1f81c0e60c33e75464791f001280c50524a42dfcb70cedca62bd32f74

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 May 2022 10:03:17 GMT
Server
AkamaiNetStorage
ETag
"217e486a6056a4c3f795a92c8453b8e4:1651494309.29287"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15343
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 417C
140 KB
5 KB
Script
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7898425d5cdbc2eeab116722a0b0aa19e66ba822e915db0fe213d488405d07aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jun 2022 15:32:46 GMT
Server
AkamaiNetStorage
ETag
"1b6e178951444fb1c6a686c7bf615d71:1655136014.501549"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4684
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 68A3
9 KB
3 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.215 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-215.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 11:31:40 GMT
Server
AkamaiNetStorage
ETag
"49623d3e5c04865dd012dafa25c82381:1645098702.977678"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2929
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 68A3
64 KB
15 KB
Script
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
11daf6f1f81c0e60c33e75464791f001280c50524a42dfcb70cedca62bd32f74

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 May 2022 10:03:17 GMT
Server
AkamaiNetStorage
ETag
"217e486a6056a4c3f795a92c8453b8e4:1651494309.29287"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15343
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 68A3
140 KB
5 KB
Script
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7898425d5cdbc2eeab116722a0b0aa19e66ba822e915db0fe213d488405d07aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jun 2022 15:32:46 GMT
Server
AkamaiNetStorage
ETag
"1b6e178951444fb1c6a686c7bf615d71:1655136014.501549"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4684
usync.js
eus.rubiconproject.com/ Frame 6799
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8de229a29f3d1d84a03d0db201830a9d336475f406367d608b83947beb251507

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70243
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9455
Expires
Mon, 11 Jul 2022 02:35:43 GMT
smtr
contextual.media.net/ Frame A98D
83 KB
28 KB
Script
General
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=421632617&size=300x250&cc=GB&chnm=HARMONY&pid=8PO15FLE3&tpid=TCOZEBG&https=1&vif=1&requrl=https%3A%2F%2Fdiscovered.com.ua&nse=5&vi=1657436700200818601&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=B4zx8fOnRrolnfOur8N%2Fxgaa&bdrId=9&ntv=0&matchstring=bcat%3D1%2Cq%2Cr%2C2%2Cb%2Cs%2Cu%2Cv%2Cg%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p11213026978t202207100705&goent=1&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=EN&tcf_cmp=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f966ed33247f15fb31f43984c78aae8c7143a59bb48680cbb34125f1b38ec00d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sun, 10 Jul 2022 07:05:01 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-s926
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
27975
x-sc-w
21-p6vf
checksync.php
contextual.media.net/ Frame 8191
15 KB
6 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e13bdf057ac60b81f839e8b867559978bbda387b5954ee334bf156216736179a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5747
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:00 GMT
expires
Tue, 12 Jul 2022 07:05:00 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame A98D
35 B
322 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=514&&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=421632617&vi=1657436700200818601&ugd=4&lf=6&cc=GB&sc=EN&lper=100&wsip=2886995206&r=1657436700453&requrl=https%3A%2F%2Fdiscovered.com.ua&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=201011&vgd_rakh=1657436700105774243&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p11213026978t202207100705&vgd_pgids=1&vgd_uspa=0&hvsid=00001657436700451013888066566589&gdpr=1&vgd_end=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 10 Jul 2022 07:05:00 GMT
checksync.php
contextual.media.net/ Frame 50B8
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c9386f8df7e6237e3322a8236f8aa23a45ffd484e7d52f2efbab94229872574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7842
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:00 GMT
expires
Tue, 12 Jul 2022 07:05:00 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame A98D
35 B
172 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4842&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3673195370729927490&s_city=frankfurt+am+main&ugd=4&bcat%3C%3E=IAB23%23%23IAB23-1%23%23IAB23-10%23%23IAB23-2%23%23IAB23-3%23%23IAB7-39%23%23IAB25-2&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.020&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=6ac920ad&scrid=352460669&itypeid=16&mx_SPRIG=0&viewability=30&renderer=0&be=0&rtime=5.0&adj0=0.0&tmax=150&s_ip=37.252.173.205&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3673195370729927490&sc=BY&mowxReqId=0e1a70b0dca8478591b4b2143e7fb6a5_1&ifdp=0&requrl=https%3A%2F%2Fdiscovered.com.ua&bidrestime=1657436699228&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-421632617-29-9&coppa_enf=true&devmodel=Unknown&bdp=0.020&ct=Nuremberg&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=201011&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=discovered.com.ua&dt=O&acid=0e1a70b0dca8478591b4b2143e7fb6a5&actltime=28&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=1%7C3%7C9%7C10&dfpBd=0.017&sckfl=1&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3605&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460669&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2351%23%2313%23%2316%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=300x250&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1657437299494&dnt_status=N&gsi=0&reftype=0&viewability_vendor=EXCHANGE&prvAccId=421632617&ckfl=0&lper=1&mx_tgs=300x250&cbdp=0.017&csex=0&pvdTmax=109&ltime=16.0&epc=421632617&prvReqId=6187668200103_1999642684_856004011191&zip=90403&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-2078805&brsrclk=0&sbdrid=99&rtttime=35&apTags%3C%3E=75&mx_PC=1&wsip=mowx-cd899d997-rtfsl&currsrc_date=2022-07-08+00%3A00%3A00&mx_divid=24726273&geoll=false&debug_ts=2022-07-10+07%3A04%3A59&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=24726273&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.14&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-7c49fd9fd9-rxvlv.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=24726273&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=24726273&opbidflr=0.000&impId=2923393899946077249&rme=adm&bdata=~seller_tag_id%3D24726273~std%3D24726273~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D1~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D30~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d41%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000000~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D300x250~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.017~dmm_r%3D0.164~e_rpm%3D0.029~dmm_m1%3D0.029~dmm_m2%3D0.014~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.208~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.931~dmm_m12%3D1.208~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.980~dmm_m16%3D0.207~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D11.000~dmm_m36%3D11.000~dmm_m39%3D5672.000~dmm_m40%3D5672.000~dmm_m43%3D0.260~dmm_m44%3D0.980~dmm_m47%3D29265.000~dmm_m48%3D6977664.000~dmm_m50%3D5.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.029~vbr%3D0~bid%3D0.020~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D24726273%7Eviewability%3D0.300764%7Ecbdp%3D0.017%7Edmm%3Dharmony%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.020%7Eitype_id%3D16%7Eseller_tag_id%3D24726273%7EcarrierId%3D0%7Edcut%3D15%7Edogb%3D0-1~ibc%3D1~&utime=1219&sf=0&cpr=0.1706306767542749
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 10 Jul 2022 07:05:00 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 10 Jul 2022 13:05:00 GMT
checksync.php
contextual.media.net/ Frame 9EBB
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c9386f8df7e6237e3322a8236f8aa23a45ffd484e7d52f2efbab94229872574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7842
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:00 GMT
expires
Tue, 12 Jul 2022 07:05:00 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 38BB
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2078805
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 10 Jul 2022 07:05:00 GMT
ETag
"623de86a-cf34"
Expires
Mon, 11 Jul 2022 07:05:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame A98D
0
815 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fdiscovered.com.ua%2F&e=wqT_3QK2DvD9NgcAAAMA1gAFAQib9KmWBhCp0uyKjLnJjBAYpNf6ysmy9-tkKjYJyUbMJIMfoT8R_o4-C0pqkz8ZAAAA4KNwzT8h_Ji9UjCImT8pTi1b64uEpj8xAAAA4FG4nj8w25blCziVHECYOUgCUInw4bABWNzdmgFgAGiM-E54ydcFgAEBigEDVVNEkgEDVVNEmAGsAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDYwODc4NDEsIDE2NTc0MzY2OTkpO3VmKCdpJywgNzQyMTQ0NywgMTY1NzQzNjY5OSk7dWYoJ2cnLCAxODQzMjc5NSxCOwAwcycsIDI3NjI2OTY1OEY9ADByJywgMzcwNzAyMzQ1Nh8A8IuSAqUEIWRXMEIwUWpLdDdrWkVJbnc0YkFCR0FBZzNOMmFBVEFDT0FCQUFFaVlPVkRibHVVTFdBQmd2QUpvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFxb0FRcXdBUUM1QWFqQ1B5VHRoS1lfd1FHb3dqOGs3WVNtUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBR0hfTVFEOVFIcFphMDltQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NQSFE3Q0lRQ3hnQ0xRQUFBQUM2QXdsR1VrRXhPalV6TWpIZ0EtRXVnQVRpdXVnSWlBU2Z1LWdJa0FRQW1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAVxpQVhKS1pBRi1KTlFtQVhhbE42REFha0YNHxRBOEQteEIBT1BFQWxpdDhfd1FVQUFBRGc1aFBXUDgJKBxJSGxxenpfUgUoDQEAMgUoAQHIRHdQLUFGcmlMd0JadUc1UWo0QmFISjh3S0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJwcVptAQIsZTBfcUFZRXNnWWtDAYANAQBFHQwARx0MAEkdDDh1QVlLmgKZASFUaFkxa2c6KQI0TnpkbWdFZ0FDZ0FNWnEBawBaAW0IT2dsPWEURkE0UzVKDXQQQThEOVIRDAxBQUJaHQwAaB0MAHAdDAB4HQwMNEFJazV04DhEOC7YAvJD4ALllizqAhpodHRwczovL2Rpc2NvdmVyZWQuY29tLnVhL_ICEQoGQURWX0lEEgc2MGWHNPICEgoGQ1BHX0lEEggxbWEBFQgFQ1ABFAAJdVcQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEAB23zAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fD1gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjM3qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1MzIx2gQCCAHgBAHwBInw4bABiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhM8M-gUECAAQAJAGAJgGAKIGDjM2MDUjRlJBMTo1NjkxuAYAwQYAAAAAAADwP9AGqSXaBhYKEAAAAUUZAWAQABgA4AYB8gaHAQj4k1ASgAFTUlNCV0ZvQXbYREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEaExsaTdMSJ0nEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAd8IGAAgIU0wugZAAMgHydcF0gcNCQnABDRAAb4I2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=cca09393c160e362af362792f227050d616729f3&bdref=https%3A%2F%2Fdiscovered.com.ua%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fdiscovered.com.ua%2F,https%3A%2F%2Fdiscovered.com.ua%2F&
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1f9dbfbb-dc21-4bda-a289-cf94c02e561f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E07A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 07:05:00 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame E07A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 07:05:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E07A
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 05 Jul 2023 07:05:00 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E07A
293 B
622 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 05 Jul 2023 07:05:00 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame E07A
43 B
348 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fE7JzSA0OQENr_BRLufjQE557LV8OxaAhwhTfqvgCDuTFe9NBJZGletXBIDl6Z7sWiI2ueQZP55xAkKCs_plu34zcf7Ba4MKrQ_H0N4mnGscaorp2HkHuzUSPFNbnkYrxJ_lsf9SA0fhvcP3axen0JXi1QF5umFJKheGdkmX_Z5ohYjk8Q6vOr22BWhlmGU8n-34npmJ6Vhg5nEIUNEBowngdl3CtND2QXP7wl6S6TJCBFoJQqB85EymMFKFMyIVmf_SeaRgPB4-r6v7E7tjDQV0s7L4odyWI0iNomXg0hwUzhcp8QMR4wIX6E9eGNQX8_H7R1kDio3_0peJegDRPi78wrdaxz5JEwT1UdmJAV-befptu754PG14RDKM-rn6a-YKZ03cnRIacEagrlW0f1j18_mroTOrVzO51QTKXdsYoVnc9e5i5zCf88XY5_H0kcMKCQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:00 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3180453
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.fr.eu.criteo.com/dis/ Frame E916
28 B
573 B
Document
General
Full URL
https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=7944&cb=62ca7a1b3a3955b5fea9a3a1f39764f3
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 07:05:00 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1973717
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6799
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PHnoUGbSR6e2U6eSk2jK0g&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PHnoUGbSR6e2U6eSk2jK0g&gdpr=0
43 B
556 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PHnoUGbSR6e2U6eSk2jK0g&gdpr=0
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S2340B6P4YB5KQVGDAFJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PHnoUGbSR6e2U6eSk2jK0g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 6799
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5EZ0M3E-6-CNBH&sigv=1&esig=2~67435355e4f58668209303764b14532ccd68c96b&gdpr=0
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5EZ0M3E-6-CNBH&sigv=1&esig=2~67435355e4f58668209303764b14532ccd68c96b&gdpr=0
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5EZ0M3E-6-CNBH&sigv=1&esig=2~67435355e4f58668209303764b14532ccd68c96b&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 6799
0
98 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
px.ads.linkedin.com/ Frame 6799
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5EZ0M3E-6-CNBH&gdpr=0
0
705 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5EZ0M3E-6-CNBH&gdpr=0
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:01 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FB6C4BA3D3B841EE8038433D125F7A50 Ref B: FRAEDGE1420 Ref C: 2022-07-10T07:05:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjbg3Q/JjOdFI/TILXOA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5EZ0M3E-6-CNBH&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6799
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVFWjBNM0UtNi1DTkJI&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVFWjBNM0UtNi1DTkJI&gdpr=0
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVFWjBNM0UtNi1DTkJI&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 6799
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6799
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjlkOTFmZjBiMDIzZmE4ZmRiYmE2NWZiMDIyZmUyZTVmOWIyZTg4YQ&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjlkOTFmZjBiMDIzZmE4ZmRiYmE2NWZiMDIyZmUyZTVmOWIyZTg4YQ&gdpr=0
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjlkOTFmZjBiMDIzZmE4ZmRiYmE2NWZiMDIyZmUyZTVmOWIyZTg4YQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
smtr
contextual.media.net/ Frame D88C
77 KB
27 KB
Script
General
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=363467585&size=320x100&cc=GB&chnm=HARMONY&pid=8PO15FLE3&tpid=TJT3376&https=1&vif=1&requrl=https%3A%2F%2Fdiscovered.com.ua&nse=5&vi=1657436700792897267&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=B4zxN8fOnRrolnfOur8%2Fxgaa&bdrId=9&ntv=0&matchstring=bcat%3D1%2Cq%2Cr%2C2%2Cb%2Cs%2Cu%2Cv%2Cg%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p11213026978t202207100705&goent=1&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=EN&tcf_cmp=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ba8abe3be066a47349da32adcfb4e5138c2720330ba2b182d7c4f6ff7129cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sun, 10 Jul 2022 07:05:00 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-jrhd
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
27408
x-sc-w
21-4d3m
checksync.php
contextual.media.net/ Frame 7964
15 KB
6 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e13bdf057ac60b81f839e8b867559978bbda387b5954ee334bf156216736179a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5747
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:00 GMT
expires
Tue, 12 Jul 2022 07:05:00 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame D88C
35 B
322 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=514&&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=363467585&vi=1657436700792897267&ugd=4&lf=6&cc=GB&sc=EN&lper=100&wsip=2886995206&r=1657436700557&requrl=https%3A%2F%2Fdiscovered.com.ua&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=201011&vgd_rakh=1657436700164061952&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p11213026978t202207100705&vgd_pgids=3&vgd_uspa=0&hvsid=00001657436700555013888066561701&gdpr=1&vgd_end=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Sun, 10 Jul 2022 07:05:00 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 10 Jul 2022 07:05:00 GMT
checksync.php
contextual.media.net/ Frame E0F4
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c9386f8df7e6237e3322a8236f8aa23a45ffd484e7d52f2efbab94229872574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7842
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:00 GMT
expires
Tue, 12 Jul 2022 07:05:00 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame D88C
35 B
172 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4865&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&insl=0&ifst=0&vid=3673195370729927490&s_city=frankfurt+am+main&ugd=4&bcat%3C%3E=IAB23%23%23IAB23-1%23%23IAB23-10%23%23IAB23-2%23%23IAB23-3%23%23IAB7-39%23%23IAB25-2&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.040&size=320x100&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=6ac920ad&scrid=352460760&itypeid=16&mx_SPRIG=0&viewability=23&renderer=0&be=0&rtime=13.0&adj0=0.0&tmax=150&s_ip=37.252.173.205&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3673195370729927490&sc=BY&mowxReqId=b6633931b0794d9084721b59c3934725_1&ifdp=0&requrl=https%3A%2F%2Fdiscovered.com.ua&bidrestime=1657436699235&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-363467585-29-16&coppa_enf=true&devmodel=Unknown&bdp=0.040&ct=Nuremberg&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=201011&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=discovered.com.ua&dt=O&acid=b6633931b0794d9084721b59c3934725&actltime=27&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=1%7C3%7C9%7C10&dfpBd=0.029&sckfl=1&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3605&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460760&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2351%23%2313%23%2316%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=320x100&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1657437299494&dnt_status=N&gsi=0&reftype=0&viewability_vendor=EXCHANGE&prvAccId=363467585&ckfl=0&lper=1&mx_tgs=320x100%7C728x90&cbdp=0.029&csex=0&pvdTmax=109&ltime=23.0&epc=363467585&prvReqId=3255569658236_2001098282_856004011191&zip=90403&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-2078805&brsrclk=0&sbdrid=99&rtttime=35&apTags%3C%3E=75&mx_PC=1&wsip=mowx-cd899d997-z752w&currsrc_date=2022-07-08+00%3A00%3A00&mx_divid=24726361&geoll=false&debug_ts=2022-07-10+07%3A04%3A59&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=24726361&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.12&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-7c49fd9fd9-rxvlv.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=24726361&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.04&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=24726361&opbidflr=0.000&impId=5884374518266069874&rme=adm&bdata=~seller_tag_id%3D24726361~std%3D24726361~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D15~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d41%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D320x100~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.017~dmm_r%3D0.170~e_rpm%3D0.029~dmm_m1%3D0.029~dmm_m2%3D0.014~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.208~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.845~dmm_m12%3D1.208~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.980~dmm_m16%3D0.214~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D12~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D11.000~dmm_m36%3D11.000~dmm_m39%3D5672.000~dmm_m40%3D5672.000~dmm_m43%3D0.273~dmm_m44%3D0.980~dmm_m47%3D29265.000~dmm_m48%3D6977743.000~dmm_m50%3D5.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.029~vbr%3D0~bid%3D0.040~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D24726361%7Eviewability%3D0.227802%7Ecbdp%3D0.029%7Edmm%3Dharmony%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.040%7Eitype_id%3D16%7Eseller_tag_id%3D24726361%7EcarrierId%3D0%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~&utime=1322&sf=0&cpr=0.780353968439621
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 10 Jul 2022 07:05:00 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 10 Jul 2022 13:05:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 6799
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
checksync.php
contextual.media.net/ Frame B909
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c9386f8df7e6237e3322a8236f8aa23a45ffd484e7d52f2efbab94229872574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7842
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:00 GMT
expires
Tue, 12 Jul 2022 07:05:00 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1F65
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2078805
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 10 Jul 2022 07:05:00 GMT
ETag
"623de86a-cf34"
Expires
Mon, 11 Jul 2022 07:05:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame D88C
0
815 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fdiscovered.com.ua%2F&e=wqT_3QK2DvD9NgcAAAMA1gAFAQib9KmWBhCp0uyKjLnJjBAYpNf6ysmy9-tkKjYJyUbMJIMfoT8R_o4-C0pqkz8ZAAAA4KNwzT8h_Ji9UjCImT8pTi1b64uEpj8xAAAA4FG4nj8w25blCziVHECYOUgCUInw4bABWNzdmgFgAGiM-E54ydcFgAEBigEDVVNEkgEDVVNEmAGsAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDYwODc4NDEsIDE2NTc0MzY2OTkpO3VmKCdpJywgNzQyMTQ0NywgMTY1NzQzNjY5OSk7dWYoJ2cnLCAxODQzMjc5NSxCOwAwcycsIDI3NjI2OTY1OEY9ADByJywgMzcwNzAyMzQ1Nh8A8IuSAqUEIWRXMEIwUWpLdDdrWkVJbnc0YkFCR0FBZzNOMmFBVEFDT0FCQUFFaVlPVkRibHVVTFdBQmd2QUpvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFxb0FRcXdBUUM1QWFqQ1B5VHRoS1lfd1FHb3dqOGs3WVNtUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBR0hfTVFEOVFIcFphMDltQUlBb0FJQnRRSQUkAHYNCPBpd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NQSFE3Q0lRQ3hnQ0xRQUFBQUM2QXdsR1VrRXhPalV6TWpIZ0EtRXVnQVRpdXVnSWlBU2Z1LWdJa0FRQW1BUUJ3UQU1CQEITWtFCQkBARhEWUJBRHhCAQsNAVxpQVhKS1pBRi1KTlFtQVhhbE42REFha0YNHxRBOEQteEIBT1BFQWxpdDhfd1FVQUFBRGc1aFBXUDgJKBxJSGxxenpfUgUoDQEAMgUoAQHIRHdQLUFGcmlMd0JadUc1UWo0QmFISjh3S0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJwcVptAQIsZTBfcUFZRXNnWWtDAYANAQBFHQwARx0MAEkdDDh1QVlLmgKZASFUaFkxa2c6KQI0TnpkbWdFZ0FDZ0FNWnEBawBaAW0IT2dsPWEURkE0UzVKDXQQQThEOVIRDAxBQUJaHQwAaB0MAHAdDAB4HQwMNEFJazV04DhEOC7YAvJD4ALllizqAhpodHRwczovL2Rpc2NvdmVyZWQuY29tLnVhL_ICEQoGQURWX0lEEgc2MGWHNPICEgoGQ1BHX0lEEggxbWEBFQgFQ1ABFAAJdVcQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEAB23zAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fD1gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjM3qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1MzIx2gQCCAHgBAHwBInw4bABiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhM8M-gUECAAQAJAGAJgGAKIGDjM2MDUjRlJBMTo1NjkxuAYAwQYAAAAAAADwP9AGqSXaBhYKEAAAAUUZAWAQABgA4AYB8gaHAQj4k1ASgAFTUlNCV0ZvQXbYREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEaExsaTdMSJ0nEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAd8IGAAgIU0wugZAAMgHydcF0gcNCQnABDRAAb4I2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=cca09393c160e362af362792f227050d616729f3&bdref=https%3A%2F%2Fdiscovered.com.ua%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fdiscovered.com.ua%2F,https%3A%2F%2Fdiscovered.com.ua%2F&
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e46b424c-9be2-4982-89c1-cb759e313c1c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E07A
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3925741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KP9ZSKmJgQ%2B%2FuaafEVOWokSxW3hkFYe5jM2K4aH6IyLnJmY5GBojx0QPEnuiDbNMkcqogvnI385cRYTh0j3ATQM%2BpEEZ0D2jwloJvZVexyYDRB6S%2FQvxkKdDSKr5%2BNPwCygJuSE%2BpZ4%2F0znDje0Afub"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728772d368347792-LHR
expires
Fri, 30 Jun 2023 07:05:00 GMT
vevent
fra1-ib.adnxs.com/ Frame A98D
0
839 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fdiscovered.com.ua%2F&e=wqT_3QLZBPBMWQIAAAMA1gAFAQib9KmWBhDB2NGGtuj-yCgYpNf6ysmy9-tkKjYJnMQgsHJokT8RzgGCOXr8jj8ZAAAAIIXrwT8hzgGCOXr8jj8pnMQJJNAxAAAA4FG4nj8wgZblCziVHECVCUhgUP2-iKgBWNzdmgFgAGiM-E54ydcFgAEBigEDVVNEkgUG8P2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8kPgAuWWLOoCGmh0dHBzOi8vZGlzY292ZXJlZC5jb20udWEvgAMAiAMBkAMAmAMXoAMBqgNBEhgzNjczMTk1MzcwNzI5OTI3NDkwX3NiaWQaEzI5MjMzOTM4OTk5NDYwNzcyNDkiCTM1MjQ2MDY2OSoFTTExNzPAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzeoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBCUhWIgFAZgFAKAFwubd96b38_wywAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB8nXBdIHDRV3ATgI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=8345dab949f2087e812a30b0f9550da8633d21cb&type=nv&nvt=5&jm=1003&sid=1109988001528711733&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24726273&sw=1600&sh=1200&pw=1600&ph=3237&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
798b14e2-dc50-4830-b471-e0f23d934301
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://discovered.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame E07A
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 07:05:00 GMT
img
pix.eu.criteo.net/img/ Frame E07A
22 KB
22 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=104&m=0&partner=36918&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F36918%2F210225%2F33d784040a48408e8c6dedc4aa03c63b_logo_leasingmarkt_de_endorsement.png&v=3&w=596&s=65lb7aU-N2HkuyHHc3Bhq53G
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0254378e8bd3f31506780e6573c1346bf36120776478d19718232d4e24079fa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:04:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30752395
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
22070
expires
Sat, 01 Jul 2023 05:24:56 GMT
img
pix.eu.criteo.net/img/ Frame E07A
15 KB
16 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F4665852%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=IQH8sXkU6N-f70nU19Zln0TY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e887ae8d350c880b33bb935c923e8c5a6e09e11b105a38a05230eb4a9f4c17b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15866
expires
Wed, 05 Jul 2023 07:05:00 GMT
img
pix.eu.criteo.net/img/ Frame E07A
8 KB
8 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F4462485%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=8P_5IXkfExoxYYiS1_VD5dSn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
47b0fe68742cda1642c90643011fca7b9129438f35c714d801f164725b138605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8192
expires
Wed, 05 Jul 2023 07:05:00 GMT
img
pix.eu.criteo.net/img/ Frame E07A
9 KB
9 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F5996403%2Fmedia%2Ffeed%2F600x450&v=3&w=800&s=0AQkMo81FffvJ3yb2hH5rz3q&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
696d508df28808852f30d89d7a52c88b1ae8b8591fd011bef3464e4f8892a6f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8914
expires
Wed, 05 Jul 2023 07:05:00 GMT
all
csm.eu.criteo.net/ Frame E07A
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=blq_3M5lYK5xVqOVlNt_-dPMx2FA94a6PHoRYbttfYGq-HLZ-VeZAQjRcHm0kyHBPwxzNWY7TvUOAnuL0MVa8WkCJkpZo9GCffjoUyqSsZhbx8C4eq8NwCCt7ziZYgyvIh_IHJfn9KcmTofr4oAzuNGZpiH1lCqKSzAXgJffTRf8LBdX8ZzXWnBQNMlvAfbBk0SKmiheg07FEnbl6sciP_WejvQrfmSS2InBoL6dY0O3Ziy8Qycei1gqYBL-_2J9iArI_Q&sds=2&rev=82042&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Jul 2022 07:05:00 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E07A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 07:05:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E07A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=64E5DE761CA1B1A1&u=%7Cr423s1hMgUMLoeJ8cf73tPmeqgNZqxso1Mb5CgloCq8%3D%7C&c1=glLBMxGOcDnqwL7aIYswbx3gYhaTKbZVjoVjmDLVthRAtkx9dMMo0v_dVeaTaPKaNJnhTqdFHboKoQohLpukrm5uud2MDWJ1CAZicjh505OSzYi4Upo4wRFVGgklb6WFS2RWDa6YpxeJJlYGXsa-yGdd1EN09alxR6yrnZ2Gski_JyiKzznQZ07WQwrW56zF0o5EddtCQovk_CS72-PQtSW4oRYAVlQwhbppE3tn0DsuxJZv3GH07JWGnsNWWrZQfDSZ1C26-NekG0_On260bpHxd-z-6YLM0RcFmneB2TDyLhAf9FJsNxeQzlaj_8n958hJyx9uP01uREV-jvBpn7DhyZAQedfgJPQyS6S3UZciWOdQbWq3_BzJkUnyYiEySCYDV7v-2UtyIELEquL5l9xUMjvDJaCLHl8dwP6ugH2Tj6WgY60FsjGaCPM0ADiDJR9zl3fzwD9v6uknZa1f1PNmmRVkI_lDessnokxR2blpsCuD4IEui1QUkkcHoZiDSj25FDAbDFk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:00 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 07:05:00 GMT
vevent
fra1-ib.adnxs.com/ Frame D88C
0
839 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fdiscovered.com.ua%2F&e=wqT_3QLXBPBMVwIAAAMA1gAFAQib9KmWBhDyhvC0qe7f1FEYpNf6ysmy9-tkKjYJGQRWDi2ynT8RIJijx-9tmj8ZAAAA4FG4vj8hIJijx-9tmj8pGQQJJAAxCRu4nj8w2ZblCziVHECVCUhgUNi_iKgBWNzdmgFgAGiM-E54ydcFgAEBigEDVVNEkgEBBvRIAZgBwAKgAWSoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvJD4ALllizqAhpodHRwczovL2Rpc2NvdmVyZWQuY29tLnVhL4ADAIgDAZADAJgDF6ADAaoDQRIYMzY3MzE5NTM3MDcyOTkyNzQ5MF9zYmlkGhM1ODg0Mzc0NTE4MjY2MDY5ODc0IgkzNTI0NjA3NjAqBU0xMTczwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjM3qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNi_iKgBiAUBmAUAoAXC5t33pvfz_DLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYADTEk0Aav8QHaBhYKEAURHQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHydcF0gcNCRE7ATgI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=a8142e188d0db4d5e3fa4163851f5add519c599a&type=nv&nvt=5&jm=1003&sid=1109988001528711733&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24726361&sw=1600&sh=1200&pw=1600&ph=3237&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
265b4afb-5f0d-47f7-af21-d13275c5335e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://discovered.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame E07A
4 KB
651 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Jul 2022 06:13:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 10 Jul 2022 07:05:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Jul 2022 07:05:00 GMT
async_usersync
ib.adnxs.com/ Frame 38BB
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3605&pub_id=2078805&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2078805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f7fa041e-31b0-4a43-b515-c530fc06537f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1F65
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3605&pub_id=2078805&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2078805
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:00 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b6c75980-7d9e-416f-9bb7-8a2c6950c448
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame E07A
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 19:23:45 GMT
x-content-type-options
nosniff
age
301276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 19:23:45 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame E07A
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 19:25:00 GMT
x-content-type-options
nosniff
age
301201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 19:25:00 GMT
truncated
/ Frame C3EA
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C3EA
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame C3EA
24 KB
25 KB
Font
General
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://discovered.com.ua/
Origin
https://discovered.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:01 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
bql.php
lg3.media.net/ Frame C3EA
15 B
397 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=4925&&&vgd_l2type=sca&fp=zEqKlru3QopQapFmgJKV4O7QGdljrntedA2As3IX2Xo0M_091hOBofg4Esj-7Pq5p_TIS_4yKlWK4Xb6wRq0jTNzJtPnNcrf6hbaV8Bg1aw5yOVf8JZw7Uwfe_--DcZnK3m7SwJrEfU%3D&cme=nTHH-I--xm4CMl2MJnIk9Rbgq9QXT-Vu6g4W87W5z_lzrTQdveiqVwpEa502bR0y9PU-ZkqDYO7W8yflFhXoZ7clKIL1ahxCieUedzzXDH673_j6pTkVUGa5a2HJ2bidTcFhWbSuRoyFkrCEsZT1V2uL7ePVL8N_z54MF2RlQenPBR-BR7ix31VM-3zgISC-MZYXioy94DIkQRRvnVzhGm7r5kMZUsttIJter5faFYw%3D%7C%7Ca0AmFUYXmD4LoqXKVhGchObh_zVL5Oe8_yVCd9BN76ksGnxGgiKT1g%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CI9DUuGnkz8Zw8uM7E9mj61Nmn9m7A-X_i9PnhrVND8mIxRFElMiTlTkxBEWJGyVswatGkxeBAB9brWamDsufFC2zmLjQ2VnRTnqQe4NxrI_W9VS-rWlT6Uy4J8GRikDSi5OU2awCmXJqTFU4fjRtmeE8DJZ96POdRl9TLCopBoOYED8L6GXGembq8vVV9t5DUWPpW6iHQ1amzBLjVJkWfNx1_g7xrWQ0zvITtxUewqo%3D%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7C&v=1&gdpr=1&geo=49.45%7C11.08&dlper=20&lper=100&lpid=&tsid=15046&q=&prv=&type=&ps=&hint=&td=SrcTagSwitchMarketplace%257C%2540%257C&cc=GB&wsip=170721339&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_fm_lang=DE&vgd_dnquo=00_XX&ksu=266&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=G%C3%BCnstige+Druckerpatronen+auf+Rechnung&kwt[]=391&kbc[]=1262271042&kwp[]=1&kid[]=350738834&kbc2[]=1%3D0.71%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.51%7C60%3D0.79%7C62%3D0.44%7C10%3D4.96%7C63%3D0.34%7C12%3D0.60%7Cps%3D0.632%7C3%3D0.63%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=G%C3%BCnstige+Druckerpatronen+auf+Rechnung&kwd[]=Private+Krankenversicherung+vergleichen&kwt[]=391&kbc[]=1262271042&kwp[]=2&kid[]=23182544&kbc2[]=1%3D1.90%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.31%7C60%3D1.97%7C62%3D0.55%7C10%3D4.96%7C63%3D0.34%7C12%3D1.01%7Cps%3D0.632%7C3%3D0.77%7C4%3D1.17&ktd[]=274894815488&ktrkt[]=Private+Krankenversicherung+vergleichen&cid=8CUL2446F&vwid=1657436700792897267&vi=1657436700792897267&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D201011&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_l3_sc=EN&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721339&vgd_nrrv=54023&vgd_nrrmf=1c84a&vgd_nrrsf=scrr&vgd_cty=nuremberg&vgd_go_pid=8PO15FLE3&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1657436700164061952&sttm=1657436700555&upk=1657436701.11522&hvsid=00001657436700555013888066561701&verid=3111299&vgd_matchstr=bcat%3D1%2Cq%2Cr%2C2%2Cb%2Cs%2Cu%2Cv%2Cg%2Ci2%7Ccsh%3D1&sbdrId=99&vgd_ecrid=352460760&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D201011&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8OvfHhfFAFu~Q7OvfHhfFAFu~875EJvK00I4tPb~e8Q8G8j875v9~N875vIPD4cR4DZ~LJkMNz7v9~LM8EvWf.uii.uA9.9~LMQNvR3~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1Qzvf9u9uu~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHv99~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvuX~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9u~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHuv9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv99u99u9~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvAf9-u99~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~8w1v9~OYYMjv9.9uh~OYYMLv9.uh9~JMLEYv9.9fi~OYYMYuv9.9fi~OYYMYfv9.9uH~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhvu.f9W~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.WHX~OYYMYufvu.f9W~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iW9~OYYMYuFv9.fuH~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvuf~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvuu.999~OYYMYAFvuu.999~OYYMYAivXFhf.999~OYYMYH9vXFhf.999~OYYMYHAv9.fhA~OYYMYHHv9.iW9~OYYMYHhvfifFX.999~OYYMYHWvFihhhHA.999~OYYMYX9vX.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.9fi~eGLv9~G8Ov9.9H9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8OvfHhfFAFu~e8JB1G8j875v9.ffhW9f~NGOEv9.9fi~OYYvw1LYmz5~8zQjv9~O7NvJxMGJ~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9H9~875EJM8OvuF~QJjjJLM71yM8OvfHhfFAFu~N1LL8JLVOv9~ONx7vA9~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=220406&vgd_scsver=258&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=320_100&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=3&&tdAdd[]=uiparams%3D%3Brend_w%3A320%3Brend_h%3A100%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=EN&vgd_l1rhst=contextual.media.net&hvsid=00001657436700555013888066561701&subBdr=99&bdrid=9&rc=0&rand=1657436700976&acid=b6633931b0794d9084721b59c3934725&matm=1657436700976&requrl=https%3A%2F%2Fdiscovered.com.ua&vgd_x_pos=436&vgd_y_pos=275&vgd_ren_page_h=3237&vgd_ltimesrc=1&vgd_ltime=1080&vgd_rtime=818&vgd_etm=7&vgd_l1hcsd=A8%7C4495&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=3421&vgd_pgid=p11213026978t202207100705&vgd_adprefflag=01&vgd_csip=rtb-common-7c49fd9fd9-rxvlv.BE&vgd_sbSup=1&vgd_nrrs=54023&vgd_cntrdt=SL%7CDIV-sas_26322%7CDIV-92235-1&vgd_eadm=1&vgd_end=2
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Sun, 10 Jul 2022 07:05:01 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Sun, 10 Jul 2022 07:05:01 GMT
truncated
/ Frame E7BE
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E7BE
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame E7BE
24 KB
25 KB
Font
General
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://discovered.com.ua/
Origin
https://discovered.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:01 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
bql.php
lg3.media.net/ Frame E7BE
15 B
397 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=5865&&&vgd_l2type=sca&fp=zEqKlru3QopQapFmgJKV4O7QGdljrntedA2As3IX2Xo0M_091hOBofg4Esj-7Pq5p_TIS_4yKlWK4Xb6wRq0jamyC10-9h8SUcgI8QOiiNXUWJsu_ac_4ga43bhpQvGchYBMQTNu63E%3D&cme=0AuH35nbSjjJArHDTm8GOAEQd5E_GYNvXPJce_EsTvQ3BjCe7juf8xv4QCzMxajv2JofXoonujl-BtWAcpZmUNuYsEOiRXIw5jU4OaMUyrkze65vt-3T4S7gWa9EjUDtRHq2MQmSaQCxXzqzQpfZxlDU3ahTLqnh0TickHCYji2_wHNSWRkLPJsEjK7alwfATkhroHR6-GiAa55ct6li3NCR-1NWhXB4%7C%7CumuER205tca6hzpBcsmsBnGG554NTl6wmt87G9yT5UXdoCR1FIs0RN135s1eSdbP9Pk4OTRYFhbIpbUsi9GpckCOO9arJfm3htmDzOSd8quILAlx_1gNLFkhusHumNwKjnTgw8tO4-biABd9v4oB2fti_nrERu6ghslMUR9usN9JDlQ3Zk7EpSrryKL3MfYT_-HpoI3lbpAdTH9A1ZP9W7r3RKprihXhotTIxFUZEJc%3D%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7Ca0AmFUYXmD4LoqXKVhGchObh_zVL5Oe8_yVCd9BN76ksGnxGgiKT1g%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&v=1&gdpr=1&geo=49.45%7C11.08&dlper=20&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=SrcTagSwitchMarketplace%257C%2540%257C&cc=GB&wsip=170721336&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_fm_lang=DE&vgd_dnquo=00_XX&ksu=266&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Geldanlage+f%C3%BCr+Anf%C3%A4nger&kwt[]=391&kbc[]=1262271042&kwp[]=1&kid[]=329603537&kbc2[]=pmb%3D1%7C1%3D0.72%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.63%7C10%3D4.96%7C66%3D0.61%7C63%3D0.34%7C12%3D0.53%7C62%3D1.71%7Cps%3D0.632%7C3%3D0.55%7C4%3D1.00&ktd[]=274894749952&ktrkt[]=Geldanlage+f%C3%BCr+Anf%C3%A4nger&kwd[]=Private+Krankenversicherung+vergleichen&kwt[]=391&kbc[]=1262271042&kwp[]=2&kid[]=23182544&kbc2[]=pmb%3D1%7C1%3D1.90%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D1.97%7C10%3D4.96%7C66%3D0.31%7C63%3D0.34%7C12%3D1.01%7C62%3D0.55%7Cps%3D0.632%7C3%3D0.77%7C4%3D1.17&ktd[]=274894749952&ktrkt[]=Private+Krankenversicherung+vergleichen&kwd[]=Gartenz%C3%A4une+online+kaufen&kwt[]=391&kbc[]=1262271042&kwp[]=3&kid[]=350738833&kbc2[]=pmb%3D1%7C1%3D0.71%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.79%7C10%3D4.96%7C66%3D0.51%7C63%3D0.34%7C12%3D0.60%7C62%3D0.44%7Cps%3D0.632%7C3%3D0.32%7C4%3D1.50&ktd[]=274894749952&ktrkt[]=Gartenz%C3%A4une+online+kaufen&kwd[]=Intervallfasten+mit+der+16%3A8-Di%C3%A4t&kwt[]=391&kbc[]=1262271042&kwp[]=4&kid[]=350738836&kbc2[]=pmb%3D1%7C1%3D0.71%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.79%7C10%3D4.96%7C66%3D0.51%7C63%3D0.34%7C12%3D0.60%7C62%3D0.44%7Cps%3D0.632%7C3%3D0.23%7C4%3D1.00&ktd[]=274894749952&ktrkt[]=Intervallfasten+mit+der+16%3A8-Di%C3%A4t&kwd[]=Matratzen+bei+R%C3%BCckenschmerzen+im+Test&kwt[]=391&kbc[]=1262271042&kwp[]=5&kid[]=330008842&kbc2[]=pmb%3D1%7C1%3D0.71%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.79%7C10%3D4.96%7C66%3D0.51%7C63%3D0.34%7C12%3D0.60%7C62%3D0.44%7Cps%3D0.632%7C3%3D0.32%7C4%3D1.89&ktd[]=274894749952&ktrkt[]=Matratzen+bei+R%C3%BCckenschmerzen+im+Test&cid=8CUL2446F&vwid=1657436700200818601&vi=1657436700200818601&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D201011&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_l3_sc=EN&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721336&vgd_nrrv=54023&vgd_nrrmf=1c84a&vgd_nrrsf=scrr&vgd_cty=nuremberg&vgd_go_pid=8PO15FLE3&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1657436700105774243&sttm=1657436700451&upk=1657436700.25826&hvsid=00001657436700451013888066566589&verid=3111299&vgd_matchstr=bcat%3D1%2Cq%2Cr%2C2%2Cb%2Cs%2Cu%2Cv%2Cg%2Ci2%7Ccsh%3D1&sbdrId=99&vgd_ecrid=352460669&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D201011&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8OvfHhfFfhA~Q7OvfHhfFfhA~875EJvK00I4tPb~e8Q8G8j875v9~N875vIPD4cR4DZ~LJkMNz7v9~LM8EvWf.uii.uA9.9~LMQNvR3~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1Qzvf9u9uu~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHv99~OYYMOXv9~OYYMOFv9~OYYMOhvu~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9u~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHuv9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv9999999~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvA99-fX9~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~8w1v9~OYYMjv9.9uh~OYYMLv9.uFH~JMLEYv9.9fi~OYYMYuv9.9fi~OYYMYfv9.9uH~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhvu.f9W~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.iAu~OYYMYufvu.f9W~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iW9~OYYMYuFv9.f9h~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvuu.999~OYYMYAFvuu.999~OYYMYAivXFhf.999~OYYMYH9vXFhf.999~OYYMYHAv9.fF9~OYYMYHHv9.iW9~OYYMYHhvfifFX.999~OYYMYHWvFihhFFH.999~OYYMYX9vX.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.9fi~eGLv9~G8Ov9.9f9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8OvfHhfFfhA~e8JB1G8j875v9.A99hFH~NGOEv9.9uh~OYYvw1LYmz5~8zQjv9~O7NvJxMGJ~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9f9~875EJM8OvuF~QJjjJLM71yM8OvfHhfFfhA~N1LL8JLVOv9~ONx7vuX~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=220406&vgd_scsver=258&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=EN&vgd_l1rhst=contextual.media.net&hvsid=00001657436700451013888066566589&subBdr=99&bdrid=9&rc=0&rand=1657436701384&acid=0e1a70b0dca8478591b4b2143e7fb6a5&matm=1657436701384&requrl=https%3A%2F%2Fdiscovered.com.ua&vgd_x_pos=1000&vgd_y_pos=425&vgd_ren_page_h=3237&vgd_ltimesrc=1&vgd_ltime=1295&vgd_rtime=1236&vgd_etm=5&vgd_l1hcsd=A8%7C4495&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=3406&vgd_pgid=p11213026978t202207100705&vgd_adprefflag=01&vgd_csip=rtb-common-7c49fd9fd9-rxvlv.BE&vgd_sbSup=1&vgd_nrrs=54023&vgd_cntrdt=SL%7CDIV-sas_26300%7CDIV-92235-2&vgd_eadm=1&vgd_end=2
Requested by
Host: discovered.com.ua
URL: https://discovered.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Sun, 10 Jul 2022 07:05:01 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Sun, 10 Jul 2022 07:05:01 GMT
log
hblg.media.net/ Frame A98D
35 B
194 B
Image
General
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3673195370729927490&s_city=frankfurt+am+main&ugd=4&bcat%3C%3E=IAB23%23%23IAB23-1%23%23IAB23-10%23%23IAB23-2%23%23IAB23-3%23%23IAB7-39%23%23IAB25-2&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.020&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=6ac920ad&scrid=352460669&itypeid=16&mx_SPRIG=0&viewability=30&renderer=0&be=0&rtime=5.0&adj0=0.0&tmax=150&s_ip=37.252.173.205&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3673195370729927490&sc=BY&mowxReqId=0e1a70b0dca8478591b4b2143e7fb6a5_1&ifdp=0&requrl=https%3A%2F%2Fdiscovered.com.ua&bidrestime=1657436699228&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-421632617-29-9&coppa_enf=true&devmodel=Unknown&bdp=0.020&ct=Nuremberg&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=201011&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=discovered.com.ua&dt=O&acid=0e1a70b0dca8478591b4b2143e7fb6a5&actltime=28&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=1%7C3%7C9%7C10&dfpBd=0.017&sckfl=1&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3605&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460669&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2351%23%2313%23%2316%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=300x250&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1657437299494&dnt_status=N&gsi=0&reftype=0&viewability_vendor=EXCHANGE&prvAccId=421632617&ckfl=0&lper=1&mx_tgs=300x250&cbdp=0.017&csex=0&pvdTmax=109&ltime=16.0&epc=421632617&prvReqId=6187668200103_1999642684_856004011191&zip=90403&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-2078805&brsrclk=0&sbdrid=99&rtttime=35&apTags%3C%3E=75&mx_PC=1&wsip=mowx-cd899d997-rtfsl&currsrc_date=2022-07-08+00%3A00%3A00&mx_divid=24726273&geoll=false&debug_ts=2022-07-10+07%3A04%3A59&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=24726273&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.14&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-7c49fd9fd9-rxvlv.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=24726273&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=24726273&opbidflr=0.000&impId=2923393899946077249&rme=adm&bdata=~seller_tag_id%3D24726273~std%3D24726273~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D1~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D30~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d41%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000000~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D300x250~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.017~dmm_r%3D0.164~e_rpm%3D0.029~dmm_m1%3D0.029~dmm_m2%3D0.014~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.208~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.931~dmm_m12%3D1.208~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.980~dmm_m16%3D0.207~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D11.000~dmm_m36%3D11.000~dmm_m39%3D5672.000~dmm_m40%3D5672.000~dmm_m43%3D0.260~dmm_m44%3D0.980~dmm_m47%3D29265.000~dmm_m48%3D6977664.000~dmm_m50%3D5.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.029~vbr%3D0~bid%3D0.020~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D24726273%7Eviewability%3D0.300764%7Ecbdp%3D0.017%7Edmm%3Dharmony%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.020%7Eitype_id%3D16%7Eseller_tag_id%3D24726273%7EcarrierId%3D0%7Edcut%3D15%7Edogb%3D0-1~ibc%3D1~&utime=1219&sf=0&cpr=0.1706306767542749&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:01 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 10 Jul 2022 07:05:01 GMT
log
hblg.media.net/ Frame D88C
35 B
194 B
Image
General
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&insl=0&ifst=0&vid=3673195370729927490&s_city=frankfurt+am+main&ugd=4&bcat%3C%3E=IAB23%23%23IAB23-1%23%23IAB23-10%23%23IAB23-2%23%23IAB23-3%23%23IAB7-39%23%23IAB25-2&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.040&size=320x100&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=6ac920ad&scrid=352460760&itypeid=16&mx_SPRIG=0&viewability=23&renderer=0&be=0&rtime=13.0&adj0=0.0&tmax=150&s_ip=37.252.173.205&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3673195370729927490&sc=BY&mowxReqId=b6633931b0794d9084721b59c3934725_1&ifdp=0&requrl=https%3A%2F%2Fdiscovered.com.ua&bidrestime=1657436699235&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-363467585-29-16&coppa_enf=true&devmodel=Unknown&bdp=0.040&ct=Nuremberg&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=201011&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=discovered.com.ua&dt=O&acid=b6633931b0794d9084721b59c3934725&actltime=27&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=1%7C3%7C9%7C10&dfpBd=0.029&sckfl=1&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3605&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460760&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2351%23%2313%23%2316%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=320x100&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1657437299494&dnt_status=N&gsi=0&reftype=0&viewability_vendor=EXCHANGE&prvAccId=363467585&ckfl=0&lper=1&mx_tgs=320x100%7C728x90&cbdp=0.029&csex=0&pvdTmax=109&ltime=23.0&epc=363467585&prvReqId=3255569658236_2001098282_856004011191&zip=90403&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-2078805&brsrclk=0&sbdrid=99&rtttime=35&apTags%3C%3E=75&mx_PC=1&wsip=mowx-cd899d997-z752w&currsrc_date=2022-07-08+00%3A00%3A00&mx_divid=24726361&geoll=false&debug_ts=2022-07-10+07%3A04%3A59&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=24726361&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.12&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-7c49fd9fd9-rxvlv.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=24726361&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.04&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=24726361&opbidflr=0.000&impId=5884374518266069874&rme=adm&bdata=~seller_tag_id%3D24726361~std%3D24726361~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D15~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d41%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D320x100~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.017~dmm_r%3D0.170~e_rpm%3D0.029~dmm_m1%3D0.029~dmm_m2%3D0.014~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.208~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.845~dmm_m12%3D1.208~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.980~dmm_m16%3D0.214~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D12~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D11.000~dmm_m36%3D11.000~dmm_m39%3D5672.000~dmm_m40%3D5672.000~dmm_m43%3D0.273~dmm_m44%3D0.980~dmm_m47%3D29265.000~dmm_m48%3D6977743.000~dmm_m50%3D5.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.029~vbr%3D0~bid%3D0.040~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D24726361%7Eviewability%3D0.227802%7Ecbdp%3D0.029%7Edmm%3Dharmony%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.040%7Eitype_id%3D16%7Eseller_tag_id%3D24726361%7EcarrierId%3D0%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~&utime=1322&sf=0&cpr=0.780353968439621&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:01 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 10 Jul 2022 07:05:01 GMT
vevent
fra1-ib.adnxs.com/ Frame A98D
0
839 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fdiscovered.com.ua%2F&e=wqT_3QLZBPBMWQIAAAMA1gAFAQib9KmWBhDB2NGGtuj-yCgYpNf6ysmy9-tkKjYJnMQgsHJokT8RzgGCOXr8jj8ZAAAAIIXrwT8hzgGCOXr8jj8pnMQJJNAxAAAA4FG4nj8wgZblCziVHECVCUhgUP2-iKgBWNzdmgFgAGiM-E54ydcFgAEBigEDVVNEkgUG8P2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8kPgAuWWLOoCGmh0dHBzOi8vZGlzY292ZXJlZC5jb20udWEvgAMAiAMBkAMAmAMXoAMBqgNBEhgzNjczMTk1MzcwNzI5OTI3NDkwX3NiaWQaEzI5MjMzOTM4OTk5NDYwNzcyNDkiCTM1MjQ2MDY2OSoFTTExNzPAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzeoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBCUhWIgFAZgFAKAFwubd96b38_wywAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB8nXBdIHDRV3ATgI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=8345dab949f2087e812a30b0f9550da8633d21cb&type=pv&jm=1003&px=1000&py=425&bw=300&bh=250&sf=1&sid=1109988001528711733&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24726273&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:01 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
79947b3a-6072-4a91-8982-2c37092f4d65
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://discovered.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame D88C
0
839 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fdiscovered.com.ua%2F&e=wqT_3QLXBPBMVwIAAAMA1gAFAQib9KmWBhDyhvC0qe7f1FEYpNf6ysmy9-tkKjYJGQRWDi2ynT8RIJijx-9tmj8ZAAAA4FG4vj8hIJijx-9tmj8pGQQJJAAxCRu4nj8w2ZblCziVHECVCUhgUNi_iKgBWNzdmgFgAGiM-E54ydcFgAEBigEDVVNEkgEBBvRIAZgBwAKgAWSoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvJD4ALllizqAhpodHRwczovL2Rpc2NvdmVyZWQuY29tLnVhL4ADAIgDAZADAJgDF6ADAaoDQRIYMzY3MzE5NTM3MDcyOTkyNzQ5MF9zYmlkGhM1ODg0Mzc0NTE4MjY2MDY5ODc0IgkzNTI0NjA3NjAqBU0xMTczwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjM3qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNi_iKgBiAUBmAUAoAXC5t33pvfz_DLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYADTEk0Aav8QHaBhYKEAURHQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHydcF0gcNCRE7ATgI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=a8142e188d0db4d5e3fa4163851f5add519c599a&type=pv&jm=1003&px=436&py=275&bw=320&bh=100&sf=1&sid=1109988001528711733&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24726361&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:01 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
64b11446-488e-44ea-9d41-8c3ddd494628
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://discovered.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bqi.php
lg3.media.net/ Frame D88C
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?vgd_len=3455&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_l2type=sca&pid=8PO15FLE3&katbid=-103&katen=1&cme=nTHH-I--xm4CMl2MJnIk9Rbgq9QXT-Vu6g4W87W5z_lzrTQdveiqVwpEa502bR0y9PU-ZkqDYO7W8yflFhXoZ7clKIL1ahxCieUedzzXDH673_j6pTkVUGa5a2HJ2bidTcFhWbSuRoyFkrCEsZT1V2uL7ePVL8N_z54MF2RlQenPBR-BR7ix31VM-3zgISC-MZYXioy94DIkQRRvnVzhGm7r5kMZUsttIJter5faFYw=||a0AmFUYXmD4LoqXKVhGchObh_zVL5Oe8_yVCd9BN76ksGnxGgiKT1g==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|I9DUuGnkz8Zw8uM7E9mj61Nmn9m7A-X_i9PnhrVND8mIxRFElMiTlTkxBEWJGyVswatGkxeBAB9brWamDsufFC2zmLjQ2VnRTnqQe4NxrI_W9VS-rWlT6Uy4J8GRikDSi5OU2awCmXJqTFU4fjRtmeE8DJZ96POdRl9TLCopBoOYED8L6GXGembq8vVV9t5DUWPpW6iHQ1amzBLjVJkWfNx1_g7xrWQ0zvITtxUewqo=|u8A6SM53vAeDX2gxB2l7q9coRgBZkbzd|qW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb|&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=363467585&requrl=https%3A%2F%2Fdiscovered.com.ua&vi=1657436700792897267&ugd=4&cc=GB&sc=EN&bdrid=9&subBdr=99&startTime=1657436700550&l2type=sca&vgd_l1rakh=1657436700164061952&l1ch=1&sttm=1657436700555&upk=1657436701.11522&hvsid=00001657436700555013888066561701&acid=b6633931b0794d9084721b59c3934725&verid=3111299&vgd_bdata=~seller_tag_id%3D24726361~std%3D24726361~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D15~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d41%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D320x100~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.017~dmm_r%3D0.170~e_rpm%3D0.029~dmm_m1%3D0.029~dmm_m2%3D0.014~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.208~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.845~dmm_m12%3D1.208~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.980~dmm_m16%3D0.214~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D12~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D11.000~dmm_m36%3D11.000~dmm_m39%3D5672.000~dmm_m40%3D5672.000~dmm_m43%3D0.273~dmm_m44%3D0.980~dmm_m47%3D29265.000~dmm_m48%3D6977743.000~dmm_m50%3D5.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.029~vbr%3D0~bid%3D0.040~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D24726361%7Eviewability%3D0.227802%7Ecbdp%3D0.029%7Edmm%3Dharmony%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.040%7Eitype_id%3D16%7Eseller_tag_id%3D24726361%7EcarrierId%3D0%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~&matchstring=bcat%3D1%2Cq%2Cr%2C2%2Cb%2Cs%2Cu%2Cv%2Cg%2Ci2%7Ccsh%3D1&vgd_matchstr=bcat%3D1%2Cq%2Cr%2C2%2Cb%2Cs%2Cu%2Cv%2Cg%2Ci2%7Ccsh%3D1&vgd_sc=EN&infr=1&stime=1657436700165&vgd_ecrid=352460760&l1hcsd=l1!A8|4495&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A3%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p11213026978t202207100705&vgd_pgids=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Sun, 10 Jul 2022 07:05:02 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Sun, 10 Jul 2022 07:05:02 GMT
bqi.php
lg3.media.net/ Frame A98D
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?vgd_len=3430&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_l2type=sca&pid=8PO15FLE3&katbid=-103&katen=1&cme=0AuH35nbSjjJArHDTm8GOAEQd5E_GYNvXPJce_EsTvQ3BjCe7juf8xv4QCzMxajv2JofXoonujl-BtWAcpZmUNuYsEOiRXIw5jU4OaMUyrkze65vt-3T4S7gWa9EjUDtRHq2MQmSaQCxXzqzQpfZxlDU3ahTLqnh0TickHCYji2_wHNSWRkLPJsEjK7alwfATkhroHR6-GiAa55ct6li3NCR-1NWhXB4||umuER205tca6hzpBcsmsBnGG554NTl6wmt87G9yT5UXdoCR1FIs0RN135s1eSdbP9Pk4OTRYFhbIpbUsi9GpckCOO9arJfm3htmDzOSd8quILAlx_1gNLFkhusHumNwKjnTgw8tO4-biABd9v4oB2fti_nrERu6ghslMUR9usN9JDlQ3Zk7EpSrryKL3MfYT_-HpoI3lbpAdTH9A1ZP9W7r3RKprihXhotTIxFUZEJc=|u8A6SM53vAeDX2gxB2l7q9coRgBZkbzd|qW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb|a0AmFUYXmD4LoqXKVhGchObh_zVL5Oe8_yVCd9BN76ksGnxGgiKT1g==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=421632617&requrl=https%3A%2F%2Fdiscovered.com.ua&vi=1657436700200818601&ugd=4&cc=GB&sc=EN&bdrid=9&subBdr=99&startTime=1657436700446&l2type=sca&vgd_l1rakh=1657436700105774243&l1ch=1&sttm=1657436700451&upk=1657436700.25826&hvsid=00001657436700451013888066566589&acid=0e1a70b0dca8478591b4b2143e7fb6a5&verid=3111299&vgd_bdata=~seller_tag_id%3D24726273~std%3D24726273~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D1~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D30~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d41%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000000~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D300x250~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.017~dmm_r%3D0.164~e_rpm%3D0.029~dmm_m1%3D0.029~dmm_m2%3D0.014~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.208~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.931~dmm_m12%3D1.208~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.980~dmm_m16%3D0.207~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D11.000~dmm_m36%3D11.000~dmm_m39%3D5672.000~dmm_m40%3D5672.000~dmm_m43%3D0.260~dmm_m44%3D0.980~dmm_m47%3D29265.000~dmm_m48%3D6977664.000~dmm_m50%3D5.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.029~vbr%3D0~bid%3D0.020~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D24726273%7Eviewability%3D0.300764%7Ecbdp%3D0.017%7Edmm%3Dharmony%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.020%7Eitype_id%3D16%7Eseller_tag_id%3D24726273%7EcarrierId%3D0%7Edcut%3D15%7Edogb%3D0-1~ibc%3D1~&matchstring=bcat%3D1%2Cq%2Cr%2C2%2Cb%2Cs%2Cu%2Cv%2Cg%2Ci2%7Ccsh%3D1&vgd_matchstr=bcat%3D1%2Cq%2Cr%2C2%2Cb%2Cs%2Cu%2Cv%2Cg%2Ci2%7Ccsh%3D1&vgd_sc=EN&infr=1&stime=1657436700153&vgd_ecrid=352460669&l1hcsd=l1!A8|4495&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p11213026978t202207100705&vgd_pgids=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.113.52 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-113-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Sun, 10 Jul 2022 07:05:02 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Sun, 10 Jul 2022 07:05:02 GMT
usync.html
eus.rubiconproject.com/ Frame E9EA
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Jul 2022 07:05:02 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 2C5F
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1657436699202&gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame C7E7
6 KB
2 KB
Document
General
Full URL
https://csync.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459bbb4f20da99d4483ee081a401d40d810393099db5381b92e91c33b9d2cd39

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e07aab06e9-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 787B
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 10 Jul 2022 07:05:02 GMT
ETag
"623de86a-cf34"
Expires
Mon, 11 Jul 2022 07:05:04 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 0A26
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 10 Jul 2022 07:05:02 GMT
sspmatch-iframe
ads.betweendigital.com/ Frame 34EB
660 B
839 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9884c8c0298dabc1ca470a10d59b23564a256e8ee28581ad0be0f543ebe6fb9d

Request headers

Referer
https://discovered.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
660
content-type
text/html
prebid
b1h.zemanta.com/usersync/
26 B
127 B
Image
General
Full URL
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://discovered.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:02 GMT
Content-Length
26
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame E9EA
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8de229a29f3d1d84a03d0db201830a9d336475f406367d608b83947beb251507

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70241
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9455
Expires
Mon, 11 Jul 2022 02:35:43 GMT
match
ads.betweendigital.com/ Frame 34EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetwe...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=00a7dea12e2e4323922c63bb7d4c6b09&ssp=between&bsw_param=b18c268c-4d31-45ed-839d-f2dc30beede1&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
Date
Sun, 10 Jul 2022 07:05:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
btw
sync.dmp.otm-r.com/match/ Frame 34EB
0
69 B
Image
General
Full URL
https://sync.dmp.otm-r.com/match/btw?id=f5305887-ce07-52bf-9f74-b66afdbecc71
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.66 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.65.201.138.clients.your-server.de
Software
nginx/1.19.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 10 Jul 2022 07:05:03 GMT
server
nginx/1.19.7
match
ads.betweendigital.com/ Frame 34EB
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=xUpO3iLvIAH.AikABlGB5u0Kiw
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=xUpO3iLvIAH.AikABlGB5u0Kiw
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:03 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f12-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=xUpO3iLvIAH.AikABlGB5u0Kiw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
ap.lijit.com/ Frame 34EB
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 10 Jul 2022 07:05:03 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
bidder_18.html
cache.betweendigital.com/code/ Frame 4D44
4 KB
1 KB
Document
General
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f5305887-ce07-52bf-9f74-b66afdbecc71&CACHEBUSTER=49067
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 10 Jul 2022 07:05:03 GMT
etag
W/"60bf907f-ee9"
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
312
x-cdn-request-id
b4bcd06c617079a1442efe2469eb76cd
async_usersync
ib.adnxs.com/ Frame 787B
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:02 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1a69ffa3-047d-428b-87d9-e680fcbc9a61
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame C7E7
48 KB
12 KB
Script
General
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
845843
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
728772e11bf906e9-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame BC81
0
342 B
Document
General
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e1ad2206e9-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
7Oii1gYPTrpC2lUm2rIE
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 806E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7Oii1gYPTrpC2lUm2rIE?pi=smilewanted&tc=1
0
388 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7Oii1gYPTrpC2lUm2rIE?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e3380206e9-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 10 Jul 2022 07:05:03 GMT Sun, 10 Jul 2022 07:05:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7Oii1gYPTrpC2lUm2rIE?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame DD00
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=84ca53966bd9d432752b6ad9b1b901ad
43 B
1 KB
Document
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=84ca53966bd9d432752b6ad9b1b901ad
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

AN-X-Request-Uuid
103326c1-2d04-410e-9952-483004970509
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 10 Jul 2022 07:05:03 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e1fdb106e9-LHR
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=84ca53966bd9d432752b6ad9b1b901ad
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 3E5D
1 KB
910 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
728772e2eaeb71e0-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 6A2D
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/
0
81 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e2ef6d06e9-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sun, 10 Jul 2022 07:05:03 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/
match
ads.betweendigital.com/ Frame 4D44
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D7ed83b15-3a2d-4823-836c-e2e49e6f5dc...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=175262ca-7a1b-4a00-a88b-051f3511cdc2&expires=30&ssp=between&bsw_param=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
Date
Sun, 10 Jul 2022 07:05:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
b50de5bb-bac4-4b54-b6f9-74f341737ec9&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame A66D
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b50de5bb-bac4-4b54-b6f9-74f341737ec9&partner_id=1010
0
448 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/b50de5bb-bac4-4b54-b6f9-74f341737ec9&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e4b9f806e9-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sun, 10 Jul 2022 07:05:03 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/b50de5bb-bac4-4b54-b6f9-74f341737ec9&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 45E0
0
0
Document
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
6f9fd0201ed801884e5299d5aabca094
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F4B0
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.5.91 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-5-91.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=152476
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 12 Jul 2022 01:26:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
1
sync-eu.connectad.io/syncer/ Frame 8CA9
0
0
Document
General
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
728772e3dc3c71e0-LHR
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
Ysp6Hz9bn1P8Wtjlr0TOUAAA%265172
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 23FE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ysp6Hz9bn1P8Wtjlr0TOUAAA%265172
0
518 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ysp6Hz9bn1P8Wtjlr0TOUAAA%265172
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e64ba106e9-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
728772e5cd4a7767-LHR
content-length
0
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ysp6Hz9bn1P8Wtjlr0TOUAAA%265172
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKMdowFIBOTpIlJycyf11UMQS0UUUgWdJAVMPPcojy8mq1tbBJwWe7coYlaQR2b0PO7XjNld9RHluUD8OTLnVx3dhj4ggIjRM8iSJf%2BLf6glWXqC0ZJJyPhURzWTtXqEpfyA%2FwtIOcz9bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
9f0c92c9-001e-11ed-87d9-1626150c0306
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame E8B0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=9f0c9308-001e-11ed-87d9-1626150c0306
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/9f0c92c9-001e-11ed-87d9-1626150c0306
0
776 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/9f0c92c9-001e-11ed-87d9-1626150c0306
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e61b6e06e9-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Sun, 10 Jul 2022 07:05:03 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/9f0c92c9-001e-11ed-87d9-1626150c0306
Server
nginx
X-fe
62
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame D7DC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
104 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
728772e87df806e9-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 07:05:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Sun, 10 Jul 2022 07:05:03 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
PugMaster
image6.pubmatic.com/AdServer/ Frame F4B0
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48274750&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 07:05:03 GMT
content-length
0
9f6223be-001e-11ed-bf62-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 4D44
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARig9KmWBqIBEJ9iI74AHhHtv2IAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9f6223be-001e-11ed-bf62-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9f6223be-001e-11ed-bf62-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=Lzx%2BFrFENjMAzfOJbIoSEg&
  • https://an.yandex.ru/mapuid/adsniperis/9f6223be-001e-11ed-bf62-002590c82437
  • https://an.yandex.ru/mapuid/adsniperis/9f6223be-001e-11ed-bf62-002590c82437?redir-setuniq=1
43 B
108 B
Image
General
Full URL
https://an.yandex.ru/mapuid/adsniperis/9f6223be-001e-11ed-bf62-002590c82437?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:05 GMT
content-encoding
gzip
last-modified
Sun, 10 Jul 2022 07:05:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 10 Jul 2022 07:05:05 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:05 GMT
content-encoding
gzip
last-modified
Sun, 10 Jul 2022 07:05:05 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/9f6223be-001e-11ed-bf62-002590c82437?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 10 Jul 2022 07:05:05 GMT
usync.html
eus.rubiconproject.com/ Frame 5023
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f5305887-ce07-52bf-9f74-b66afdbecc71&CACHEBUSTER=49067
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Jul 2022 07:05:05 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 10 Jul 2022 07:05:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 5023
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8de229a29f3d1d84a03d0db201830a9d336475f406367d608b83947beb251507

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 07:05:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70238
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9455
Expires
Mon, 11 Jul 2022 02:35:43 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5023
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&gdpr_consent=undefined&gdpr=0&khaos=L5EZ0M3E-6-CNBH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
49067
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 4D44
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/49067
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/49067
43 B
297 B
Image
General
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/49067
Protocol
H2
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-3.3.5/1.20.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:06 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.3.5/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 07:05:06 GMT
server
ms-counter-3.3.5/1.20.2
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/49067
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
bswsync
crb.kargo.com/api/v1/ Frame 4D44
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f5305887-ce07-52bf-9f74-b66afdbecc71&expires=60
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
43 B
360 B
Image
General
Full URL
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
18.196.134.24 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 07:05:06 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Krk-Reject-Reason
consent
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
//crb.kargo.com/api/v1/bswsync?bsw_uuid=7ed83b15-3a2d-4823-836c-e2e49e6f5dcd&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 10 Jul 2022 07:05:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame B1D7
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f5305887-ce07-52bf-9f74-b66afdbecc71&CACHEBUSTER=49067
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kvt.sddan.com
URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fdiscovered.com.ua%2F

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| $ function| jQuery function| __tcfapi function| __uspapi function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetRichAudienceZone function| GetAdmixerZone function| GetGothamadsZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText function| whatToLoad string| pubstack_ab object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26322 function| refreshVisibility26300 function| Adcall_26300 function| refreshVisibility26323 function| Adcall_26323 function| ym function| gtag object| dataLayer function| MobileDetect object| md function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| lazySizes function| mapperjs object| __core-js_shared__ object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 undefined| Adcall_26328 object| pubstack_publica number| bidder_geo object| google_tag_manager boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| libJsLeadPlace string| GoogleAnalyticsObject function| ga object| regeneratorRuntime function| __tcfapiui object| Ya object| yaCounter28298426 boolean| tmcredentials object| gaplugins object| gaData object| bid undefined| vastUrl object| targetingParams string| Smart_SR_data object| slowBidders object| adsArea26300 object| observers26300 function| refreshQueueManager26300 function| loopChecker26300 object| adsArea26322 object| observers26322 function| refreshQueueManager26322 function| loopChecker26322 object| adsArea26323 object| observers26323 function| refreshQueueManager26323 function| loopChecker26323 undefined| Adcall_26326 undefined| Adcall_video boolean| sasIsIosUiwebview undefined| lte9 undefined| nav undefined| ua undefined| idb object| smartCsync object| _mNDetails number| lnt_z object| el object| lastBidder26300 object| lastBidder26322 object| lastBidder26323

78 Cookies

Domain/Path Name / Value
.zeotap.com/ Name: zc
Value: b0e2de66-1a2f-4a45-68cc-18bb52767500
.zeotap.com/ Name: zsc
Value: %E9RG%25a%263%7Fz%3Cr%A0%94+B%D1A%9F%02fD%1E%C1%9BKy%CC5%0D%E8%5B%F60%98DJ%84%E5%BD%BF%C9%8F%D75%AC%27Np%8B%D6A%9DT%AD%27%A2%D1%99%2A%92G%CB%B0%ED%D8M%08%E9j%7D%93%B3%A26p%0D%E5%D2%F2%82%8E%B5%BB%93%99%DF%09%E1P%B0%E2%FD%D48%BC%B4%142Aes%84~%91.
.discovered.com.ua/ Name: _ga_DLD9124WME
Value: GS1.1.1657436698.1.0.1657436698.60
discovered.com.ua/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.discovered.com.ua/ Name: sharedid
Value: 61475532-19e8-4cd5-9187-231692f709bc
.adnxs.com/ Name: uuid2
Value: 7266520154083601316
.discovered.com.ua/ Name: _ym_uid
Value: 1657436699997512692
.discovered.com.ua/ Name: _ym_d
Value: 1657436699
.quantserve.com/ Name: mc
Value: 62ca7a1b-0cc1b-5fe05-01f45
.discovered.com.ua/ Name: __qca
Value: P0-302704468-1657436698943
.demdex.net/ Name: demdex
Value: 24986795589164907920299297895408656007
.agkn.com/ Name: ab
Value: 0001%3AET1KMFkw%2Bqnbh0SxUtOEQVXw%2FnoxvnrJ
.doubleclick.net/ Name: IDE
Value: AHWqTUnGiSqWxG8UTiMGT3ZQbJ7y79tx_ReellgNoJq3Wh9UJk58J0kHOpdLIxI0QiM
.mathtag.com/ Name: uuid
Value: 175262ca-7a1b-4a00-a88b-051f3511cdc2
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.discovered.com.ua/ Name: _ga
Value: GA1.3.27081062.1657436699
.discovered.com.ua/ Name: _gid
Value: GA1.3.2074905746.1657436699
.discovered.com.ua/ Name: _gat_gtag_UA_59479635_1
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 24986795589164907920299297895408656007
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1451418676fake
.discovered.com.ua/ Name: _ym_isad
Value: 2
.cpx.to/ Name: cpSess
Value: 41cdc2bbc554129a
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3728543903fake
.prebid.a-mo.net/ Name: __amc
Value: 1_1657436699_1657436699
.cpx.to/ Name: dsp_dbm
Value: CAESEK9uLbHGM1QpvAeLkw-4qek#1657436699304
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: f5305887-ce07-52bf-9f74-b66afdbecc71
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.otm-r.com/ Name: mpid
Value: NjJjYTdhMWIwNzhiMTQ3MQ==
.adnxs.com/ Name: icu
Value: ChgI1fB-EAoYASABKAEwm_SplgY4AUABSAEQm_SplgYYAA..
.smartadserver.com/ Name: pid
Value: 4924960525315360854
.cpx.to/ Name: dsp_app_nexus
Value: 7266520154083601316#1657436699402
.yandex.com/ Name: yandexuid
Value: 6716655111657436699
.yandex.com/ Name: yuidss
Value: 6716655111657436699
mc.yandex.com/ Name: yabs-sid
Value: 2281568051657436699
.yandex.com/ Name: i
Value: P5XKIkdowZ9GK9EybgnmwPSMcouWNexbbMxYu/m1PRv/jdEnEPSRevZ9elkmyE3sowLsIJUBawWupcRgksMo0Tnnc80=
.yandex.com/ Name: ymex
Value: 1688972699.yrts.1657436699#1688972699.yrtsi.1657436699
.rubiconproject.com/ Name: khaos
Value: L5EZ0M3E-6-CNBH
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrJeeN3S4YlZ62qEsFCZ0ctSdOhPT1GMTl5jPqKIrO/StWa6sLFUY54ZzKWVv00IB9uYSA0D6HBpOBxGCOXoSK1Jfhj3Drmhwvc6UO785F0Pw==
.discovered.com.ua/ Name: cto_bundle
Value: pwxS9F9RNGJ4Sm9odm85YmJPaGNXOE5EZ0NlVHNtYmw3cGglMkJCZEZGWXhjMEczSE9CcnZPQiUyQmtHVzJpd2JJU0paMENJNkRDbjR1aklLQ3ZtOEs0cXlZcVE2SjhDNFolMkZjd0glMkJVcVlCcmFXMGhlQVRhTmpmV0s5N1Q2a3Z0YSUyQm5Bd0tEY28
.discovered.com.ua/ Name: cto_bidid
Value: GQzE519hY1V0VkVlank0YkNrelo1am5tN1NxRGhXcCUyRiUyRmdDR2xIcXIlMkZNRkQxZFRPaHhLTjJnb3NYTzd6eGlmMjE0S3EzQjV5YmdTb2VHa21vR29wbUlnYWRrUSUzRCUzRA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 86765434-5564-4AEC-B900-EC01CE41A9D8
.cpx.to/ Name: dsp_pubmatic
Value: 86765434-5564-4AEC-B900-EC01CE41A9D8#1657436700542
.criteo.com/ Name: uid
Value: e59a192f-20b5-46f6-ab7b-cc090d91d10b
.amazon-adsystem.com/ Name: ad-id
Value: A9XDA5YTH0xpumEjmb8uzzs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6c372759-bdd9-41dd-8d2e-33fe5b8c0cf2"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTc0MzY3MDE7MjswMjEGosUs+a+g8/6p4Lx0VzfO5SfROoniOBoK24DUmBdx4Q==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2661:u=1:x=1:i=1657436701:t=1657523101:v=2:sig=AQEgt00ibg-oh0_MyZVFTy8Ljfohi-LS"
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GVVeX<xB!]tbP6j2F-.aE@%O4WYq=BWMo6VUD2ief9peE8IRk_?oy1-7#ueE8SmfoVx^3m$PPUc0'T/X+GY1Qw2AldTpP
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI4NGNhNTM5NjZiZDlkNDMyNzUyYjZhZDliMWI5MDFhZCIsImV4cGlyZXMiOiIyMDIyLTEwLTA4VDA3OjA1OjAzWiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA3LTEwVDA3OjA1OjAzWiJ9
.creativecdn.com/ Name: u
Value: 7Oii1gYPTrpC2lUm2rIE
.creativecdn.com/ Name: ts
Value: 1657436703
.bidswitch.net/ Name: c
Value: 1657436703
.bidswitch.net/ Name: tuuid_lu
Value: 1657436703
.360yield.com/ Name: tuuid
Value: b50de5bb-bac4-4b54-b6f9-74f341737ec9
.360yield.com/ Name: tuuid_lu
Value: 1657436703
.adhigh.net/ Name: gi_u
Value: xUpO3iLvIAH.AikABlGB5u0Kiw
.bidswitch.net/ Name: tuuid
Value: 7ed83b15-3a2d-4823-836c-e2e49e6f5dcd
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: Ysp6Hz9bn1P8Wtjlr0TOUAAA
.casalemedia.com/ Name: CMPS
Value: 5172
.casalemedia.com/ Name: CMPRO
Value: 5172
.adhigh.net/ Name: btw_sync
Value: jax
.spotxchange.com/ Name: audience
Value: 9f0c92c9-001e-11ed-87d9-1626150c0306
.admixer.net/ Name: am-uid
Value: 00a7dea12e2e4323922c63bb7d4c6b09
.casalemedia.com/ Name: CMTS
Value: 1164
.smilewanted.com/ Name: sw_user_params_infos
Value: K0UF6E9bcx51vvzUm1uxndaBKQWFwAnQl8Zyw6IEn3j366UYQhUyyZbBcdeDjEdwqGFlTeUFDyM83aPXalesRwHwlYi73xbTxAFju7aXFZBaaT%2BeBmQYeU3%2Bhfp8U%2FdwHx7HWMdHJDE4ABG12e4or2qu6iskYK9GSXMBrRDPL3JCQlz0J3rz2CZO3bEQTKPL6Y%2B29AarWO4RuU3h23%2B75vxWzKgq0Ga1VSuF7W%2BDlN0zS81c%2BnYVpidvXYtIyePRehiq2RTpYoPRLsGsVpxu%2Bp5Qlkx83wQXsnoZ174mgoe6GPJCnSstKkWFcnP1%2F1GtsF1g%2F515Fqyn6I4D%2FHC2QAn%2FICUSlSzgwm6lcUyT2Gg%3D
.betweendigital.com/ Name: ut
Value: Ysp6HwAMFcDbejG4qC121bkMOk7IdQS_Vp7bNw==

5 Console Messages

Source Level URL
Text
javascript error URL: https://discovered.com.ua/
Message:
Access to XMLHttpRequest at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fdiscovered.com.ua%2F' from origin 'https://discovered.com.ua' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fdiscovered.com.ua%2F
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9695.gt_5z9Y1b3ltR3JJyFFc0jlplB3oBseHxBEqf0KPLNU85b7iN1imiFpAG5JVqoQeNMOFgaud5vKSWnxDQ74C0Q%2C%2C.Hsktc8x2Ow5E8kMK_U3DSX51mIA%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning (Line 1)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/709414.gif?gdpr=0
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
acceptable.a-ads.com
acdn.adnxs.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.themoneytizer.com
ads.yahoo.com
adtrack.adleadevent.com
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
b1h.zemanta.com
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
c.tmyzer.com
cache.betweendigital.com
cat.fr.eu.criteo.com
cdn.adnxs.com
cdn.connectad.io
cdnjs.cloudflare.com
ced-ns.sascdn.com
ced.sascdn.com
cm.g.doubleclick.net
cmp.quantcast.com
contextual.media.net
crb.kargo.com
creativecdn.com
csm.eu.criteo.net
csync.smartadserver.com
csync.smilewanted.com
d2zur9cc2gf1tx.cloudfront.net
discovered.com.ua
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gum.criteo.com
hblg.media.net
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
kvt.sddan.com
lg3.media.net
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pix.eu.criteo.net
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
prebid.a-mo.net
prebid.smilewanted.com
px.adhigh.net
px.ads.linkedin.com
qsearch-a.akamaihd.net
quantcast.mgr.consensu.org
region1.analytics.google.com
res-a.akamaihd.net
rules.quantcount.com
s.cpx.to
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssp.otm-r.com
ssum-sec.casalemedia.com
static.a-ads.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
tag.leadplace.fr
tlx.3lift.com
token.rubiconproject.com
warp.media.net
widget.fr.eu.criteo.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
kvt.sddan.com
104.18.19.126
104.92.74.8
108.156.253.167
13.248.245.213
138.201.65.66
138.201.65.74
141.95.98.70
142.250.185.66
145.239.192.166
146.0.227.109
147.75.85.234
148.251.233.147
151.101.129.108
151.236.71.19
172.67.10.198
178.250.0.157
178.250.0.160
178.250.0.163
178.250.2.135
178.250.2.150
18.196.134.24
185.184.8.90
185.29.132.245
185.86.137.110
185.86.137.113
185.94.180.126
188.42.191.196
193.232.150.68
198.47.127.19
2.18.233.201
2.18.235.93
2.21.20.210
2.21.20.215
2001:4860:4802:32::36
2001:6d0:4001::226
204.237.133.120
23.211.5.91
23.211.6.95
23.216.77.25
23.35.236.188
23.54.113.52
23.75.240.210
2600:9000:21f3:6e00:9:46dc:4700:93a1
2600:9000:2240:7200:9:46dc:4700:93a1
2600:9000:2490:a200:6:44e3:f8c0:93a1
2602:803:c003:200::31
2602:803:c003:200::77
2606:4700:10::6816:1857
2606:4700:10::ac43:8ae
2606:4700::6811:180e
2606:4700::6812:372
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:802::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:813::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9a
2a01:4f8:10b:2c15::
2a02:2638:1::3
2a02:2638::1c
2a02:2638::b
2a02:26f0:6c00::210:ba29
2a02:6b8::1:119
2a02:6b8::90
2a02:6ea0:c700::19
31.172.81.159
35.156.83.159
35.158.200.114
35.244.174.68
35.71.131.137
37.252.172.250
37.252.173.27
37.252.173.38
50.31.142.191
51.75.86.98
52.211.136.172
52.59.173.142
52.95.125.22
54.216.212.103
54.228.198.182
54.228.48.187
54.247.7.78
54.38.64.100
64.74.236.95
69.173.144.138
69.173.144.139
72.251.249.9
89.108.119.43
92.123.194.140
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00f41e1bb22127f136fdbc0ce51d2661a81ad9b856ec8fb14e8b82813dbc827a
0254378e8bd3f31506780e6573c1346bf36120776478d19718232d4e24079fa2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac506080502c1fc731dd19e2bc167d1c17fb4d93a5516f9e5d68a0ab63eaffa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cefeac29154ea5873740fa8a1dcdcb04b464920b9a1a82cddc862e07a915e9c
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
11daf6f1f81c0e60c33e75464791f001280c50524a42dfcb70cedca62bd32f74
186eb40eb307c86b8a32c2a61f3d27933cd841d965b4c6d096ea9942541ae531
1955401a4589f6a764dbc564649ea12e459382de2f954c1b8a5fc55dae0b0c26
202c313c0e1c9c9c0b05519c58f6f555d8a427a10cf976c669feb2a1bb4eaa4e
259feab5acef00ed8d670dca4bc902525f83d507e72bc606c5836096511b1f72
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ba8abe3be066a47349da32adcfb4e5138c2720330ba2b182d7c4f6ff7129cee
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e76e73d3fa47de2ff3b0bc2657204b78e67a4f444876c6c4b2d29336035be88
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3a4600684e5fae2ee16a25c733aaae5125ad01aaa8e6ef20a33897d5a9439b09
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bc0d8eff58d4a635c2b1e9d07ea5104ae2db876c59ae3f3f2768608eec8eba0
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
436ea3a822c7b83deb5612793164e608f28202b40b23d39156f19b474d4315fc
459bbb4f20da99d4483ee081a401d40d810393099db5381b92e91c33b9d2cd39
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
47b0fe68742cda1642c90643011fca7b9129438f35c714d801f164725b138605
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178
5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
65065476317136966a59b7560a0bc5a73ac741a04b7869def71ee8c1d479ee46
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502
696d508df28808852f30d89d7a52c88b1ae8b8591fd011bef3464e4f8892a6f0
6a0452473ec210240d40eeaecc451434508dd54ba3e31952d07d38f211d79626
6dea72a19f31a4791eeccf5fb3914603b8091ea77b361b2896369e251ff48ed6
6e5c6f778b58539efe04eaa0efdf454f42b71b843a5562a906f072d7746484f2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
77cc2a262c38bdfeaf27050d2e54b5927c5744f4d80e2fa466c526d524e7c2ae
7898425d5cdbc2eeab116722a0b0aa19e66ba822e915db0fe213d488405d07aa
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7daad585125ad482b8c3011bde111fb4a8e3c60e9c690d33e800693a36277434
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
82ca47b4e209bacd475e9921bff202d313f839c02a1d738389aa7adc228a7436
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8454a5675ebc2aa69f5a59db3ac1c70931619c5b04df82c8cd1080e5c2647a0b
8b1ed50588db97da6384ef1e7e749613693ed22a3130d83d2c9c3256badea01e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de229a29f3d1d84a03d0db201830a9d336475f406367d608b83947beb251507
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fce39ec7a63f40eac85498fb8aca9f7b595f1787bc1afd5e94a8823e99240b9
9884c8c0298dabc1ca470a10d59b23564a256e8ee28581ad0be0f543ebe6fb9d
9c9386f8df7e6237e3322a8236f8aa23a45ffd484e7d52f2efbab94229872574
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a495d2b2854a79f4489e81747f15895de1411df94e8d3905f90f67d00f3b2a27
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0331603117bda3d3b3429536045440340f8c48528b00f758e86d93361444d9f
b0af9b5ba26620df690934c69d688052098d97dd00864efe96222e7e47ef2f73
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25720be254e49fcc11316fd458f4f425f20771eea0e2f735d7f5ba628f7b77f
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b730ee413841da70b67f550de8ffce8148c3fd15dacc5274bd0b80bf18a44da7
babcc8e3cb043034309762c0e0a9812959a2f9e99a76869f37e577e4addfb748
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdd99d2c3e8e201d74478aae63335ae605ee193fc052cd650a34c79108a7785d
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a4c890d6116d466e36e0d16fbb919fb40aed7a1af570e403065b4d09f3d43a
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
ce32c496a3a5c15115fa58fd274a23d6567d404a33f11789f89bec7e7b4c47f6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01705c36caeca13e04eaba33377f708a4f4016d938812c32a78d17694fd038d
d0e9e217d004ce2ccd678f9fa4d2b0655ae7fead66c402d7e5eb8643984a9f47
d5746274c151a0c0eaad5d03c5b6f704116a7007142d5ef4e1072ae802109411
dce50eee3fdc1e23dfbd66dd3cabcbb1e9499fd49f63912e416552e450d7591a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13bdf057ac60b81f839e8b867559978bbda387b5954ee334bf156216736179a
e1f333cef09cc9eff58a4aa2d1887cedfb156d91fab92f366d4f569665c192b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
e411633c11930c9ce6429782d6dc4e5aeabed7e7fb5a65f082f006004227d07f
e884e5580bd2bfb6fde520d58ebaa7e289088054f135f990a81e84ba552511f1
e887ae8d350c880b33bb935c923e8c5a6e09e11b105a38a05230eb4a9f4c17b5
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f966ed33247f15fb31f43984c78aae8c7143a59bb48680cbb34125f1b38ec00d