www.5.ua Open in urlscan Pro
2606:4700:10::6816:317d Public Scan

URL:
https://www.5.ua/
Submission: On February 25 via manual (February 25th 2021, 12:36:59 pm UTC) from UA

Summary HTTP 359 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 107 IPs in 15 countries across 103 domains to perform 359 HTTP transactions. The main IP is 2606:4700:10::6816:317d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.5.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2020. Valid for: 2 years.

This is the only time www.5.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	2606:4700:10:... 2606:4700:10::6816:317d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	185.187.81.38 185.187.81.38	() ()
1	2606:4700:303... 2606:4700:3031::6815:327d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a0c:5c81:505... 2a0c:5c81:5052::2	55081 (24SHELLS) (24SHELLS)
9	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
10	2606:4700:e6:... 2606:4700:e6::ac40:ce20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
2 7	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 6	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:6208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
2 4	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a0c:5c81:502... 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696	55081 (24SHELLS) (24SHELLS)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.22.109.130 52.22.109.130	14618 (AMAZON-AES) (AMAZON-AES)
2 5	104.111.237.88 104.111.237.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1 11	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
6	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	88.214.194.185 88.214.194.185	46636 (NATCOWEB) (NATCOWEB)
2 2	52.207.141.143 52.207.141.143	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	54.197.98.98 54.197.98.98	14618 (AMAZON-AES) (AMAZON-AES)
2 6	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
10 28	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 2	195.209.108.36 195.209.108.36	52007 (ADRIVER-AS) (ADRIVER-AS)
3 3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	34.242.72.242 34.242.72.242	16509 (AMAZON-02) (AMAZON-02)
6 6	3.124.165.65 3.124.165.65	16509 (AMAZON-02) (AMAZON-02)
1 1	188.34.165.163 188.34.165.163	24940 (HETZNER-AS) (HETZNER-AS)
1 2	194.247.175.19 194.247.175.19	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1 13	52.58.54.57 52.58.54.57	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3 3	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
4	5.178.65.252 5.178.65.252	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2606:4700::68... 2606:4700::6810:df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 6	34.204.119.109 34.204.119.109	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 3	159.69.76.252 159.69.76.252	24940 (HETZNER-AS) (HETZNER-AS)
3	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 5	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	107.20.147.136 107.20.147.136	14618 (AMAZON-AES) (AMAZON-AES)
1 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2607:f8b0:400... 2607:f8b0:4007:803::2003	15169 (GOOGLE) (GOOGLE)
4 14	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 18	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
3 6	54.228.21.183 54.228.21.183	16509 (AMAZON-02) (AMAZON-02)
1 3	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	154.57.158.51 154.57.158.51	26558 (FREEWHEEL) (FREEWHEEL)
2 2	2a05:d018:24:... 2a05:d018:24:b001:d120:1359:acbb:2de6	16509 (AMAZON-02) (AMAZON-02)
2 2	52.211.12.168 52.211.12.168	16509 (AMAZON-02) (AMAZON-02)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	() ()
2 2	85.114.159.118 85.114.159.118	() ()
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	89.163.159.106 89.163.159.106	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 3	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.29.225.117 52.29.225.117	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	54.76.98.123 54.76.98.123	16509 (AMAZON-02) (AMAZON-02)
6 6	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.226.132.24 34.226.132.24	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.123.167 52.95.123.167	16509 (AMAZON-02) (AMAZON-02)
1 2	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.181.119 34.102.181.119	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
1 2	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
1	51.178.20.139 51.178.20.139	16276 (OVH) (OVH)
1	3.220.190.7 3.220.190.7	14618 (AMAZON-AES) (AMAZON-AES)
4 4	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 4	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	62.209.227.210 62.209.227.210	5588 (GTSCE GTS...) (GTSCE GTS Central Europe / Antel Germany)
1 1	37.252.173.108 37.252.173.108	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2 2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.20.51 65.9.20.51	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.83.160.162 212.83.160.162	12876 (Online SAS) (Online SAS)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	208.100.17.185 208.100.17.185	32748 (STEADFAST) (STEADFAST)
3 3	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
6 6	52.31.242.159 52.31.242.159	16509 (AMAZON-02) (AMAZON-02)
2	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1 2	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.158.29.13 51.158.29.13	12876 (Online SAS) (Online SAS)
1 21	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	213.155.156.180 213.155.156.180	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	185.86.138.114 185.86.138.114	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	188.165.137.78 188.165.137.78	16276 (OVH) (OVH)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.159.187.109 18.159.187.109	16509 (AMAZON-02) (AMAZON-02)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	18.197.64.250 18.197.64.250	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	52.215.241.211 52.215.241.211	16509 (AMAZON-02) (AMAZON-02)
2	52.48.248.240 52.48.248.240	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
2	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
359	107

52 2606:4700:10::6816:317d (United States)

ASN13335 (CLOUDFLARENET, US)

www.5.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.38 (Kyiv, Ukraine)

ASN- ()

piguiqproxy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:327d (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0c:5c81:5052::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:e6::ac40:ce20 (United States)

ASN13335 (CLOUDFLARENET, US)

api.traq.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 62.149.0.72 (Ukraine) 2 redirects

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.244 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6208 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.191.196 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.109.130 (Port Chester, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-109-130.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.237.88 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 46.249.52.249 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.194.185 (United Kingdom)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.141.143 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.98.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-98-98.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.0.227.110 (Ascension Island) 2 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 10 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.36 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.72.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-72-242.eu-west-1.compute.amazonaws.com

ismatlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.124.165.65 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.34.165.163 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.19 (Ukraine) 1 redirects

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.58.54.57 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.150 (Portsmouth, United Kingdom) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.204.119.109 (United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-119-109.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.76.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.76.69.159.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.56.137 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.247 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.147.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4007:803::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.228.21.183 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-21-183.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.12.168 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-12-168.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Erba, Italy) 1 redirects

ASN- ()

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN- ()
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.106 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.48.137.92 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.225.117 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-225-117.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.98.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-98-123.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.14.49 (Frankfurt am Main, Germany) 6 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.132.24 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-132-24.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.152.128 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.181.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)

im.thenewco.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.13 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: proxy0393.eu3.dynfactory.com

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.190.7 (United States)

ASN14618 (AMAZON-AES, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.135.234 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.209.227.210 (Zlín, Czech Republic) 1 redirects

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.108 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)

adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.20.51 (Orlando, United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:34e (United States)

ASN13335 (CLOUDFLARENET, US)

sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.160.162 (France)

ASN12876 (Online SAS, FR)

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.185 (United States)

ASN32748 (STEADFAST, US)
PTR: ip185.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.53 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.31.242.159 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.188 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)

sddan.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.180 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.187.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.64.250 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.241.211 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Englewood, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	5.ua www.5.ua	2 MB
36	doubleclick.net 13 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	164 KB
33	pubmatic.com 2 redirects ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com aud.pubmatic.com image4.pubmatic.com	84 KB
26	googlesyndication.com 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	118 KB
18	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	6 KB
16	adscale.de 1 redirects js.adscale.de ih.adscale.de	17 KB
15	e-planning.net 1 redirects ads.us.e-planning.net u-ams02.e-planning.net sync.e-planning.net s.e-planning.net	19 KB
15	admixer.net 2 redirects cdn.admixer.net inv-nets.admixer.net	193 KB
14	casalemedia.com 4 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	18 KB
14	rubiconproject.com 6 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com pixel-eu.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	16 KB
11	yahoo.com 7 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com ads.yahoo.com pr-bh.ybp.yahoo.com	7 KB
10	ampproject.org cdn.ampproject.org	195 KB
10	adnxs.com 8 redirects ib.adnxs.com adscale-emea.adnxs.com secure.adnxs.com	8 KB
10	traq.li api.traq.li	63 KB
10	adtelligent.com 1 redirects player.adtelligent.com ghb.adtelligent.com sync.adtelligent.com ghb1.adtelligent.com	105 KB
8	criteo.com 3 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	2 KB
7	adform.net 5 redirects cm.adform.net dmp.adform.net track.adform.net c1.adform.net	2 KB
7	google.com 2 redirects ampcid.google.com analytics.google.com adservice.google.com www.google.com	1 KB
6	bidr.io 6 redirects match.prod.bidr.io	3 KB
6	everesttech.net 6 redirects sync-tm.everesttech.net	1 KB
6	crwdcntrl.net 1 redirects bcp.crwdcntrl.net tags.crwdcntrl.net sync.crwdcntrl.net	14 KB
6	adsrvr.org 3 redirects match.adsrvr.org	2 KB
6	tapad.com 4 redirects pixel.tapad.com	2 KB
6	audrte.com 3 redirects a.audrte.com	6 KB
6	bidswitch.net 6 redirects x.bidswitch.net	2 KB
6	adtarget.com.tr 1 redirects s.console.adtarget.com.tr sync.console.adtarget.com.tr	4 KB
5	mathtag.com 5 redirects pixel.mathtag.com sync.mathtag.com	3 KB
5	gstatic.com csi.gstatic.com www.gstatic.com fonts.gstatic.com	48 KB
5	betweendigital.com 3 redirects ads.betweendigital.com	3 KB
5	google.de www.google.de adservice.google.de ampcid.google.de	1 KB
4	quantumdex.io sync.quantumdex.io	2 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com	2 KB
4	creativecdn.com 2 redirects prebid-eu.creativecdn.com creativecdn.com ams.creativecdn.com	1 KB
4	trafmag.com t.trafmag.com m.trafmag.com	1 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	935 B
3	taboola.com 1 redirects trc.taboola.com match.taboola.com	568 B
3	sonobi.com sync.go.sonobi.com	1 KB
3	richaudience.com 1 redirects sync.richaudience.com	1 KB
3	sitescout.com 3 redirects pixel.sitescout.com pixel-sync.sitescout.com	1014 B
3	openx.net 2 redirects adtelligent-d.openx.net rtb.openx.net	933 B
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagservices.com www.googletagservices.com	80 KB
2	eyeota.net ps.eyeota.net	688 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	838 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	contextweb.com 2 redirects bh.contextweb.com	959 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	simpli.fi 1 redirects um.simpli.fi	1 KB
2	adgrx.com cm.adgrx.com	816 B
2	criteo.net static.criteo.net	51 KB
2	quantserve.com 1 redirects cms.quantserve.com pixel.quantserve.com	903 B
2	bluekai.com 1 redirects tags.bluekai.com	674 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	841 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	792 B
2	dotomi.com prebid-match.dotomi.com pubmatic-match.dotomi.com	207 B
2	1rx.io 2 redirects sync.1rx.io	700 B
2	tns-ua.com 1 redirects pa.tns-ua.com	468 B
2	adriver.ru 2 redirects ad.adriver.ru	1 KB
2	advangelists.com 2 redirects nep.advangelists.com	462 B
2	shareaholic.com analytics.shareaholic.com partner.shareaholic.com	640 B
2	shareaholic.net cdn.shareaholic.net www.shareaholic.net	6 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	30 KB
2	googletagmanager.com www.googletagmanager.com	90 KB
1	ib-ibi.com global.ib-ibi.com	72 B
1	gumgum.com 1 redirects rtb.gumgum.com	335 B
1	playground.xyz 1 redirects ads.playground.xyz	486 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	turn.com 1 redirects ad.turn.com	518 B
1	erne.co 1 redirects green.erne.co	327 B
1	smartadserver.com rtb-csync.smartadserver.com	233 B
1	de17a.com d5p.de17a.com	134 B
1	consensu.org sddan.mgr.consensu.org	109 B
1	adotmob.com 1 redirects sync.adotmob.com	682 B
1	tynt.com ic.tynt.com
1	onetag-sys.com onetag-sys.com	818 B
1	cookieless-data.com js.cookieless-data.com	2 KB
1	ibillboard.com 1 redirects bbnaut.ibillboard.com	550 B
1	deepintent.com match.deepintent.com	124 B
1	dyntrk.com gu.dyntrk.com	215 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	304 B
1	innovid.com ag.innovid.com	296 B
1	thenewco.id im.thenewco.id	180 B
1	mookie1.com odr.mookie1.com	324 B
1	agkn.com 1 redirects aa.agkn.com	384 B
1	theadex.com dmp.theadex.com	378 B
1	bemail.it 1 redirects bn01.er.bemail.it	659 B
1	exelator.com loadeu.exelator.com	324 B
1	fwmrm.net dmp.v.fwmrm.net	361 B
1	admanmedia.com 1 redirects cs.admanmedia.com	428 B
1	navdmp.com tag.navdmp.com	4 KB
1	splicky.com 1 redirects bidswitch-eu.splicky.com	221 B
1	ismatlab.com ismatlab.com	149 B
1	ck-ie.com us.ck-ie.com	129 B
1	adxpremium.services rtb.adxpremium.services	969 B
1	stackpathcdn.com m9m6e2w5.stackpathcdn.com	44 KB
1	adtcdn.com player.adtcdn.com	25 KB
1	piguiqproxy.com piguiqproxy.com	401 B
359	103

	Domain	Requested by
52	www.5.ua	www.5.ua
22	cm.g.doubleclick.net	13 redirects www.5.ua 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com eus.rubiconproject.com bcp.crwdcntrl.net
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.5.ua cdn.ampproject.org 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com tpc.googlesyndication.com
15	simage2.pubmatic.com	1 redirects image6.pubmatic.com ads.pubmatic.com
15	mwzeom.zeotap.com	1 redirects spl.zeotap.com ads.us.e-planning.net ads.pubmatic.com
13	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	api.traq.li	www.5.ua ajax.googleapis.com api.traq.li
9	cdn.admixer.net	www.5.ua cdn.admixer.net
9	securepubads.g.doubleclick.net	www.googletagservices.com www.5.ua securepubads.g.doubleclick.net
8	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com ssum-sec.casalemedia.com
6	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
6	match.prod.bidr.io	6 redirects
6	pagead2.googlesyndication.com	6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com www.5.ua www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	sync-tm.everesttech.net	6 redirects
6	match.adsrvr.org	3 redirects ssum.casalemedia.com eus.rubiconproject.com bcp.crwdcntrl.net
6	pixel.tapad.com	4 redirects spl.zeotap.com image6.pubmatic.com
6	a.audrte.com	3 redirects ads.us.e-planning.net a.audrte.com s.console.adtarget.com.tr
6	u-ams02.e-planning.net	ads.us.e-planning.net ssum.casalemedia.com ads.pubmatic.com
6	x.bidswitch.net	6 redirects
6	inv-nets.admixer.net	2 redirects cdn.admixer.net www.5.ua
6	ads.pubmatic.com	s.console.adtarget.com.tr ads.pubmatic.com ads.us.e-planning.net
6	ib.adnxs.com	4 redirects player.adtelligent.com spl.zeotap.com
5	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
5	ups.analytics.yahoo.com	5 redirects
5	sync.console.adtarget.com.tr	1 redirects s.console.adtarget.com.tr js.adscale.de ads.us.e-planning.net
5	ads.betweendigital.com	3 redirects www.5.ua
4	sync.quantumdex.io	ads.us.e-planning.net sync.quantumdex.io ssum-sec.casalemedia.com
4	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	sync.mathtag.com	4 redirects
4	image6.pubmatic.com	1 redirects ads.pubmatic.com spl.zeotap.com
4	s.e-planning.net	ads.us.e-planning.net
4	ghb.adtelligent.com	player.adtcdn.com player.adtelligent.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	secure.adnxs.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects ssum.casalemedia.com sync.quantumdex.io
3	fonts.gstatic.com	fonts.googleapis.com
3	bcp.crwdcntrl.net	1 redirects spl.zeotap.com tags.crwdcntrl.net
3	dmp.adform.net	2 redirects spl.zeotap.com
3	spl.zeotap.com	ads.us.e-planning.net spl.zeotap.com
3	ssum.casalemedia.com	2 redirects ads.us.e-planning.net
3	sync.go.sonobi.com	ads.us.e-planning.net sync.quantumdex.io
3	sync.richaudience.com	1 redirects ads.us.e-planning.net spl.zeotap.com
3	sync.e-planning.net	ads.us.e-planning.net sync.quantumdex.io
3	m.trafmag.com	www.5.ua
3	www.google.com	2 redirects www.5.ua
3	js.adscale.de	s.console.adtarget.com.tr js.adscale.de ih.adscale.de
3	gum.criteo.com	1 redirects static.criteo.net
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
3	www.google-analytics.com	www.googletagmanager.com www.5.ua
3	www.googletagservices.com	www.5.ua securepubads.g.doubleclick.net 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
2	ps.eyeota.net	s.console.adtarget.com.tr
2	sync.crwdcntrl.net	bcp.crwdcntrl.net
2	pixel-sync.sitescout.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	bh.contextweb.com	2 redirects
2	tracking.m6r.eu	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	cm.adgrx.com	ssum-sec.casalemedia.com image6.pubmatic.com
2	dis.criteo.com	2 redirects
2	track.adform.net	2 redirects
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	tags.bluekai.com	1 redirects bcp.crwdcntrl.net
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	beacon.krxd.net	spl.zeotap.com
2	idsync.frontend.weborama.fr	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	trc.taboola.com	1 redirects spl.zeotap.com
2	googleads.g.doubleclick.net	www.5.ua
2	eus.rubiconproject.com	ads.us.e-planning.net eus.rubiconproject.com
2	rtb.openx.net	2 redirects
2	sync.1rx.io	2 redirects
2	pa.tns-ua.com	1 redirects www.5.ua
2	ad.adriver.ru	2 redirects
2	nep.advangelists.com	2 redirects
2	ads.us.e-planning.net	1 redirects s.console.adtarget.com.tr
2	creativecdn.com	1 redirects www.5.ua
2	mug.criteo.com	www.5.ua
2	6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google.de	www.5.ua
2	sync.adtelligent.com	1 redirects s.console.adtarget.com.tr
2	www.googletagmanager.com	www.5.ua www.googletagmanager.com
1	global.ib-ibi.com	bcp.crwdcntrl.net
1	rtb.gumgum.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	c1.adform.net	1 redirects
1	aud.pubmatic.com	ads.pubmatic.com
1	match.taboola.com	image6.pubmatic.com
1	s.tribalfusion.com	image6.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	green.erne.co	1 redirects
1	rtb-csync.smartadserver.com	image6.pubmatic.com
1	d5p.de17a.com	image6.pubmatic.com
1	sddan.mgr.consensu.org	js.cookieless-data.com
1	sync.adotmob.com	1 redirects
1	ic.tynt.com	sync.quantumdex.io
1	onetag-sys.com	sync.quantumdex.io
1	js.cookieless-data.com	s.e-planning.net
1	tags.crwdcntrl.net	s.e-planning.net
1	adscale-emea.adnxs.com	1 redirects
1	bbnaut.ibillboard.com	1 redirects
1	ads.yahoo.com	eus.rubiconproject.com
1	match.deepintent.com	ssum.casalemedia.com
1	gu.dyntrk.com	ssum.casalemedia.com
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
1	cms.quantserve.com	6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	im.thenewco.id	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	www.gstatic.com	6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
1	fonts.googleapis.com	6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
1	csi.gstatic.com	cdn.ampproject.org
1	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	secure-assets.rubiconproject.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	prebid-match.dotomi.com	ads.us.e-planning.net
1	tag.navdmp.com	ads.us.e-planning.net
1	pixel.sitescout.com	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	ismatlab.com	www.5.ua
1	www.shareaholic.net	cdn.shareaholic.net
1	us.ck-ie.com	s.console.adtarget.com.tr
1	ams.creativecdn.com	1 redirects
1	cm.adform.net	s.console.adtarget.com.tr
1	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	bidder.criteo.com	player.adtelligent.com
1	fastlane.rubiconproject.com	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	rtb.adxpremium.services	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	ampcid.google.de	www.google-analytics.com
1	analytics.google.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	t.trafmag.com	www.5.ua
1	s.console.adtarget.com.tr	player.adtcdn.com
1	m9m6e2w5.stackpathcdn.com	cdn.shareaholic.net
1	player.adtcdn.com	www.5.ua
1	piguiqproxy.com	www.5.ua
1	cdn.shareaholic.net	www.5.ua
1	ajax.googleapis.com	www.5.ua
359	165

This site contains links to these domains. Also see Links.

Domain
facebook.com
t.me
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
5.ua Sectigo RSA Domain Validation Secure Server CA	`2020-05-20` - `2022-05-18`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
cdn.shareaholic.net R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
piguiqproxy.com R3	`2021-02-17` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
*.adtelligent.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-28` - `2021-11-27`	a year	crt.sh
ghb.adtelligent.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-06-21`	a year	crt.sh
*.stackpathcdn.com Go Daddy Secure Certificate Authority - G2	`2019-06-27` - `2021-06-27`	2 years	crt.sh
s.console.adtarget.com.tr R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
ghb1.adtelligent.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
shareaholic.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
cat.adscale.de DigiCert SHA2 Secure Server CA	`2020-10-23` - `2021-11-21`	a year	crt.sh
*.adform.net DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-06-02`	a year	crt.sh
sync.console.adtarget.com.tr R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
ads.us.e-planning.net R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2020-11-12` - `2021-12-14`	a year	crt.sh
sync.adtelligent.com R3	`2021-02-05` - `2021-05-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.shareaholic.net R3	`2021-02-15` - `2021-05-16`	3 months	crt.sh
ismatlab.com RapidSSL RSA CA 2018	`2020-05-19` - `2021-05-20`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
*.adscale.de Amazon	`2020-06-05` - `2021-07-07`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.e-planning.net R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
*.audrte.com Amazon	`2021-01-26` - `2022-02-24`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.shareaholic.com R3	`2021-02-15` - `2021-05-16`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
im.thenewco.id GTS CA 1D2	`2021-02-06` - `2021-05-07`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
gu.dyntrk.com R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-03-09`	a month	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
js.cookieless-data.com R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
sddan.mgr.consensu.org R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.eyeota.net R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh

This page contains 43 frames:

Primary Page: https://www.5.ua/
Frame ID: 7F1C28F5F773A2B060235DD0EB0A7B12
Requests: 163 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: D059D7877E8AD5B9711E2AAD05D66699
Requests: 4 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: 5DCB7C4A458384022BC393C47D8A2B86
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 2EC549023E6D6BCB5BF0C779A3B5C53A
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 5F12CF993CD8C984D10DF7F17BDF0F38
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2HiMb2pqxSRedxN1AWtb&pi=admatic&tc=1
Frame ID: 7A71A09F8E3AEAF92A32EF208FB4BEC3
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 2B79830D44C1773FFC727DD048658A7D
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%25%25EXTERNAL_COOKIE_ID%25%25
Frame ID: E07064C7FFC68BD5B8FA2D3CBE906FB4
Requests: 1 HTTP requests in this frame

Frame: https://api.traq.li/publisher/unattended/1313?wv=7&v=vg.3db71fd
Frame ID: 8D5CAED0A30D72CE1A2DDD9C07D4AE82
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C3789AC162AA5F1BEB9D5633A7198B72
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs
Frame ID: 34EFAD41153590C44D65263139191A76
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: B009B713FA0DA1D60BBACD884ADABA3E
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 9E2CC7C674FB699B18B8943F1ECC866C
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4f358596ee8e6644%26uid%3D
Frame ID: 9159C5C17726F2AAAD8DEB84811DF45D
Requests: 1 HTTP requests in this frame

Frame: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 3D1805CDD0DA1C440E3D043B5B028F23
Requests: 16 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Frame ID: 6B20441FCBEDA51E819E6B2497E42E50
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361&cmp=0
Frame ID: 9E325A794091E1A2D2A17A11E5619917
Requests: 31 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2E469DD86BDE1E9E7ECCB84AECAFBDC5
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B66445C50FE7773CA3124BEEB5E58CBE
Requests: 9 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Frame ID: 871D5DE4A75CC64076F7D4CD4BBF9A71
Requests: 11 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 4F329E471E198D8D4991A1348A014E54
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 108B4A79D2902B740E5D6FF5A4409E22
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=APImJsRJ72S1ip4Z
Frame ID: 3F732EE3EABB43059FE4219AEAFDFE51
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: A58C6CC422D87FF100DA1C01B9620C47
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 7F93DEB8B4AB5CF6BA472B52CFEFE116
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 71056E260D887BCD5BF0C342120CB252
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 8EF556D0FA665B05B9234CD31539F736
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: F9E5217239817CA46938628F1D356D1D
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: FB298E7A7C415D179B9D7AC20D3965C8
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeoU7AbzQAABADGLyooA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: A4471AF6CE8DB01E2BC9B88841FA9939
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933179261414340756
Frame ID: C6539D4F9AACD1BA9342219AC3982DC9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=t4XFz3rRYvAfohvTORYdWYGU
Frame ID: E6D6B6F190340ABBA248012BA94AE4DC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 685DF06B96EA16C6D74366303DCECD4C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A0C0C428C80D646103DD9B21C14466A2
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 65AE54245B93D05FD6F0EA2E539404B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=3NmKqcP2z27R&pid=557219
Frame ID: 453786D1773D1604DEF9A10168ECE769
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d75983e5-27a2-4cc0-8804-1ce9ed1a24a8-tuct7311f51&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 885A9C9F5937FE7B3E7DDAFE6EB27E7C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Frame ID: EBB77309B0170C922A1BE2FD9120F1F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:eLIyDnRD1LffSG5&gdpr=0&gdpr_consent=
Frame ID: 3132DB4CAA7DCFA5AFD4AC1820CFD069
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=4f358596ee8e6644&uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF
Frame ID: 12E46BCA389435BAC9F364B4C4AB8068
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 066F24DCF6AB3B95BB48A40B9C9669C7
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.5.ua
Frame ID: E6F6D8F52DEC0D879866E4844A6E1FD2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 50E6D815D3B36BB15DB5BD2400A14FB4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

359
Requests

100 %
HTTPS

28 %
IPv6

103
Domains

165
Subdomains

107
IPs

15
Countries

3189 kB
Transfer

6742 kB
Size

24
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/5kanal
Title:

Search URL Search Domain Scan URL

URL: https://t.me/news_5ua
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/5channel
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/5channel
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=99e4cde000f4b5a0

Request Chain 100

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.5.ua%2F&domain=www.5.ua&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XPWA_XxnZzk0S2lRS1ltQjVWUU9Hc2V1c0JEeXFXdjFnMHJCM2hhcFI3eHZpMmJjbktZSVh3dlBNY0RtQWdDdHZ0WVZ4Z1FzMndTaUpGcStLYklhaElhbndWYmpHNENDUjhKMWFmSmM4bUdYa2FTam03N0pNUVBac3NoQUdjMjFWMWdEY3VteHkzN0pQQ1JwOWFVZjJldWJpZ25Id1phU2s0U05qWFJDbUloaUxZN3RYY09vVGxGVVphOUdqQUZROG1OajRVa0w1eldJS2JCU3QvcUl0V2N6amxYT3N0TlIrODdoUXJxMkdVM09MVjQ4PXw&cppv=2

Request Chain 105

https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=7485475069292968&tz=-60&fl=0&rr=direct&s=3966381&bidid=13fd635af64f463&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=kuoyin.yl&ref=https%3A%2F%2Fwww.5.ua%2F HTTP 302
https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=7485475069292968&tz=-60&fl=0&rr=direct&s=3966381&bidid=13fd635af64f463&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=kuoyin.yl&ref=https%3A%2F%2Fwww.5.ua%2F&crf=1

Request Chain 106

https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=3429717507388874&tz=-60&fl=0&rr=direct&s=3969965&bidid=14683266a7b5c52&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=kuoyin.yl&ref=https%3A%2F%2Fwww.5.ua%2F HTTP 302
https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=3429717507388874&tz=-60&fl=0&rr=direct&s=3969965&bidid=14683266a7b5c52&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=kuoyin.yl&ref=https%3A%2F%2Fwww.5.ua%2F&crf=1

Request Chain 116

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://ams.creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2HiMb2pqxSRedxN1AWtb&pi=admatic&tc=1

Request Chain 117

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Request Chain 120

https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-84fbd69e-e733-439b-9364-39d7e37491a7

Request Chain 121

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=0bb125323e6f736c

Request Chain 143

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5265483543 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Axm12GZiLiXd9V06DsVSZww

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NWUzMWU3MWE3NzQ0NDQ5YzkyM2Y2OWQxYjk5NDBiOWY&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEJal8Mw0QkW8tikL2l0kiK4&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=5e31e71a7744449c923f69d1b9940b9f

Request Chain 145

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3d4690df-d020-5238-80fe-029ee0c99b55

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEOMppaNXGyGIfEG62Sc1Ips&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=5e31e71a7744449c923f69d1b9940b9f

Request Chain 149

https://x.bidswitch.net/sync?ssp=admixer&user_id=5e31e71a7744449c923f69d1b9940b9f&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=5e31e71a7744449c923f69d1b9940b9f&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy] HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=dd1affc3-edd8-41ae-a61b-861e322ad6fe HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=dd1affc3-edd8-41ae-a61b-861e322ad6fe HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=dd1affc3-edd8-41ae-a61b-861e322ad6fe&gdpr=&consent=&gdpr_pd=

Request Chain 150

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=5e31e71a7744449c923f69d1b9940b9f HTTP 302
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z4327A71C6C94AFE96B3B02843BDE1C8&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=5e31e71a7744449c923f69d1b9940b9f

Request Chain 153

https://ih.adscale.de/uu?cbfn=receive&t=1614256587 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1614256587&nut&uu=acedd7d794a14dab8f424710cd84f2bc

Request Chain 174

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4f358596ee8e6644 HTTP 302
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4f358596ee8e6644

Request Chain 175

https://sync.1rx.io/usersync2/eplanning HTTP 302
https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1

Request Chain 179

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4f358596ee8e6644%26uid%3D%24%7BUID%7D HTTP 302
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4f358596ee8e6644&uid=16ca8659-eb17-4318-af77-f4fc5cc6ac59

Request Chain 183

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4f358596ee8e6644 HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.console.adtarget.com.tr%252Fcsync%253Ft%253Da%2526ep%253D307442%2526extuid%253D%2524UID

Request Chain 184

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4f358596ee8e6644%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D4f358596ee8e6644%2526uid%253D%2524UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4f358596ee8e6644&uid=3918247862574724850

Request Chain 186

https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-EvbVqJd1l2buZJ64pHnCzgBfX1x7fFOEi3.0j0U-

Request Chain 187

https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4f358596ee8e6644%26uid%3D%7B%24UID%7D HTTP 302
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4f358596ee8e6644&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d

Request Chain 188

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 190

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 202

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESECYup0tmCJHZow3DGjdHohc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Request Chain 220

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=14d253f3-7766-11eb-838a-02afc4d0ec4c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Request Chain 222

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=8224c548-a9e8-4783-acf6-a3f2c17224e0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Request Chain 226

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=559350ec-862b-4f26-91e6-76d226cb5525&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 227

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=24470353490961531600889017484322564602&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Request Chain 229

https://bn01.er.bemail.it/zeotap.php?_bid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021022513-22690-0.221167001614256589-2b45cc5204300d580bae8a8eb36f8ee6&zdid=533&env=mWeb

Request Chain 230

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6933179261414340756&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Request Chain 232

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361&bounce=1&random=4261032730 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=rdWZ4opKwpg/9XBwQ29stu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Request Chain 235

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-IxHCleR1lw2fiZykm01CzWdtEI5owmDKfg--&zpartnerid=570&env=mWeb

Request Chain 236

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Ly9gEfJYmDPx4hgcp%2Bhrv7I%2BFrmqv8Py%2BS41iYitP1U%3D

Request Chain 240

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YDeZzAAAAGsoRjoG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Request Chain 241

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Request Chain 242

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=N93GliIC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b

Request Chain 243

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361&dcc=t

Request Chain 244

https://tags.bluekai.com/site/87734?id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 255

https://rtb.openx.net/sync/dds?google_gid=CAESEDhoGkiL2lCJp6f52sWsPUA&google_cver=1&google_push=AQvitULYCrnJS_fChnSFO98rXk6p1VLByPabu66dGu8wV8AiyCkf8m-kf4eHiS1UteV7HuisulrM--k2EbjxBQaLa-d7-GjiojM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULYCrnJS_fChnSFO98rXk6p1VLByPabu66dGu8wV8AiyCkf8m-kf4eHiS1UteV7HuisulrM--k2EbjxBQaLa-d7-GjiojM&google_hm=8EKDqvsOyd8ij3heDoRUbg==

Request Chain 256

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEINAAZcuVftnKmuVB9x1NN4&google_cver=1&google_push=AQvitUKEsb3-VG7gUEmCvqva7-X9lKDPTpQE6u52uXodkm-KszQaHrJgssGF4G51Hcq-fY2Kph7sUbuBlM8XlKZ68WfUsBJwqQM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T8eNTv3HQ3-u1mxTyQgQzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEsb3-VG7gUEmCvqva7-X9lKDPTpQE6u52uXodkm-KszQaHrJgssGF4G51Hcq-fY2Kph7sUbuBlM8XlKZ68WfUsBJwqQM

Request Chain 257

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBFLnpFNnGInPnp5FHZU6x0&google_cver=1&google_push=AQvitUJIg3vE6gl223DxY2Sq20TB_FnZPJTXpPeI9qLVtevUkrQL7R_vd7xxaQYA-7d1UcPVZnXcKAU20_gbtAGH42C0UfTqQg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLVU9ZS0MtNC0ySThW&google_push=AQvitUJIg3vE6gl223DxY2Sq20TB_FnZPJTXpPeI9qLVtevUkrQL7R_vd7xxaQYA-7d1UcPVZnXcKAU20_gbtAGH42C0UfTqQg

Request Chain 258

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1&google_push=AQvitUJ566xEGDLN0A1tF63a7kZTY4szqlLz7gsFtLwPVK_d_Zi1SHkYu9QSPz3EWcMUf626NThGlwR-00d9LU3O4VJa92G06D4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1&google_push=AQvitUJ566xEGDLN0A1tF63a7kZTY4szqlLz7gsFtLwPVK_d_Zi1SHkYu9QSPz3EWcMUf626NThGlwR-00d9LU3O4VJa92G06D4

Request Chain 260

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBcLdTC2frzYCaXlPK4huns&google_cver=1&google_push=AQvitUL2kqfRo1Zb2bNwRcGvqSx--vmBtobxqOH9kr0k9UhsUXuzvqQOWqKrOrLzdw3_UwiJ35yaZ-a9n0kiGzZ43Ur_jWoPFiyV HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL2kqfRo1Zb2bNwRcGvqSx--vmBtobxqOH9kr0k9UhsUXuzvqQOWqKrOrLzdw3_UwiJ35yaZ-a9n0kiGzZ43Ur_jWoPFiyV&google_hm= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL2kqfRo1Zb2bNwRcGvqSx--vmBtobxqOH9kr0k9UhsUXuzvqQOWqKrOrLzdw3_UwiJ35yaZ-a9n0kiGzZ43Ur_jWoPFiyV&google_hm=&google_tc=

Request Chain 262

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB&dcc=t

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1

Request Chain 265

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDeZzNkXpdFLRZHHF7PWxQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDZDm0GN18K4IEBIi0E3hTs&google_cver=1

Request Chain 268

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-33bbb1de-a6c4-43bd-9ff1-e5fa073926ee

Request Chain 269

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YDeZzAAAAGsoRjoG HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YDeZzAAAAGsoRjoG&gdpr=1&_test=YDeZzAAAAGsoRjoG

Request Chain 272

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YDeZzAAAAFfGaCrK HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDeZzAAAAFfGaCrK&_test=YDeZzAAAAFfGaCrK

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJVaIC6T6YLzwXnW8yRumOE&google_cver=1

Request Chain 274

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa

Request Chain 275

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLKUOYKC-4-2I8V&sigv=1&esig=2~85fa4b6e1837dfa4cbe7f0df3614217009f61456

Request Chain 276

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLVU9ZS0MtNC0ySThW

Request Chain 278

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDI1YTE3ZmIxNTIxY2Q3MmYzYzc2ZmU1NzdhYjJiMzBjOWQ2ZGU1Yg

Request Chain 279

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/fInCcACfSucG7-0E8o0aeQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4180116159284779757

Request Chain 286

https://bbnaut.ibillboard.com/match/AdScale?partneruid=acedd7d794a14dab8f424710cd84f2bc&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=101&tpuid=BBID-01-02889705899544728-16219800

Request Chain 287

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=8e546932722862d0e41e6748b26ef7ae08a9efc8945c74126f5bc7845784cf43&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=

Request Chain 288

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=75&tpuid=3918247862574724850&gdpr=0

Request Chain 289

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=3b1912d2b76d1b24d41cbcb067daa9974dc4642a875a92a56dc0ba711377e33b&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YDeZzNkXpdFLRZHHF7PWxQAA%261102

Request Chain 290

https://track.adform.net/serving/cookie/match/?party=9&uid=b47ed5383da6a756178a6a3cce075047399785c7394771a27588ca7950ac83c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fimg&gdpr=0 HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=b47ed5383da6a756178a6a3cce075047399785c7394771a27588ca7950ac83c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=42&gdpr=0&tpuid=3377596905015690280

Request Chain 291

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=e53aee6bbc9de73ccab2dae3e485990ccd0eb0556fadc06e5b0b6187bc16c55a&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588587%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=aa68762f-8f5e-4fd7-9e2f-15c56e4c5b75

Request Chain 298

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3918247862574724850

Request Chain 300

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-EvbVqJd1l2buZJ64pHnCzgBfX1x7fFOEi3.0j0U-

Request Chain 306

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=b7fab51e136842257177c12d63e4026057f0a247d337da352269db77e4e56ffd&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588587%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=

Request Chain 307

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3918247862574724850

Request Chain 309

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB

Request Chain 310

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJKiE7AbzQAABH68Xwcaw&expiration=1615466191

Request Chain 312

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05ec2203030cbb8396b9be93&expiration=[EXPIRATION]

Request Chain 313

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=927E346584BA4DBAA3813AB521EB4615&gdpr=1

Request Chain 314

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6675429921038683174&uid=Q6675429921038683174&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 316

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=dab46ee5e468b9c591e66557d8a6d3fedd7ccf79249d5d4af38ed1464d2274a5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fjs&gdpr=0 HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=dab46ee5e468b9c591e66557d8a6d3fedd7ccf79249d5d4af38ed1464d2274a5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/js?tpid=48&tpuid=d2c1de05dcf1cd6e2feed68bca1f7e05

Request Chain 321

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

Request Chain 323

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKS2lFN0FielFBQUJINjhYd2Nhdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJKiE7AbzQAABH68Xwcaw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJKiE7AbzQAABH68Xwcaw&pid=558502&do=add HTTP 303
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJKiE7AbzQAABH68Xwcaw&pid=558502&do=add&_bee_ppp=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeoU7AbzQAABADGLyooA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 324

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933179261414340756

Request Chain 325

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=t4XFz3rRYvAfohvTORYdWYGU

Request Chain 326

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

Request Chain 328

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 329

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=3NmKqcP2z27R&pid=557219

Request Chain 330

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d75983e5-27a2-4cc0-8804-1ce9ed1a24a8-tuct7311f51&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 331

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

Request Chain 332

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:eLIyDnRD1LffSG5&gdpr=0&gdpr_consent=

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T8eNTv3HQ3-u1mxTyQgQzw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 336

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 337

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&addseg=21

Request Chain 338

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEZDNzhENEUtRkRDNy00MzdGLUFFRDYtNkM1M0M5MDgxMENG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 339

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOf6gPpeh-Qq2_sPLO52ufY&google_cver=1

Request Chain 341

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3377596905015690280

Request Chain 342

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8224c548-a9e8-4783-acf6-a3f2c17224e0

Request Chain 343

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=

Request Chain 344

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3918247862574724850&gdpr=0&gdpr_consent=

Request Chain 345

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MkXw.Ix1l2KWGo.H6y.aYihEypL7JjU-&gdpr=0&gdpr_consent=

Request Chain 347

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6cbc9374-a239-4789-b75c-067d36e1f38a&ssp=pubmatic HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=1&user_id=6cbc9374-a239-4789-b75c-067d36e1f38a&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=63a36526-70b7-4907-a294-4c1045712e08&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 348

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VI9h-VuGMa1PhzOvBI9_rweNZqtPj2r6U4l_-Tes

Request Chain 349

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7783561373678775756&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 350

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDeZzAAAAGsoRjoG&gdpr=0&gdpr_consent=

Request Chain 351

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 353

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4676abc6-3007-460c-8937-7130fd948adb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 354

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5642703577122305677

Request Chain 355

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_bec54e7e-95ae-4712-ad72-791f26601887

Request Chain 357

https://bcp.crwdcntrl.net/5/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr

Request Chain 358

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent

Request Chain 361

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=ce262fbc635396c1ce2f5364ddbd47e2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=ce262fbc635396c1ce2f5364ddbd47e2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=1b2d3850-7766-11eb-a965-3a750b5c05a6

Request Chain 365

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=null HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=null&google_gid=CAESEEFxsmetTAaA_Y43Beo7I5M&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 366

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=null HTTP 302
https://a.audrte.com/a?adform_uid=5316896818216049983 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&google_gid=CAESEEFxsmetTAaA_Y43Beo7I5M&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=

359 HTTP transactions
31 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.5.ua/ 551 KB
78 KB 343ms
319ms Document
text/html 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: e3da1a5944dc5da09a47e05e4f80eb5958248db160e289f418783e16d721be2a

Request headers

:method: GET
:authority: www.5.ua
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4922024089dcddef9665eb651c2757a21614256586; expires=Sat, 27-Mar-21 12:36:26 GMT; path=/; domain=.5.ua; HttpOnly; SameSite=Lax; Secure _csrf-frontend=2673f638163c130f6291f7a938d3662bd54107559d509c4712588afc526b5527a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22wdx7yoCsvzvvflbWEO6rhEeu562MxsLI%22%3B%7D; path=/; HttpOnly
cf-railgun: 67a923952d stream 0.000000 0200 57da
vary: Accept-Encoding
x-powered-by: PHP/7.0.33
cf-cache-status: DYNAMIC
cf-request-id: 087ac9d56300002c2e2a28c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 627178cf0cee2c2e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 roboto-bold-webfont.woff2
www.5.ua/fonts/roboto/ 62 KB
62 KB 23ms
22ms Font
font/woff2 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/fonts/roboto/roboto-bold-webfont.woff2
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d

Request headers

Origin: https://www.5.ua
Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
cf-cache-status: HIT
age: 89564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63320
cf-request-id: 087ac9d6ab00002c2e2a2a3000000001
last-modified: Wed, 03 Feb 2021 08:43:41 GMT
server: cloudflare
etag: "601a623d-f758"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d108412c2e-FRA
expires: Fri, 26 Mar 2021 11:43:42 GMT

GET
H2 200 roboto-regular-webfont.woff2
www.5.ua/fonts/roboto/ 62 KB
62 KB 35ms
35ms Font
font/woff2 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/fonts/roboto/roboto-regular-webfont.woff2
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e

Request headers

Origin: https://www.5.ua
Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
cf-cache-status: HIT
age: 89564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63412
cf-request-id: 087ac9d6b700002c2e57b93000000001
last-modified: Wed, 03 Feb 2021 08:43:41 GMT
server: cloudflare
etag: "601a623d-f7b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d1084b2c2e-FRA
expires: Fri, 26 Mar 2021 11:43:42 GMT

GET
H2 200 helioscond-bold-webfont.woff2
www.5.ua/fonts/helioscond/ 17 KB
17 KB 41ms
41ms Font
font/woff2 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/fonts/helioscond/helioscond-bold-webfont.woff2
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d568f192c576f136afeeb596dce1070cfd9bea7dcb1ea7b591da7ba4ff6b127f

Request headers

Origin: https://www.5.ua
Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
cf-cache-status: HIT
age: 89564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17264
cf-request-id: 087ac9d6b700002c2e2528c000000001
last-modified: Wed, 11 Jan 2017 15:03:15 GMT
server: cloudflare
etag: "58764933-4370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d108622c2e-FRA
expires: Fri, 26 Mar 2021 11:43:41 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

345da7c19b56d35e255a18ce8efe26a10e0908e56d0e1e8117cbf3bdea320d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "794 / 364 of 1000 / last-modified: 1614255136"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19392
x-xss-protection: 0
expires: Thu, 25 Feb 2021 12:36:26 GMT

GET
H2 200 styles.min.css
www.5.ua/css/ 206 KB
39 KB 42ms
41ms Stylesheet
text/css 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/css/styles.min.css?v=1612950281
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1917a146b7b51f7aff532ac1abb4b6848ba7a443074d24ba8f543531fe3da716

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 09:44:41 GMT
server: cloudflare
age: 3142
etag: W/"6023ab09-33675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 627178d128632c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6b700002c2efeb8f000000001
expires: Thu, 25 Feb 2021 17:44:04 GMT

GET
H2 200 head_js-modernizr.min.js Show response
www.5.ua/js/core/ 16 KB
6 KB 36ms
32ms Script
application/javascript 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/js/core/head_js-modernizr.min.js
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9bed3de8b4f55f925c2cead7b90ed8c50ee72259f9d1ce50aa466ba33ae459a

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 3085
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6b800002c2e46bc5000000001
pragma: public
last-modified: Thu, 26 Jan 2017 14:25:35 GMT
server: cloudflare
etag: W/"588a06df-3f51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 627178d128652c2e-FRA
expires: Thu, 25 Feb 2021 17:45:01 GMT

GET
H2 200 api.js Show response
www.5.ua/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 12ms
6ms Script
text/javascript 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.5.ua/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 627178d1791b2c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6ec00002c2e3e02b000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
38 KB 26ms
20ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKCD28

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e28f593aa0c52f459c7da1d9e0ec6bba11bea1626457b4c50cb9e7bafacc74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38421
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Feb 2021 12:36:26 GMT

GET
H2 200 logo-dv.svg
www.5.ua/img/logo/ 3 KB
2 KB 19ms
14ms Image
image/svg+xml 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5.ua/img/logo/logo-dv.svg
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 073b41d117e725870f33ec4a4f111e1744d17ad9a81c33d98c4c5b1e9469d51e

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Sep 2020 13:03:06 GMT
server: cloudflare
age: 3136
etag: W/"5f5f6a0a-db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 627178d1791d2c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6ec00002c2efca28000000001
expires: Thu, 25 Feb 2021 17:44:10 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 13:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342279
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 13:31:47 GMT

GET
H2 200 yii.js Show response
www.5.ua/assets/48e9790/ 20 KB
5 KB 27ms
27ms Script
application/javascript 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/assets/48e9790/yii.js?v=1600719935
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 796bab2b50aec1d2e2564950f8b912c6ae172281a7ecbe378dd1bc68ce7669bc

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Sep 2020 20:25:35 GMT
server: cloudflare
age: 3118
etag: W/"5f690c3f-51af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 627178d158db2c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6d700002c2e6c82d000000001

GET
H2 200 jquery-ui-new.min.js Show response
www.5.ua/js/core/ 250 KB
64 KB 34ms
29ms Script
application/javascript 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/js/core/jquery-ui-new.min.js?v=1485440735
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9933b17f62ddedcdaadf32e641bf0fdd86fdf822cc055a25c946e4f12b1b9e62

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 3142
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6eb00002c2ef42fa000000001
pragma: public
last-modified: Thu, 26 Jan 2017 14:25:35 GMT
server: cloudflare
etag: W/"588a06df-3e742"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 627178d179132c2e-FRA
expires: Thu, 25 Feb 2021 17:44:04 GMT

GET
H2 200 jquery.plugins.min.js Show response
www.5.ua/js/plugins/ 72 KB
18 KB 26ms
23ms Script
application/javascript 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9dc4ba428b568043191bc4d1f91daf62168239c8df7c504ff04601373ceb804

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 3142
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6eb00002c2e46bc8000000001
pragma: public
last-modified: Thu, 02 Jul 2020 08:02:08 GMT
server: cloudflare
etag: W/"5efd9480-1209f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 627178d179152c2e-FRA
expires: Thu, 25 Feb 2021 17:44:04 GMT

GET
H2 200 scripts.min.js Show response
www.5.ua/js/ 23 KB
5 KB 25ms
22ms Script
application/javascript 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/js/scripts.min.js?v=1603806631
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485ec6125d1ef7861ad39985261654db3c0cedd2ad1db781e12d4655a2c81e

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 3138
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6eb00002c2e1f350000000001
pragma: public
last-modified: Tue, 27 Oct 2020 13:50:31 GMT
server: cloudflare
etag: W/"5f9825a7-5cd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 627178d179182c2e-FRA
expires: Thu, 25 Feb 2021 17:44:08 GMT

GET
H2 200 lazy-scripts.min.js Show response
www.5.ua/js/ 4 KB
2 KB 19ms
16ms Script
application/javascript 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/js/lazy-scripts.min.js?v=1593676928
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b47640444bf21fc22987897586f6713c2ed97cf5a83d84ebb74cb9c258029532

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 3138
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6ec00002c2e3e9c4000000001
pragma: public
last-modified: Thu, 02 Jul 2020 08:02:08 GMT
server: cloudflare
etag: W/"5efd9480-11e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 627178d1791a2c2e-FRA
expires: Thu, 25 Feb 2021 17:44:08 GMT

GET
H2 200 form.min.js Show response
www.5.ua/components/search/ 1 KB
506 B 27ms
22ms Script
application/javascript 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/components/search/form.min.js?v=1593676928
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cab79c5160c0c4ef4aea5ee18956bb3626421e6f46da6f9a7d600de6df55d17

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Jul 2020 08:02:08 GMT
server: cloudflare
age: 3132
etag: W/"5efd9480-449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 627178d179272c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d6ef00002c2e609c7000000001
expires: Thu, 25 Feb 2021 17:44:14 GMT

GET
H2 200 shareaholic.js Show response
cdn.shareaholic.net/assets/pub/ 9 KB
4 KB 171ms
56ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: b2edff214ab969086c5028141e42d78fb367851ad5fa67061d8b558caab40f7b

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 19:42:56 GMT
server: nginx
x-amz-request-id: 8M4V8W0TBJ8T2Y5W
etag: "57a6e02c7ebf67048216617510e9b28a"
x-hw: 1614256586.cds012.lo4.hn,1614256586.cds005.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1200, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 3698
x-amz-id-2: vT0IGTKsQlIP4fdevueJ1NvVg/AgMV9Lhw4XccvlL4BAw4aQ55c/ASYfAqtwQs5LdjM5R9q1ZVI=

GET
H2 200 api Show response
piguiqproxy.com/ 0
401 B 132ms
44ms XHR
text/plain 185.187.81.38

General

Check archive.org

Show headers Download Go to

Full URL: https://piguiqproxy.com/api
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.38 Kyiv, Ukraine, ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.5.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
cache-control: no-cache, no-store
x-check: f7783c4c685e7e569eb8f688c0952e22
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 wrapper_hb_313501_8344.js Show response
player.adtcdn.com/prebidlink/448404/ 161 KB
25 KB 78ms
32ms Script
application/javascript 2606:4700:3031::6815:327d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/448404/wrapper_hb_313501_8344.js
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:327d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cadf6d394e339fca290395c0672e7b0f11d5b401745c5b41f2b123d72587237

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 709
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d71b0000d6e525986000000001
last-modified: Wed, 24 Feb 2021 11:21:25 GMT
server: cloudflare
etag: W/"603636b5-282cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OZUom1LfrsBshI1CTByjKaJ6So5IBZKudThua3VRrguJ%2BPsdi7bfvwon%2FuOczTsNffA8tEu1QjVczokCyaaHkSX5rpCVQS%2FMJUGFHtW4PZf7%2FBMlXsG3F0ZOHBWL4g%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 627178d1cfc3d6e5-FRA
expires: Thu, 25 Feb 2021 12:39:37 GMT

GET
H2 200 logo-sprite.svg
www.5.ua/img/logo/ 54 KB
11 KB 16ms
16ms Image
image/svg+xml 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5.ua/img/logo/logo-sprite.svg
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112166bf87184943fc6a4d627efac5445f02670cd4ecf55587f5d67b78986342

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Jan 2017 15:03:15 GMT
server: cloudflare
age: 3141
etag: W/"58764933-d840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 627178d1b9a82c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d71200002c2e4a8b9000000001
expires: Thu, 25 Feb 2021 17:44:05 GMT

GET
DATA 200
OK truncated
/ 743 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 186fb6f7edbbeda01728ada4652cda14a27340275e0b478485f007d1648cd774

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a36debcfaefa0268cdb972291fe5f2055f0737cb6e75a1bbb328a9a306b8f8c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 277 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb6a1ca26492b388e1be34b834404064c04a6e68c9794d83cfc8b02644d07f85

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 374 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76daad608660fc47060ac42479b0413c3d211544ad4d77573e6cbf5f3a16fb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c164faa768d0c5f23c2f971638665afc8eff53255872299b9a4a9de24a11ea3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 722 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6667079de105057ab1cc4e4f7f6610dce15d9d633ed143183f4a207fc4e622aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 416 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0bf270709dbc0062ea29408210510b2aeefc8793434c43b4915986555c44ebf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffa5d5f02b8706cbf6af9dcd33406dec9ee9006f57ad03912e10bec1d57db747

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a9b1d80adb489b4beecb166d05e2360d7dfbd388378c76d0dffb90a80424dd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 416 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e793a6d654e64f50d1ee4c5313dd41956781384df5cec39aab09648db4a6766

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 605 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a641707e7fd5f9d5b4f2ecccf2047ba269ba2e5e6b1f0409b8e8705658f7851b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f04d551197e3b098a8216b0a0104037f2a8bc8b4f71bd41181bcd13438bebe2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2f752697bd33df4852991705c94be3069fc954847004ca0b75e514ed597ad44

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo_day.svg
www.5.ua/img/logo/ 3 KB
2 KB 16ms
15ms Image
image/svg+xml 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5.ua/img/logo/logo_day.svg
Requested by: Host: www.5.ua
URL: https://www.5.ua/css/styles.min.css?v=1612950281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5020f40820787eb99460bce11732b0120527e85b418fba50ab4c2711c308bc4

Request headers

Referer: https://www.5.ua/css/styles.min.css?v=1612950281
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Sep 2020 13:03:06 GMT
server: cloudflare
age: 2035
etag: W/"5f5f6a0a-db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 627178d20a232c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d74300002c2e1f359000000001
expires: Thu, 25 Feb 2021 18:02:31 GMT

GET
H2 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ 290 KB
102 KB 84ms
83ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Thu, 25 Feb 2021 12:36:26 GMT

GET
DATA 200
OK truncated
/ 223 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5b62d40921fb76a6a407047dc6438929bb1ef88ce5f6df1195eae119f0385a1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 223 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cded380ddc97c0b532c85a446c1e30b353ee795ebea0ee20f5e0e5000a1deaeb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74234027b67e5fa479110dd5eaa985d791ce841cc9cb6140d8a18574d84d641f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VM275ZDL21&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCD28

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfff9354ba9811ff9ed3660d6961f840d864255bf398e3c4ff7f77ffc044bcb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53733
x-xss-protection: 0
expires: Thu, 25 Feb 2021 12:36:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCD28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2030
date: Thu, 25 Feb 2021 12:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 25 Feb 2021 14:02:36 GMT

GET
H2 200 hb_313501_8344.js Show response
player.adtelligent.com/prebidlink/ex18684/ 295 KB
93 KB 221ms
67ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/448404/wrapper_hb_313501_8344.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 56b519d9ddfda4f2c3918cfd492a97f21402d666d5c372d17c3d80693d5e077b

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 19:02:23 GMT
server: nginx
etag: W/"6035513f-49c80"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 25 Feb 2021 13:36:26 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
410 B 88ms
27ms XHR
image/gif 2a0c:5c81:5052::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=313501&site_id=8344&full_page_url=https%3A%2F%2Fwww.5.ua%2F&adid=kuoxxw.fz&vpbv=0740&lifecycle_tte=655
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/448404/wrapper_hb_313501_8344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5052::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.5.ua
Date: Thu, 25 Feb 2021 12:36:26 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 87ms
86ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

d15fa0f252484edce146935d43590773d865614b255f7740c3435c170247bd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "794 / 226 of 1000 / last-modified: 1614249741"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19396
x-xss-protection: 0
expires: Thu, 25 Feb 2021 12:36:26 GMT

GET
DATA 200
OK truncated
/ 456 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e92189e138b505b27d2f607e14bf62ef2eed575df15f6bbea9fbd8c7bbdb29d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 660 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6016402b22007239e8540542e89bd8b6ada2d113bf70c7c4aa621c16e0bc370c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 268 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca20712fc836ba9d51cb7bc766b1095867f2ebd221e050d8aa79990ff7016444

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6ea2f92c9e4e38cf818da0d51c84f755200d0e9a8b24f73bde687022ecdd42

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6ea93782788a35fff8c878d709489ca2c06ec6534cf6b4f211cdc747d49f503

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 359 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7e5cd0998c4a06587d6f3a0f3941380d0c9f7eec7756dd747b36f5f301a4800

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 438 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74ad7b4a00b914bdcfc27faefbe0f281a40966d1a152f618fdc776c32a8fcfa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 86 KB
29 KB 110ms
37ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 04663c266755839c4b2e26190644235f4726102f96fef17fb33b900d72e0384b

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:17 GMT
server: nginx
etag: W/"6034f121-156c2"
x-cached-since: 2021-02-25T12:35:03+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Feb 2021 12:24:21 GMT

GET
H2 200 sdk.js Show response
api.traq.li/public/sdk/v04/ 43 KB
14 KB 57ms
28ms Script
application/javascript 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/public/sdk/v04/sdk.js?v=xxx
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7c1ac07d8f07cff11fe8c359fc922fe3fe349a30449df29561825355eb622b

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1528
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node: 1
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9d85700002c3e0e0e3000000001
last-modified: Tue, 09 Feb 2021 15:00:43 GMT
server: cloudflare
etag: W/"1bbdd-177874f179b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FSuI3EoXN0HO3vW76ouB5wpWfA1gnF%2F%2FM7npP9a6uiFweP03ECrrs3YxpeohlPjDUzsRIXHQ0SLT6PB%2F%2FANGdIIqZIhL2ij8niDoPNnGOV9CPpNteKYZ0Q%3D%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api.traq.li
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 627178d3bb9c2c3e-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Thu, 25 Feb 2021 12:40:58 GMT

GET
DATA 200
OK truncated
/ 588 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6172f3cad225741f89effdf290b37f5d5924d57038ce8ab502a90f703e202a0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 588 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d891a3caf07774ba2732761542748e5b125ea5037e0f72d4f8f64ac6cedd161f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 605 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0c36c4d23c4977b110f998806928dd944fea7594bb7b9b6abfc4a617a8f4c54

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 513 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71ddd4b3a6c15a6b8a30ddc48f5653ba474c2d10c0b9b26bfd35bbc0a0971d6e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/67aaf4ae/ 149 KB
44 KB 203ms
59ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/67aaf4ae/main.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: a1a12573c989a95e0b4449174ce4bd42157c61ea30585f56a72eedd29a707f68

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 19:42:51 GMT
server: nginx
x-amz-request-id: BB3F363E9D6A6B13
etag: "af69bd8e4f564ffac7d4fa5c12e0b278"
x-hw: 1614256587.cds045.lo4.hn,1614256587.cds068.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 44221
x-amz-id-2: zLt811jMEbaalhx4y2rh1QmgvNnKUJsW9uAJkO1nIlqHCDReNHdLLMt2qTCEf03CIi0orNhx3Fo=

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 584 B
607 B 24ms
24ms XHR
application/json 2a0c:5c81:5052::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=575120&aid2=575121&aid3=607661
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/448404/wrapper_hb_313501_8344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5052::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 8150bd4ba42b0abb5c7deadf5096d1964c19bdcf5504e7b99d320fc74206f059

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:26 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.5.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 324

GET
H2 200 194467.jpg
www.5.ua/media/pictures/820x546/ 34 KB
35 KB 56ms
48ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/820x546/194467.jpg?t=1600240740

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a460988f663e1c6329042351a9e91b057ccadc01a7adc97d5c2b9bec3bc1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12603
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35224
cf-request-id: 087ac9d95800002c2e4d8b4000000001
last-modified: Wed, 16 Sep 2020 07:19:11 GMT
server: cloudflare
etag: "5f61bc6f-8998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f212c2e-FRA
expires: Thu, 25 Feb 2021 15:06:24 GMT

GET
H2 200 209098.jpg
www.5.ua/media/pictures/300x200/ 51 KB
51 KB 30ms
22ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209098.jpg?t=1613482561

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa97895f074ccab6823c4c347bb7a03c507edf420208611ea35b318cbc992efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18766
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51897
cf-request-id: 087ac9d95800002c2e430b8000000001
last-modified: Tue, 16 Feb 2021 13:36:04 GMT
server: cloudflare
etag: "602bca44-cab9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f222c2e-FRA
expires: Thu, 25 Feb 2021 13:23:41 GMT

GET
H2 200 209743.jpg
www.5.ua/media/pictures/300x200/ 55 KB
55 KB 29ms
22ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209743.jpg?t=1614084290

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a48078ba158561b44a98b1c34886e6c6fde79d74655c1982d4488d94219c21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10101
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56145
cf-request-id: 087ac9d95800002c2e5a137000000001
last-modified: Tue, 23 Feb 2021 12:44:52 GMT
server: cloudflare
etag: "6034f8c4-db51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f252c2e-FRA
expires: Thu, 25 Feb 2021 15:48:06 GMT

GET
H2 200 181566.jpg
www.5.ua/media/pictures/300x200/ 9 KB
9 KB 52ms
44ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/181566.jpg?t=1585396290

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b7104e206c3a54d4a6fec07701e7ff2c4c45a5869d764c600e86daf9690403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5674
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9409
cf-request-id: 087ac9d95800002c2e61b38000000001
last-modified: Sat, 30 May 2020 16:44:46 GMT
server: cloudflare
etag: "5ed28d7e-24c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f262c2e-FRA
expires: Thu, 25 Feb 2021 17:01:53 GMT

GET
H2 200 210016.jpg
www.5.ua/media/pictures/300x200/ 47 KB
47 KB 23ms
16ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/210016.jpg?t=1614243503

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dd39a2093f6233f5dc9653522f770defcca908b2fea8926f74e60fa9e437d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12978
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47982
cf-request-id: 087ac9d95900002c2e4b086000000001
last-modified: Thu, 25 Feb 2021 08:58:26 GMT
server: cloudflare
etag: "603766b2-bb6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f272c2e-FRA
expires: Thu, 25 Feb 2021 15:00:09 GMT

GET
H2 200 210009.jpg
www.5.ua/media/pictures/820x546/ 37 KB
37 KB 28ms
21ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/820x546/210009.jpg?t=1614238703

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9c13e4f54b53d83174136112d88c94e10116241dbac7e04d98a72cd34151bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17816
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37710
cf-request-id: 087ac9d95900002c2e27a1f000000001
last-modified: Thu, 25 Feb 2021 07:38:26 GMT
server: cloudflare
etag: "603753f2-934e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f282c2e-FRA
expires: Thu, 25 Feb 2021 13:39:31 GMT

GET
H2 200 209891.jpg
www.5.ua/media/pictures/820x546/ 47 KB
48 KB 21ms
14ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/820x546/209891.jpg?t=1614160374

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60403cfb9d5b48fd628b725249d22d063fc5063acf299b4549cd2c118bfa6059

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20224
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48477
cf-request-id: 087ac9d95900002c2e609eb000000001
last-modified: Wed, 24 Feb 2021 09:52:58 GMT
server: cloudflare
etag: "603621fa-bd5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f292c2e-FRA
expires: Thu, 25 Feb 2021 12:59:23 GMT

GET
H2 200 209983.jpg
www.5.ua/media/pictures/820x546/ 63 KB
63 KB 50ms
43ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/820x546/209983.jpg?t=1614183635

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55f799a127b930bf5bdbd61c9c0b8c99489bc3d4482b2970fc8aaf78ba702ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3538
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64324
cf-request-id: 087ac9d95900002c2e691aa000000001
last-modified: Wed, 24 Feb 2021 16:20:39 GMT
server: cloudflare
etag: "60367cd7-fb44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f2a2c2e-FRA
expires: Thu, 25 Feb 2021 17:37:29 GMT

GET
H2 200 210033.jpg
www.5.ua/media/pictures/300x200/ 68 KB
68 KB 23ms
17ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/210033.jpg?t=1614255177

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85c8490ba438a6484adf0b1475a4e3942b3ade32dd5b5e7b0171295191857c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1234
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69743
cf-request-id: 087ac9d95900002c2e2c88e000000001
last-modified: Thu, 25 Feb 2021 12:13:00 GMT
server: cloudflare
etag: "6037944c-1106f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f2b2c2e-FRA
expires: Thu, 25 Feb 2021 18:15:53 GMT

GET
H2 200 33124.jpg
www.5.ua/media/pictures/300x200/ 19 KB
19 KB 24ms
18ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/33124.jpg?t=1424179210

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c361faa49fbbe154e35e4425183f45f8ae913c8ffb9ef45de0040a27cd6191c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20172
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19294
cf-request-id: 087ac9d95900002c2e64347000000001
last-modified: Fri, 13 Jan 2017 22:13:18 GMT
server: cloudflare
etag: "587950fe-4b5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f2c2c2e-FRA
expires: Thu, 25 Feb 2021 13:00:15 GMT

GET
H2 200 209532.jpg
www.5.ua/media/pictures/300x200/ 30 KB
31 KB 25ms
18ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209532.jpg?t=1613919984

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d96623e4fbef35c698405e8d7b2cdac7be826780c6a722e20eb564a55a65fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3107
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31110
cf-request-id: 087ac9d95a00002c2ef9934000000001
last-modified: Sun, 21 Feb 2021 15:06:08 GMT
server: cloudflare
etag: "603276e0-7986"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f2d2c2e-FRA
expires: Thu, 25 Feb 2021 17:44:40 GMT

GET
H2 200 209980.jpg
www.5.ua/media/pictures/300x200/ 45 KB
45 KB 26ms
20ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209980.jpg?t=1614183314

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

089ae84ce1b7810c22b1e688a291d683b71d4abcfd0a1f1bd33cd220be95e387

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2178
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46134
cf-request-id: 087ac9d95a00002c2ef70bf000000001
last-modified: Wed, 24 Feb 2021 16:15:16 GMT
server: cloudflare
etag: "60367b94-b436"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f2e2c2e-FRA
expires: Thu, 25 Feb 2021 18:00:09 GMT

GET
H2 200 179952.jpg
www.5.ua/media/pictures/300x200/ 80 KB
80 KB 25ms
19ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/179952.jpg?t=1611393299

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bef7f0fbf2abbfd0e5b1630549220e6775db401a09496370a64d1a365b61a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3107
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81964
cf-request-id: 087ac9d95a00002c2e153fe000000001
last-modified: Sat, 23 Jan 2021 11:14:24 GMT
server: cloudflare
etag: "600c0510-1402c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f2f2c2e-FRA
expires: Thu, 25 Feb 2021 17:44:40 GMT

GET
H2 200 95538.jpg
www.5.ua/media/pictures/300x72/ 17 KB
17 KB 27ms
21ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x72/95538.jpg?t=1502292107

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05db08f9c3962055e5a6d48b7d7d6d54a33d59ca3e7a1fe4cdf30bd19412f1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2949
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17726
cf-request-id: 087ac9d95a00002c2e110d6000000001
last-modified: Wed, 09 Aug 2017 15:21:43 GMT
server: cloudflare
etag: "598b2887-453e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f312c2e-FRA
expires: Thu, 25 Feb 2021 17:47:18 GMT

GET
H2 200 184384.jpg
www.5.ua/media/pictures/300x72/ 5 KB
5 KB 24ms
19ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x72/184384.jpg?t=1589785738

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e546f34478619f60b092b8000e8223c26155d8d0c7829569c5ef33aaa3082f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2949
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4713
cf-request-id: 087ac9d95b00002c2e141e5000000001
last-modified: Sat, 30 May 2020 17:08:05 GMT
server: cloudflare
etag: "5ed292f5-1269"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f332c2e-FRA
expires: Thu, 25 Feb 2021 17:47:18 GMT

GET
H2 200 180855.jpg
www.5.ua/media/pictures/300x72/ 3 KB
3 KB 25ms
20ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x72/180855.jpg?t=1584353207

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbef1f31be942e9e91d3b04f5f24b0209b1739aba33cbd20dfcf139792f59d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2949
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3176
cf-request-id: 087ac9d95b00002c2e6f323000000001
last-modified: Sat, 30 May 2020 17:07:09 GMT
server: cloudflare
etag: "5ed292bd-c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f342c2e-FRA
expires: Thu, 25 Feb 2021 17:47:18 GMT

GET
H2 200 209681.jpg
www.5.ua/media/pictures/300x200/ 87 KB
88 KB 25ms
20ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209681.jpg?t=1614017359

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d6e718dff6f581add7ac5cb79a2fe5e9ea7182778abbfe414e45bc315e5e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3110
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89442
cf-request-id: 087ac9d95b00002c2e09b83000000001
last-modified: Mon, 22 Feb 2021 18:09:29 GMT
server: cloudflare
etag: "6033f359-15d62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f352c2e-FRA
expires: Thu, 25 Feb 2021 17:44:37 GMT

GET
H2 200 208909.jpg
www.5.ua/media/pictures/300x200/ 45 KB
46 KB 26ms
21ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/208909.jpg?t=1613381373

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b58f96f51273c01f06940a6c53b8bf28becbf1669bd79f7525bc805af8968ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3095
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46417
cf-request-id: 087ac9d95b00002c2e39bc3000000001
last-modified: Mon, 15 Feb 2021 09:29:35 GMT
server: cloudflare
etag: "602a3eff-b551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f362c2e-FRA
expires: Thu, 25 Feb 2021 17:44:52 GMT

GET
H2 200 207766.jpg
www.5.ua/media/pictures/300x200/ 67 KB
67 KB 48ms
44ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/207766.jpg?t=1612287137

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc369cf68b75544ce894f39bb5c59e1522530f196f252faf92a6ea290d31625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3095
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68616
cf-request-id: 087ac9d95b00002c2e041e7000000001
last-modified: Tue, 02 Feb 2021 17:32:40 GMT
server: cloudflare
etag: "60198cb8-10c08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627178d55f392c2e-FRA
expires: Thu, 25 Feb 2021 17:44:52 GMT

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame D059 2 KB
1 KB 90ms
25ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/448404/wrapper_hb_313501_8344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1d724b775c3d9ce659b50edea9d719e4155682a4842a225420d0e26e10267c8e

Request headers

Host: s.console.adtarget.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.5.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.5.ua/

Response headers

Server: VertaMedia 1.0
Date: Thu, 25 Feb 2021 12:36:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 975
Access-Control-Allow-Origin: https://www.5.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2

200

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=99e4cde000f4b5a0

35 B
231 B

194ms
54ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=99e4cde000f4b5a0
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=99e4cde000f4b5a0
Date: Thu, 25 Feb 2021 12:36:27 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
531 B 37ms
13ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.5.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

OPTIONS
H2 200 479
api.traq.li/publisher/fusion/lucid/data/ Frame 0
0 191ms
176ms Other 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/publisher/fusion/lucid/data/479?email=&visitor=&stored_visitor=&tqid=
Protocol: H2
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.5.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.5.ua
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 86400
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node: 0
cf-cache-status: DYNAMIC
cf-request-id: 087ac9da080000d6b5c037e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Btnyr8p9gcGW2OX6xn2UweTO2MJ4kexUB3QkVo0wlyOKFpOM4k5nZ%2FXE5QFj5jN4agZqLeK6NPvKXbFgCJjyweDI35li%2B5yxA2c5h49Xv1EXr0d7O%2BnSvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 627178d67c61d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 479 Show response
api.traq.li/publisher/fusion/lucid/data/ 2 KB
1 KB 188ms
187ms XHR
application/json 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/publisher/fusion/lucid/data/479?email=&visitor=&stored_visitor=&tqid=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 913f591ad91b8f98db19677b3e82eac3415d53adb15f7752e0770b086859e85e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node: 1
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9dab800002c3ee29cf000000001
server: cloudflare
etag: W/"796-pLq36mVXLLT6li/fn/GhpBuKtWY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BUol4iChYMTcAPBPu%2Bo7NJBF7zKZYyIq9R8QKS%2F%2FDEC22Jb1XtxbCOizihy6MT3QvKN9dFGej2c4XtJV99tio0kDhyiDq2A4D1hlIoZl%2Fr2aVUVD5Nh6LA%3D%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.5.ua
access-control-allow-credentials: true
cf-ray: 627178d7891f2c3e-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/ Frame 5DCB 637 B
491 B 43ms
41ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345

Request headers

:method: GET
:authority: cdn.admixer.net
:scheme: https
:path: /scripts3/c.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.5.ua/

Response headers

server: nginx
date: Thu, 25 Feb 2021 12:36:27 GMT
content-type: text/html
last-modified: Tue, 23 Feb 2021 12:12:12 GMT
vary: Accept-Encoding
etag: W/"6034f11c-27d"
expires: Fri, 25 Feb 2022 18:32:35 GMT
cache-control: max-age=31622400
access-control-allow-origin: *
cache: HIT
x-cached-since: 2021-02-24T18:33:46+00:00
x-id: fr5-up-gc35
content-encoding: gzip

GET
H2 200 a8a148633e21eed64eca.b.js Show response
cdn.admixer.net/scripts3/ 82 KB
22 KB 46ms
44ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/a8a148633e21eed64eca.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fee5f4c87dabd8d30661714f8adababf64ba25b7cec543517eb5e80351a8dbef

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:09 GMT
server: nginx
etag: W/"6034f119-14693"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:32+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Feb 2022 12:15:22 GMT

GET
H2 200 6fa96355928421f02a02.b.js Show response
cdn.admixer.net/scripts3/ 91 KB
25 KB 50ms
49ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 73f6bfc962639314b45d8158b9ddd8507868233ebfba15d6d11c74f8213721d0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:06 GMT
server: nginx
etag: W/"6034f116-16d53"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:39+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Feb 2022 12:14:23 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
346 B 34ms
13ms Other
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VM275ZDL21&gtm=2oe2h0&_p=435096491&sr=1600x1200&_gaz=1&ul=en-us&cid=1666241453.1614256587&_s=1&dl=https%3A%2F%2Fwww.5.ua%2F&dt=%D0%9F%D0%B5%D1%80%D1%88%D0%B8%D0%B9%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%225%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%22%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%96&sid=1614256586&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VM275ZDL21&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
69 B 14ms
14ms Other
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VM275ZDL21&cid=1666241453.1614256587&gtm=2oe2h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VM275ZDL21&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VM275ZDL21&cid=1666241453.1614256587&gtm=2oe2h0&aip=1&z=1790614584

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313344/ 2 KB
1 KB 128ms
42ms XHR
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313344/config.json?cb=https%3A%2F%2Fwww.5.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ac6274c84692ccd214eafd97103203cf06f3fd8dc0be1bbcb8afa2e0f7f5ed4

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 12:01:07 GMT
server: nginx
etag: W/"60379183-900"
content-type: application/json
access-control-allow-origin: https://www.5.ua
expires: Thu, 25 Feb 2021 13:36:27 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.5.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.5.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 433 B
402 B 73ms
73ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3550511945691679&correlator=1416927121573683&output=ldjh&impl=fifs&eid=21068602%2C21068891%2C21069918%2C31060170%2C31060294%2C21068030&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210225&iu_parts=65982531%2Ccatfish_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614256587&dt=1614256587414&dlt=1614256586404&idt=908&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=0&adks=875629730&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.5.ua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5054&msz=1600x1&ga_vid=1666241453.1614256587&ga_sid=1614256587&ga_hid=435096491&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

642136e0f229542f53f85645e67d4bd977e5cbd13e451759c827a2fed620e969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 30ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 8ms
6ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 416ms
415ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3550511945691679&correlator=4188327803205731&output=ldjh&impl=fifs&eid=21068602%2C21068891%2C21069918%2C31060170%2C31060294%2C21068030&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210225&iu_parts=65982531%2C980x120_Main_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x120%7C970x90%7C728x90&prev_scp=excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614256587&dt=1614256587420&dlt=1614256586404&idt=908&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=137&adks=3278753738&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.5.ua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x120&msz=1140x120&ga_vid=1666241453.1614256587&ga_sid=1614256587&ga_hid=435096491&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

f9fd82bd80e76c6d446bcb011bec02417aed3335458d475d3040d9663839393a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10878
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.5.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 374ms
373ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3550511945691679&correlator=3471341220169384&output=ldjh&impl=fifs&eid=21068602%2C21068891%2C21069918%2C31060170%2C31060294%2C21068030&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210225&iu_parts=65982531%2C728x90_Main_Mid1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614256587&dt=1614256587422&dlt=1614256586404&idt=908&frm=20&biw=1600&bih=1200&oid=3&adxs=276&adys=1994&adks=1341252289&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.5.ua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1666241453.1614256587&ga_sid=1614256587&ga_hid=435096491&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

bec44f49368ca1a0aea779cb9ba4b778d3f93542d3e8aa22720d0a273f07cdf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11363
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.5.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 result Show response
www.5.ua/cdn-cgi/bm/cv/ 0
302 B 9ms
8ms XHR
text/plain 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5.ua/cdn-cgi/bm/cv/result?req_id=627178cf0cee2c2e
Requested by: Host: www.5.ua
URL: https://www.5.ua/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 627178d79a2d2c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-request-id: 087ac9dabc00002c2e1f38c000000001

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
460 B 34ms
14ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.5.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 65ms
22ms Other
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.5.ua%2F&domain=www.5.ua&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.5.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.5.ua
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1567
date: Thu, 25 Feb 2021 12:36:26 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.5.ua%2F&domain=www.5.ua&cw=1
https://mug.criteo.com/sid?cpp=XPWA_XxnZzk0S2lRS1ltQjVWUU9Hc2V1c0JEeXFXdjFnMHJCM2hhcFI3eHZpMmJjbktZSVh3dlBNY0RtQWdDdHZ0WVZ4Z1FzMndTaUpGcStLYklhaElhbndWYmpHNENDUjhKMWFmSmM4bUdYa2FTam03N0pNUVBac3NoQU...

323 B
614 B

194ms
66ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XPWA_XxnZzk0S2lRS1ltQjVWUU9Hc2V1c0JEeXFXdjFnMHJCM2hhcFI3eHZpMmJjbktZSVh3dlBNY0RtQWdDdHZ0WVZ4Z1FzMndTaUpGcStLYklhaElhbndWYmpHNENDUjhKMWFmSmM4bUdYa2FTam03N0pNUVBac3NoQUdjMjFWMWdEY3VteHkzN0pQQ1JwOWFVZjJldWJpZ25Id1phU2s0U05qWFJDbUloaUxZN3RYY09vVGxGVVphOUdqQUZROG1OajRVa0w1eldJS2JCU3QvcUl0V2N6amxYT3N0TlIrODdoUXJxMkdVM09MVjQ4PXw&cppv=2

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f9801ca1fe7400ffeb25ba3083c646465256f9545b7374e12cbd2b775de4320b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2264
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 25 Feb 2021 12:36:27 GMT
location: https://mug.criteo.com/sid?cpp=XPWA_XxnZzk0S2lRS1ltQjVWUU9Hc2V1c0JEeXFXdjFnMHJCM2hhcFI3eHZpMmJjbktZSVh3dlBNY0RtQWdDdHZ0WVZ4Z1FzMndTaUpGcStLYklhaElhbndWYmpHNENDUjhKMWFmSmM4bUdYa2FTam03N0pNUVBac3NoQUdjMjFWMWdEY3VteHkzN0pQQ1JwOWFVZjJldWJpZ25Id1phU2s0U05qWFJDbUloaUxZN3RYY09vVGxGVVphOUdqQUZROG1OajRVa0w1eldJS2JCU3QvcUl0V2N6amxYT3N0TlIrODdoUXJxMkdVM09MVjQ4PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1760
content-length: 482
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
703 B 85ms
84ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:27 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: a4b66550-6c05-4379-b69a-7d630bcd1811
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.5.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 172 B
369 B 72ms
70ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.5.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=00380d19-d981-4157-abeb-f43b462421ee&nocache=1614256587470&pubcid=fcb836cf-fb0f-4f06-9e2d-fc01b9ba5d29&schain=1.0%2C1!adtelligent.com%2C303941%2C1%2C%2C%2C&aus=300x600%2C300x250&divIds=div-gpt-ad-1529321293197-0&auid=541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: d73ef6d073688c78e09852b6be2d52a7b96df0f91a18e4a75974d2b5221aed00

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.5.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 161
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
rtb.adxpremium.services/openrtb2/ 324 B
969 B 131ms
116ms XHR
application/json 2606:4700:e0::ac40:6208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15373d173d9f9c3630a299d43f86f1f9a6ec494f56e566cd571904be1d783f5c

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9dae200001f29b81b5000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PCJ2Rc0wavL%2BNCX6qyxGTNXslJWiUKmKwSZDXxjSwg6Sso6c5huKFKzwxKeUrylWCzJ5yDPh8cnp%2FumwxrIlPgmGx98JqKOg%2B9b4999i2ggOXQ7AoSbrulJVQr7abyPfE5J2WQ%3D%3D"}]}
content-type: application/json
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 627178d7c9321f29-FRA
expires: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 500 B
624 B 146ms
146ms XHR
application/json 2a0c:5c81:5052::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5052::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 5e2a1359061f2cd15a11826a5ec7dd76f0cf6489d66a68cc3acc6c063c453565

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 25 Feb 2021 12:36:26 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.5.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 341

GET
H2

200

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=7485475069292968&tz=-60&fl=0&rr=direct&s=3966381&bidid=13fd635af64f463&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=ku...
https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=7485475069292968&tz=-60&fl=0&rr=direct&s=3966381&bidid=13fd635af64f463&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=ku...

2 B
224 B

62ms
61ms

XHR
application/json

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=7485475069292968&tz=-60&fl=0&rr=direct&s=3966381&bidid=13fd635af64f463&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=kuoyin.yl&ref=https%3A%2F%2Fwww.5.ua%2F&crf=1
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

Redirect headers

location: /adjson?sizes=300x250&jst=hb&ord=7485475069292968&tz=-60&fl=0&rr=direct&s=3966381&bidid=13fd635af64f463&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=kuoyin.yl&ref=https%3A%2F%2Fwww.5.ua%2F&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.5.ua
content-length: 0

GET
H2

200

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=3429717507388874&tz=-60&fl=0&rr=direct&s=3969965&bidid=14683266a7b5c52&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=ku...
https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=3429717507388874&tz=-60&fl=0&rr=direct&s=3969965&bidid=14683266a7b5c52&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=ku...

2 B
224 B

62ms
62ms

XHR
application/json

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=3429717507388874&tz=-60&fl=0&rr=direct&s=3969965&bidid=14683266a7b5c52&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=kuoyin.yl&ref=https%3A%2F%2Fwww.5.ua%2F&crf=1
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

Redirect headers

location: /adjson?sizes=300x600&jst=hb&ord=3429717507388874&tz=-60&fl=0&rr=direct&s=3969965&bidid=14683266a7b5c52&transactionid=00380d19-d981-4157-abeb-f43b462421ee&auctionid=kuoyin.yl&ref=https%3A%2F%2Fwww.5.ua%2F&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.5.ua
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 178ms
60ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.5.ua
date: Thu, 25 Feb 2021 12:36:27 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 121 B
380 B 75ms
24ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: cf05eccbec30de9efd0e74546f01702ec3417ed2a283ea816df584d65ed86626

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.5.ua
Date: Thu, 25 Feb 2021 12:36:26 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 121
Content-Type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 3 KB
3 KB 163ms
163ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1882078&size_id=15&alt_size_ids=10&rp_schain=1.0,1!adtelligent.com,303941,1,,,&eid_pubcid.org=fcb836cf-fb0f-4f06-9e2d-fc01b9ba5d29%5E1&rf=https%3A%2F%2Fwww.5.ua%2F&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=00380d19-d981-4157-abeb-f43b462421ee&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8202078610581811
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ce0ef1dfff991a46b5aa3b2a726103bbf1e25ddd82fee3cba52d656717699fda

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:27 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.5.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 1449
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
138 B 162ms
54ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0-11&cb=62567223891
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.5.ua
date: Thu, 25 Feb 2021 12:36:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
64 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-43467952-1&cid=1666241453.1614256587&jid=24588992&gjid=2123733404&_gid=992392204.1614256588&_u=YCDAgEABAAQCAE~&z=1092058493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Feb 2021 12:36:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
85 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=435096491&t=pageview&_s=1&dl=https%3A%2F%2Fwww.5.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%B5%D1%80%D1%88%D0%B8%D0%B9%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%225%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%22%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQC~&jid=24588992&gjid=2123733404&cid=1666241453.1614256587&tid=UA-43467952-1&_gid=992392204.1614256588&gtm=2wg2h0TKCD28&cd2=Non-AMP&z=1905558623

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 11:21:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
375 B 410ms
134ms Other
image/gif 52.22.109.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/67aaf4ae/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.109.130 Port Chester, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-109-130.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT
vary: Origin
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-security-policy: referrer always
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK pbsync.html Show response
js.adscale.de/ Frame 2EC5 3 KB
2 KB 163ms
53ms Document
text/html 104.111.237.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Host: js.adscale.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096

Response headers

x-amz-id-2: EYIw/VprefYQZkBFSEQ8srpZJTK/5hIltM2RTtj+3icBvoVr8I/vAFYamUFzITeBa7Bs+zi3Bq0=
x-amz-request-id: F124B28C7914FEF3
Last-Modified: Fri, 19 Feb 2021 16:38:21 GMT
ETag: "5550fca00caf055568d6ced373f2721f"
x-amz-version-id: pbDsdqH_IHYQqtyPfraH_xvDVH_irePL
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=300
Date: Thu, 25 Feb 2021 12:36:27 GMT
Content-Length: 1509
Connection: keep-alive

GET
H2 200 cookie Show response
cm.adform.net/ Frame 5F12 43 B
106 B 162ms
52ms Document
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method: GET
:authority: cm.adform.net
:scheme: https
:path: /cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/sync.html?aid=609096
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096

Response headers

server: nginx
date: Thu, 25 Feb 2021 12:36:27 GMT
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

Cookie set csync Show response
sync.console.adtarget.com.tr/ Frame 7A71
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://ams.creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2HiMb2pqxSRedxN1AWtb&pi=admatic&tc=1

86 B
547 B

566ms
392ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2HiMb2pqxSRedxN1AWtb&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.console.adtarget.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096

Response headers

Server: VertaMedia 1.0
Date: Thu, 25 Feb 2021 12:36:28 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=0bb125323e6f736c; expires=Wed, 28 Apr 2021 12:36:28 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=2HiMb2pqxSRedxN1AWtb; expires=Wed, 28 Apr 2021 12:36:28 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date: Thu, 25 Feb 2021 12:36:27 GMT Thu, 25 Feb 2021 12:36:27 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2HiMb2pqxSRedxN1AWtb&pi=admatic&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 2B79
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

3 KB
1 KB

59ms
58ms

Document
text/html

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: bb3b7b43ef77882d1cf2c9cf82c316f7e91ac8c632bce00a2995483522f58e77

Request headers

:method: GET
:authority: ads.us.e-planning.net
:scheme: https
:path: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/sync.html?aid=609096
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: CT=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096

Response headers

server: openresty
date: Thu, 25 Feb 2021 12:36:27 GMT
content-type: text/html
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie: E=APImJsRJ72S1ip4Z; path=/; domain=e-planning.net; expires=Thu, 24-Feb-2028 12:36:27 GMT; SameSite=None; Secure
expires: Thu, 25 Feb 2021 12:36:27 GMT
x-sid: AMS-744
content-encoding: gzip

Redirect headers

server: openresty
date: Thu, 25 Feb 2021 12:36:27 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: CT=1; path=/; SameSite=None; Secure
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid: AMS-744

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E070 8 KB
3 KB 148ms
49ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%25%25EXTERNAL_COOKIE_ID%25%25
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=88112
Expires: Fri, 26 Feb 2021 13:04:59 GMT
Date: Thu, 25 Feb 2021 12:36:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 204
No Content qsde13.gif
us.ck-ie.com/ Frame D059 0
129 B 402ms
133ms Image
text/plain 88.214.194.185
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/qsde13.gif?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306708%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.214.194.185 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:27 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H/1.1

200
OK

csync
sync.console.adtarget.com.tr/ Frame D059
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-84fbd69e-e733-439b-9364-39d7e37491a7

86 B
566 B

764ms
389ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-84fbd69e-e733-439b-9364-39d7e37491a7
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

location: https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-84fbd69e-e733-439b-9364-39d7e37491a7
date: Thu, 25 Feb 2021 12:36:27 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame D059
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=0bb125323e6f736c

86 B
527 B

390ms
389ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=0bb125323e6f736c
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.console.adtarget.com.tr/sync.html?aid=609096
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=0bb125323e6f736c
Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
17ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-43467952-1&cid=1666241453.1614256587&jid=24588992&_u=YCDAgEABAAQCAE~&z=260427616

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 48ms
32ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-43467952-1&cid=1666241453.1614256587&jid=24588992&_u=YCDAgEABAAQCAE~&z=260427616

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f5e21cfdc4ccca93c6b092dfd5a87724.json Show response
www.shareaholic.net/config/ 4 KB
2 KB 398ms
132ms XHR
application/json 54.197.98.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/f5e21cfdc4ccca93c6b092dfd5a87724.json
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.197.98.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-98-98.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 957e92a918653fd40bdc7abf17b23fef1993b2e5297fa8230f5de385299417ec

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-client-geo-country: PL,Poland
date: Wed, 24 Feb 2021 22:44:40 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-length: 1325
server: nginx
x-client-geo-region: 14,Mazovia
x-client-geo-metrocode
etag: W/"957e92a918653fd40bdc7abf17b23fef"
access-control-max-age: 2000
x-client-geo-city: Warsaw
x-varnish: 669532029 655126720
via: 1.1 varnish (Varnish/6.0)
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-zip: 02-822
accept-ranges: bytes
content-type: application/json
access-control-allow-headers: *
x-client-geo-latlong: 52.153200,20.999900

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 173ms
58ms Other
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1289
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 2 KB
2 KB 145ms
49ms Script
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=5254113399286593&cpv=3b2b6c79-0718-3975-78aa-188965449035&responseType=default&uids=%7B%7D&data=%7B%22id%22%3A%22d0adc115-2a43-b93d-03a1-e5f268d37c82%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.5.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22b4d023bf-b63f-4ad4-c37b-3983810235e8%22%2C%22tagid%22%3A%2245f9e352-fb6f-47b3-ba1a-eb4015f94d80%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_45f9e352fb6f47b3ba1aeb4015f94d80_zone_16997_sect_4659_site_4124%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

060662df88544f1a8261f230ab473a05e25483e53801aebfe4baa9ec88f1b0d8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:27 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
X-XSS-Protection: 0

OPTIONS
H2 200 342
api.traq.li/tracker/lucid/visit/ Frame 0
0 180ms
179ms Other 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/tracker/lucid/visit/342?story_url=https%3A%2F%2Fwww.5.ua%2F&visitor=tgyzf581yurthz2w
Protocol: H2
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.5.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.5.ua
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 86400
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node: 0
cf-cache-status: DYNAMIC
cf-request-id: 087ac9db850000d6b5d2312000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mKaW5B%2FLOqGVypNeWxoIpKqJh3UQpny3PohT8b9g6N3PzHhZHdr0wQV6W7lkt6yXpNTwkIWdIwYN4b5Guf1jPQSeVINVBehLKZXDTnL2fHictmWurY%2FYIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 627178d8deefd6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 342 Show response
api.traq.li/tracker/lucid/visit/ 65 B
553 B 189ms
184ms XHR
application/json 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/tracker/lucid/visit/342?story_url=https%3A%2F%2Fwww.5.ua%2F&visitor=tgyzf581yurthz2w
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97833d96420cccd3d540689e88e926ecf377aae2b403e7b7a5279122dd1bfe0e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: br
vary: Accept-Encoding, X-HTTP-Method-Override
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node: 0
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9dc4000002c3edaab6000000001
server: cloudflare
etag: W/"41-aYmSxasLTi9YAkzeAfTyfUQ8ma4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QzHLS5Vtq88mt4cdm4sAx19SuZhwwDAxVTYKkSjYhKNmaj3Sic5TGldn9AdpIZmsnlDHJ3SMXxb5a%2F%2FSyKgD8FskTzAohThJkU5PW7Na5d6mHdnoHuHb6A%3D%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.5.ua
access-control-allow-credentials: true
cf-ray: 627178da0cc52c3e-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 state-machine.min.js Show response
api.traq.li/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vg.3db71fd&p=342
Requested by: Host: api.traq.li
URL: https://api.traq.li/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 704092
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node: 0
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9db8600002c3ed5039000000001
last-modified: Tue, 09 Feb 2021 15:00:08 GMT
server: cloudflare
etag: W/"f2a-177874e8df6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MwIe899fJQEeLTe%2B%2FD3JSDxv09O3m1UOmqlLPxmjYdzdSv84OfS6t8rfRRJtZCH2mjeTP22XYfp4lhZpNho0LfF7c6OD1CbtXbsmr3U1ARHQFWQcN7XDOw%3D%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api.traq.li
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 627178d8db262c3e-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Thu, 17 Feb 2022 09:01:35 GMT

GET
H2 200 displayer.js Show response
api.traq.li/public/sdk/vx/widgets/base/ 16 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/public/sdk/vx/widgets/base/displayer.js?v=vg.3db71fd&p=342
Requested by: Host: api.traq.li
URL: https://api.traq.li/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae266bd874ab509a4a6fb29a273ca369e00aeb414dc59c02de583a5d5f3e7e3

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 704092
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node: 1
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9db8600002c3efcb23000000001
last-modified: Tue, 09 Feb 2021 15:01:30 GMT
server: cloudflare
etag: W/"8aae-177874fcf99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BCHcNBWsW4Eockasew9POlz6FtqUjPf1aJzto8WtEC8K8CtnukpGQoURVJm8eBtOigUy%2FUnW2MSf5LvCZZP4W63TFlSX0DqixW1xJvGbLPRWSuiRVsuj9A%3D%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api.traq.li
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 627178d8db272c3e-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Thu, 17 Feb 2022 09:01:35 GMT

GET
H2 200 displayer.js Show response
api.traq.li/public/sdk/vx/widgets/popup/ 2 KB
997 B 12ms
11ms Script
application/javascript 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/public/sdk/vx/widgets/popup/displayer.js?v=vg.3db71fd&p=342
Requested by: Host: api.traq.li
URL: https://api.traq.li/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55188ad66462f99aad5a01a117a0a9a6bb2c72d1d5b3fefd1ab340ea5a708e2a

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 704092
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node: 0
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9db8700002c3ecd1fd000000001
last-modified: Tue, 09 Feb 2021 15:01:28 GMT
server: cloudflare
etag: W/"1626-177874fc73e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JVnFZoVer65YdJiJe%2FqLh4Qg%2B6%2FC4KtI3pCv1mLhNfRtblyEXbu7EFBXCbVPQwAPUo8T%2FJk%2FQQRz1EiRrnAT51NSiRIPNVKLX%2BI09obgnqAeNuN%2F9PX48w%3D%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api.traq.li
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 627178d8db282c3e-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Thu, 17 Feb 2022 09:01:35 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
27 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-81117537-51&cid=1666241453.1614256587&jid=1007903187&gjid=1330376425&_gid=992392204.1614256588&_u=ACCAgEABCAAAAE~&z=1456495946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Feb 2021 12:36:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 10ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=435096491&t=pageview&_s=1&dl=https%3A%2F%2Fwww.5.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%B5%D1%80%D1%88%D0%B8%D0%B9%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%225%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%22%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABC~&jid=1007903187&gjid=1330376425&cid=1666241453.1614256587&tid=UA-81117537-51&_gid=992392204.1614256588&z=913202316

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 07:56:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1313 Show response
api.traq.li/publisher/unattended/ Frame 8D5C 127 KB
39 KB 333ms
333ms Document
text/html 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/publisher/unattended/1313?wv=7&v=vg.3db71fd
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33f73711e4fb573905b19e50774de887a75fc3b0d7724362a9ca97693a4393f6

Request headers

:method: GET
:authority: api.traq.li
:scheme: https
:path: /publisher/unattended/1313?wv=7&v=vg.3db71fd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.5.ua/

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dfacaa68a0d069b8cb172bc6e74d1ed371614256587; expires=Sat, 27-Mar-21 12:36:27 GMT; path=/; domain=.traq.li; HttpOnly; SameSite=Lax
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: api.traq.li
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 86400
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
expires: Fri, 25 Feb 2022 12:36:27 GMT
cache-control: max-age=31536000 public
x-cache-status: HIT
x-traqli-node: 1
cf-cache-status: DYNAMIC
cf-request-id: 087ac9dba800002c3ec00b6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XSDjx7K5tESaaeqj4QcGVtjGZg97tIrMUPnJxooJ946nbsTmxzQAHbYRxesNmczhQbErQyLSaSjSTRELHZiv%2FMDHtP9BngCkObIX6YP5%2B9khG%2FZUZQUdgw%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 627178d90b882c3e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
123 B 32ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.5.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 30ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.5.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
17 KB 348ms
348ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3550511945691679&correlator=2259860662829649&output=ldjh&impl=fifs&eid=21068602%2C21068891%2C21069918%2C31060170%2C31060294%2C21068030&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210225&iu_parts=65982531%2C300x600_Other_Right_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&prev_scp=excl_cat%3DPREPOST&eri=1&cookie=ID%3Df2a99973739f8024-2264f31d9bba00dd%3AT%3D1614256587%3AS%3DALNI_Mags4PbknfEhF8G0sk-hvgpr3PjLw&bc=31&abxe=1&lmt=1614256587&dt=1614256587745&dlt=1614256586404&idt=908&frm=20&biw=1600&bih=1200&oid=3&adxs=1070&adys=559&adks=2279244755&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.5.ua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1666241453.1614256587&ga_sid=1614256587&ga_hid=435096491&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

9e42514d47de9f0a4102b90250a81cc61a4a152a4f5f2254d1268467a6396601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16753
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.5.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 220a3ab992256d1ee152.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
11 KB 36ms
35ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/220a3ab992256d1ee152.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:02 GMT
server: nginx
etag: W/"6034f112-7029"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:45+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Feb 2022 12:15:34 GMT

GET
H2 200 ede2c96e6a0d474ef44e.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
18 KB 39ms
38ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ede2c96e6a0d474ef44e.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:15 GMT
server: nginx
etag: W/"6034f11f-a7af"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:45+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Feb 2022 12:15:34 GMT

GET
H2 200 ef30fd68f07ce65f2dec.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 41ms
39ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ef30fd68f07ce65f2dec.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:15 GMT
server: nginx
etag: W/"6034f11f-326c"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:45+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Feb 2022 12:15:34 GMT

GET
H2 200 c9b3c2772742a8f4dab8.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 41ms
40ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c9b3c2772742a8f4dab8.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:13 GMT
server: nginx
etag: W/"6034f11d-2a79"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:52+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Feb 2022 12:15:41 GMT

GET
H2 200 65272011cc1731a55c6d.b.js Show response
cdn.admixer.net/scripts3/ 213 KB
73 KB 44ms
43ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/65272011cc1731a55c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e17ea6db32d44acaf74ced343aaa5ee50facbe79f847fa0758a9d3dabaf4df98

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 25 Feb 2021 12:36:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:06 GMT
server: nginx
etag: W/"6034f116-354e7"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:45+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Feb 2022 12:15:34 GMT

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5265483543
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Axm12GZiLiXd9V06DsVSZww

43 B
448 B

48ms
48ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Axm12GZiLiXd9V06DsVSZww

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Axm12GZiLiXd9V06DsVSZww
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NWUzMWU3MWE3NzQ0NDQ5YzkyM2Y2OWQxYjk5NDBiOWY&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEJal8Mw0QkW8tikL2l0kiK4&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=5e31e71a7744449c923f69d1b9940b9f

35 B
351 B

73ms
56ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=5e31e71a7744449c923f69d1b9940b9f
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:27 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 25 Feb 2021 12:36:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=5e31e71a7744449c923f69d1b9940b9f
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3d4690df-d020-5238-80fe-029ee0c99b55

43 B
448 B

143ms
49ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3d4690df-d020-5238-80fe-029ee0c99b55

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:27 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3d4690df-d020-5238-80fe-029ee0c99b55
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
149 B 197ms
64ms Image
image/gif 34.242.72.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=5e31e71a7744449c923f69d1b9940b9f&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.72.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-72-242.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:27 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEOMppaNXGyGIfEG62Sc1Ips&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=5e31e71a7744449c923f69d1b9940b9f

35 B
351 B

72ms
70ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=5e31e71a7744449c923f69d1b9940b9f
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 25 Feb 2021 12:36:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=5e31e71a7744449c923f69d1b9940b9f
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2 200 cm-notify
creativecdn.com/ 42 B
252 B 62ms
58ms Image
image/gif 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT, Thu, 25 Feb 2021 12:36:27 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=5e31e71a7744449c923f69d1b9940b9f&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=5e31e71a7744449c923f69d1b9940b9f&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy]
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=dd1affc3-edd8-41ae-a61b-861e322ad6fe
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=dd1affc3-edd8-41ae-a61b-861e322ad6fe
https://inv-nets.admixer.net/bs/cm.aspx?id=dd1affc3-edd8-41ae-a61b-861e322ad6fe&gdpr=&consent=&gdpr_pd=

43 B
448 B

47ms
47ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=dd1affc3-edd8-41ae-a61b-861e322ad6fe&gdpr=&consent=&gdpr_pd=

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=dd1affc3-edd8-41ae-a61b-861e322ad6fe&gdpr=&consent=&gdpr_pd=
date: Thu, 25 Feb 2021 12:36:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pic.gif
pa.tns-ua.com/bug/
Redirect Chain

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=5e31e71a7744449c923f69d1b9940b9f
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z4327A71C6C94AFE96B3B02843BDE1C8&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=5e31e71a7744449c923f69d1b9940b9f

56 B
174 B

67ms
66ms

Image
image/gif

194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z4327A71C6C94AFE96B3B02843BDE1C8&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=5e31e71a7744449c923f69d1b9940b9f
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.13.0
content-type: image/gif
expires: -1

Redirect headers

location: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z4327A71C6C94AFE96B3B02843BDE1C8&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=5e31e71a7744449c923f69d1b9940b9f
date: Thu, 25 Feb 2021 12:36:27 GMT
cache-control: no-cache
server: nginx/1.13.0
content-length: 0
expires: -1

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 179ms
60ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=5e31e71a7744449c923f69d1b9940b9f
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:27 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C378 37 KB
14 KB 193ms
82ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%25%25EXTERNAL_COOKIE_ID%25%25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%25%25EXTERNAL_COOKIE_ID%25%25
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%25%25EXTERNAL_COOKIE_ID%25%25

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=60062
Expires: Fri, 26 Feb 2021 05:17:29 GMT
Date: Thu, 25 Feb 2021 12:36:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

uu Show response
ih.adscale.de/ Frame 2EC5
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1614256587
https://ih.adscale.de/uu?cbfn=receive&t=1614256587&nut&uu=acedd7d794a14dab8f424710cd84f2bc

44 B
233 B

59ms
58ms

Script
text/javascript

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1614256587&nut&uu=acedd7d794a14dab8f424710cd84f2bc
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 167f7d48939f2a2ed3fb00bf9af6cfa9024d22a32af7493fdcf12491394fb437

Request headers

Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
server: Apache-Coyote/1.1
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1614256587&nut&uu=acedd7d794a14dab8f424710cd84f2bc
date: Thu, 25 Feb 2021 12:36:27 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042011302221000/ Frame 34EF 186 KB
52 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9503111432bbaa37cfef271c29162ec7a0ca26fb07805ce56f3697edf4f8d164

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 521619
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53299
x-xss-protection: 0
server: sffe
date: Fri, 19 Feb 2021 11:42:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c4085b5c4f53ae82"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 11:42:48 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame 34EF 13 KB
5 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc1a4a6e75717031513499092fb0fcb294e4aaafd5aaf8c43094cf0dbea6a700

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8055
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4856
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 10:22:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "18244ed4b9b02b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 10:22:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame 34EF 90 KB
27 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d4cb802bba4faca9ccb1a8a9296b4174ca138667ef2dd5795661c91787581c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 149382
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27558
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 19:06:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3857c20c40bb64cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 19:06:45 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame 34EF 3 KB
1 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5584d653470428a28ddf731d9fbc5bb6d71642b0b2d1a036db823371234cd7cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 521613
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1347
x-xss-protection: 0
server: sffe
date: Fri, 19 Feb 2021 11:42:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "69b40b1afa9e263a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 11:42:54 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame 34EF 41 KB
13 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a91569c88e09fb8ddfc1a433193dac8da4848c52577a0f5e424064eba88a7e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 568368
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12907
x-xss-protection: 0
server: sffe
date: Thu, 18 Feb 2021 22:43:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "87997b58d02876cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 22:43:39 GMT

GET
DATA 200
OK truncated
/ Frame 34EF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e69186033526109e4d6e6d0439b83d3aa14076f6311185df688a3f7ad74b773d

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 2964469524111748465
tpc.googlesyndication.com/simgad/ Frame 34EF 7 KB
7 KB 14ms
12ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2964469524111748465?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkgxQX4x7LwQIlqBEXO3oWKlHBaWw

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d7ef6a86944735afcceb14f3e1ad9efdf3a6282696d7091d0248bdae8fa06b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 04:36:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 16:33:12 GMT
server: sffe
age: 28787
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6698
x-xss-protection: 0
expires: Fri, 25 Feb 2022 04:36:40 GMT

GET
H3-Q050 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 34EF 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 19:41:49 GMT
x-content-type-options: nosniff
server: cafe
age: 60878
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Thu, 25 Feb 2021 19:41:49 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 34EF 344 B
464 B 12ms
11ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
age: 12667
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 26 Feb 2021 09:05:20 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 34EF 0
0 87ms
86ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_Wucy5k3YMWUHamGjuwPp5miiAzS-9e2Ydn6p5XxDIP42dmdIhABIKvI8iZg6eTJhdgaoAH6oo_AA8gBAqkCnyt7XYrGtz7gAgCoAwHIAwiqBLwBT9BCUgeacyOW8HOmtY3xwlqbBFcwm8XoVQIrkss_q4y2UdDFiqwSUtVPWmDBHZOCKVbuwp5lIFt_BTZbKOpZbKUspZAzqsZMdsJ1cdNwDDf2_AgkDoITPqFz6Fetv6Tvg4TrVATLUtDHtuCgxPzYuU6lo0kJ-kjlgnQkmUwEPZkSknEHustVTslNBZ7G6NnUfR7I7j_FmPmHidTOiejhgWAJTe0-kZaWmaXfNJJ9yodTYPh5-U93mXZKDcHABM_klp3EA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfawuCyAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDszAPSCAkIgOGAUBABGB2ACgHICwHYEw2yFxoKGAgAEhRwdWItNjU3OTI3NjE1NDg0MjQzMQ&sigh=kq0g9-pB1v0&tpd=AGWhJmuHBrZyyl0DJzM0edUUGsrIXdNaErTbQ2BivseINkCeNg
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame B009 180 KB
50 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 27732
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 04:54:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 04:54:15 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B009 13 KB
5 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 50122
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 24 Feb 2021 22:41:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 22:41:05 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B009 90 KB
28 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 590698
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Thu, 18 Feb 2021 16:31:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:31:29 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B009 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80048
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 24 Feb 2021 14:22:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:22:19 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B009 41 KB
13 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 159160
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 16:23:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 16:23:47 GMT

GET
H3-Q050 200 2964469524111748465
tpc.googlesyndication.com/simgad/ Frame B009 7 KB
7 KB 9ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2964469524111748465?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkgxQX4x7LwQIlqBEXO3oWKlHBaWw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d7ef6a86944735afcceb14f3e1ad9efdf3a6282696d7091d0248bdae8fa06b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 04:36:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 16:33:12 GMT
server: sffe
age: 28787
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6698
x-xss-protection: 0
expires: Fri, 25 Feb 2022 04:36:40 GMT

GET
H3-Q050 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B009 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 19:41:49 GMT
x-content-type-options: nosniff
server: cafe
age: 60878
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Thu, 25 Feb 2021 19:41:49 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B009 344 B
369 B 9ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
age: 12667
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 26 Feb 2021 09:05:20 GMT

GET
DATA 200
OK truncated
/ Frame B009 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3270e94b074a33614f9bddf8d7512dff64e666be45c2bd2525d58ca3075a5e7

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B009 0
0 90ms
86ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyTuqy5k3YMSeHcKM3gOj3oLIDtL717Zh2fqnlfEMg_jZ2Z0iEAEgq8jyJmDp5MmF2BqgAfqij8ADyAECqQLy5ek3gsC3PuACAKgDAcgDCKoEvAFP0GkqbQNJCsaL7XznVanWlrSbT7qLCZZUFeEKlKtZMRKRA5d-hLTjbSv7bVlSSCkUDvMIxflk1YpC-QGcrtD6uwbP7Lo5EvcUjZKWl5UaQvjzfdqcLgJEGgzzvVaVToj5zAbEgB9xKN4LulKw3vhtug82RBmx4PHY9LSPSQr9OFYq9pz6jvNUVVrJpVByeRGpR2LeKlTh1heYAWN1QqJRUcQkvjHeiIqa7WW4uMJvEKi85cdsZApBiEuR3sAEz-SWncQD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9rC4LIBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKi1BdIICQiA4YBQEAEYHYAKAcgLAdgTDbIXGgoYCAASFHB1Yi02NTc5Mjc2MTU0ODQyNDMx&sigh=uJLwyhvbtro&tpd=AGWhJmvBGReSKOWgdrFijzyafGT46Mk2f_ZKAqEeeYgh7rC7dg
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

um
u-ams02.e-planning.net/ Frame 2B79
Redirect Chain

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4f358596ee8e6644
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4f358596ee8e6644

42 B
104 B

155ms
48ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4f358596ee8e6644
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:27 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4f358596ee8e6644
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

um
sync.e-planning.net/ Frame 2B79
Redirect Chain

https://sync.1rx.io/usersync2/eplanning
https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1

42 B
104 B

1188ms
52ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:29 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 dataxpand_28122020.js Show response
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 2B79 39 KB
14 KB 180ms
73ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 16:45:03 GMT
server: openresty
etag: W/"5fea0b8f-9a72"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 24 Feb 2026 12:36:28 GMT

GET
H2 200 tm60118.js Show response
tag.navdmp.com/ Frame 2B79 12 KB
4 KB 39ms
14ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm60118.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 493
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 087ac9dcf40000d6bd8181d000000001
last-modified: Wed, 18 Nov 2020 16:32:07 GMT
server: cloudflare
etag: W/"5fb54c87-2ef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 627178db1a51d6bd-FRA
expires: Thu, 25 Feb 2021 13:28:15 GMT

GET
H2 200 retargetly_030920.js Show response
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 2B79 2 KB
1 KB 181ms
74ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 18:45:03 GMT
server: openresty
etag: W/"5f5139af-857"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 24 Feb 2026 12:36:28 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame 2B79
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4f358596ee8e6644%26uid%3D%24%7BUID%7D
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4f358596ee8e6644&uid=16ca8659-eb17-4318-af77-f4fc5cc6ac59

42 B
103 B

49ms
48ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4f358596ee8e6644&uid=16ca8659-eb17-4318-af77-f4fc5cc6ac59
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:29 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4f358596ee8e6644&uid=16ca8659-eb17-4318-af77-f4fc5cc6ac59
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tendr3omcia22li4s1qedd44976oncmd

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame 2B79 5 KB
2 KB 3073ms
139ms Script
text/plain 34.204.119.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.119.109 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-119-109.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4f600b1db2ac23f7973100fae454508086ff2db74558b89428d64639c2b38e79

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:30 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1663

GET
H2 200 lotame.js Show response
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 2B79 266 B
415 B 180ms
74ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 16:18:03 GMT
server: openresty
etag: W/"5fb69abb-10a"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Tue, 24 Feb 2026 12:36:28 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ Frame 2B79 0
104 B 100ms
65ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4f358596ee8e6644%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 2B79
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4f358596ee8e6644
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.console.adtarget.c...

95 B
337 B

51ms
50ms

Image
image/png

159.69.76.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.console.adtarget.com.tr%252Fcsync%253Ft%253Da%2526ep%253D307442%2526extuid%253D%2524UID
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.76.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.76.69.159.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:29 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.console.adtarget.com.tr%252Fcsync%253Ft%253Da%2526ep%253D307442%2526extuid%253D%2524UID
Date: Thu, 25 Feb 2021 12:36:29 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

um
u-ams02.e-planning.net/ Frame 2B79
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4f358596ee8e6644%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D4f358596ee8e6644%2526uid%253D%2524UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4f358596ee8e6644&uid=3918247862574724850

42 B
103 B

74ms
49ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4f358596ee8e6644&uid=3918247862574724850
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: a1ad67ff-41ae-47dc-8e13-7507c5b1dcc1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4f358596ee8e6644&uid=3918247862574724850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 2B79 0
478 B 1227ms
53ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4f358596ee8e6644%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:29 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.e-planning.net/ Frame 2B79
Redirect Chain

https://ups.analytics.yahoo.com/ups/58414/occ
https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-EvbVqJd1l2buZJ64pHnCzgBfX1x7fFOEi3.0j0U-

42 B
103 B

52ms
52ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-EvbVqJd1l2buZJ64pHnCzgBfX1x7fFOEi3.0j0U-
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Thu, 25 Feb 2021 12:36:30 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-EvbVqJd1l2buZJ64pHnCzgBfX1x7fFOEi3.0j0U-
Connection: keep-alive
Content-Length: 0

GET
H2

200

um
u-ams02.e-planning.net/ Frame 2B79
Redirect Chain

https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4f358596ee8e6644%26uid%3D%7B%24UID%7D
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4f358596ee8e6644&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d

42 B
103 B

50ms
49ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4f358596ee8e6644&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:29 GMT
server: openresty
content-type: image/gif

Redirect headers

Location: https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4f358596ee8e6644&uid=afe45f51e44afbaa5f020965df2f922c4084bd9d
Date: Thu, 25 Feb 2021 12:36:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9E2C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

291 B
559 B

126ms
42ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KLKUOYKC-4-2I8V; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt03ZRUZWfOgh0q42TUmnjXMGZZdWE5/rLRx3CvDzGDGfGQhinACX7QkT5r1862G0J5h4qb83eS0hKp2u2DqQxPKLjTqS3MjDRX+bxlH9h; ses10=48138^1; vis10=48138^1; audit=1|hLZGFuTafB1jBSeT5JoNmZqpp78UDnSwxNrrcYeVyQO0vuT1Tg2HwddnAnmbLEPgzG6FmltYou2qeh/unzTUsA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 Feb 2021 12:36:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date: Thu, 25 Feb 2021 12:36:28 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9159 8 KB
3 KB 148ms
49ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4f358596ee8e6644%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=88111
Expires: Fri, 26 Feb 2021 13:04:59 GMT
Date: Thu, 25 Feb 2021 12:36:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 34EF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

42ms
42ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Feb 2021 12:36:28 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 400ms
137ms Script
application/javascript 107.20.147.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fwww.5.ua%2F&cl=uk&id_sync=63f0f65e-ce76-44aa-bdb7-3ac4a0bbde80&minify=1&site=f5e21cfdc4ccca93c6b092dfd5a87724
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/67aaf4ae/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript;charset=utf-8
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B009
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

45ms
44ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Feb 2021 12:36:28 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 container.html Show response
6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3D18 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.5.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 25 Feb 2021 12:36:27 GMT
expires: Fri, 25 Feb 2022 12:36:27 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169937710944"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28419
x-xss-protection: 0
expires: Thu, 25 Feb 2021 12:36:28 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C378 0
75 B 55ms
54ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=78014901&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:28 GMT
Content-Length: 0

GET
H3-Q050 200 2964469524111748465
tpc.googlesyndication.com/simgad/ Frame B009 7 KB
7 KB 6ms
5ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2964469524111748465?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkgxQX4x7LwQIlqBEXO3oWKlHBaWw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d7ef6a86944735afcceb14f3e1ad9efdf3a6282696d7091d0248bdae8fa06b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 04:36:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 16:33:12 GMT
server: sffe
age: 28788
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6698
x-xss-protection: 0
expires: Fri, 25 Feb 2022 04:36:40 GMT

GET
H3-Q050 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B009 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 19:41:49 GMT
x-content-type-options: nosniff
server: cafe
age: 60879
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Thu, 25 Feb 2021 19:41:49 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B009 344 B
374 B 6ms
5ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
age: 12668
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 26 Feb 2021 09:05:20 GMT

GET
H/1.1 200
OK userconnect.js Show response
js.adscale.de/ Frame 2EC5 14 KB
5 KB 91ms
91ms Script
application/javascript 104.111.237.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: JjPl_v_YmPAWVjCrPPL.UYdlfgK5wVfl
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 16:38:21 GMT
Server: AmazonS3
x-amz-request-id: 35AD48D2CBAB9DAF
ETag: "98f37b242862929d9aef4bde91abc8ad"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Date: Thu, 25 Feb 2021 12:36:28 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4485
x-amz-id-2: clsImiAn23mQoZlTfodZ4fQTwefdI/3eOWc+9eKFKhxjI/atik+TIccawta1K0qAx/k3JCbexbI=

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 2EC5 86 B
559 B 786ms
389ms Image
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=acedd7d794a14dab8f424710cd84f2bc
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 34EF 0
54 B 180ms
179ms Other
image/gif 2607:f8b0:4007:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1614256588206&qqid=CIWm5LOGhe8CFSmDgwcdp4wIwQ&rt=any.link.4.j.a.7.0.0.1575.154j~any.script.4.d.1.a.0.0.3sp.3qw~any.script.4.i.6.b.0.0.lbm.l9i~any.script.4.r.1.6.0.0.12d.11f~any.script.5.s.1.7.0.0.9zh.9yj~any.img.7.g.1.c.0.0.58x.562~any.img.7.g.2.c.0.0.2g1.2dd~any.img.7.f.2.b.0.0.cw.9k~any.img.8.2h.2p.0.0.0.0.0~any.img.7l.16.8r.0.0.0.0.0&met.a4a=dcl.0~ol.~nvs.1614256587816~ini.1614256588208
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011302221000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:803::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum.casalemedia.com/ Frame 6B20
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1

2 KB
3 KB

73ms
73ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 75cdd9416d4c67c2ebe841de3798651c00d8fba520f7cfe01bdf4db3167f5fa5

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YDeZzNkXpdFLRZHHF7PWxQAA; CMPS=1155
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Response headers

Server: Apache
Content-Type: text/html
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1813
Expires: Thu, 25 Feb 2021 12:36:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YDeZzNkXpdFLRZHHF7PWxQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 25 Feb 2022 12:36:28 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 26 May 2021 12:36:28 GMT CMPRO=1102;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 26 May 2021 12:36:28 GMT CMST=YDeZzGA3mcwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Feb 2021 12:36:28 GMT CMRUM3=58603799cc05a0&b0603799cc05a00&c3603799cc05a00&f1603799cc05a00&e6603799cc27600&c4603799cc05a0&27603799cc0b40&2d603799cc05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 25 Feb 2022 12:36:28 GMT

Redirect headers

Server: Apache
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 25 Feb 2021 12:36:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YDeZzNkXpdFLRZHHF7PWxQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 25 Feb 2022 12:36:28 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 26 May 2021 12:36:28 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame 9E32 8 KB
2 KB 44ms
41ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8da5cb13b271ab4086755bbfbfdccf8dcdfc6c20b1bc83d774bb47b73b6632c0

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-type: text/html
set-cookie: __cfduid=d2375fdc4ef577b7c84cc1a467a6d89761614256588; expires=Sat, 27-Mar-21 12:36:28 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%9595%0Ad%E69%C1zH%0E%1F%BF%0C6%BF%C1Bn1%03%F7%F3a.%CF%60%E4%BB%DA%9A1%827%F0%B7%ED%19%DF%12%E8%23%CF%CA%8C7%D5+V%A9e%D5%3ATm%FC%FC%D5%C6%04%28%E8%FC%8D%DD%02%D1sU%23%F2%C8Q%5C%97%C2x%0B%8F%1B%91%16%0Ca%891%3F%1D%AAg%1C%CA%9F%5B%1Ao%E6%EDv%04%A9w%11%DCX%FE%40%85%E4nQ%96%7C%FEV%F4%FB4%E4m%F3%07%8DQ%F1%82%0EcH%A7%22V%A0%E2%D7%CDa7%0Bl%EF%FF%FA%F9%A9%F7%1A%16%3E%90q%88WyY%0A%D3%F5%CE%1F%5Ew%90%B7%3C%25%D4%F5; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 087ac9de0700002c322a86c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 627178dcddf62c32-FRA
content-encoding: br

GET
H2 200 icomoon.woff
api.traq.li/public/sdk/v04/widgets/base/fonts/ Frame 8D5C 3 KB
2 KB 11ms
11ms Font
application/font-woff 2606:4700:e6::ac40:ce20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traq.li/public/sdk/v04/widgets/base/fonts/icomoon.woff?vg.3db71fd
Requested by: Host: api.traq.li
URL: https://api.traq.li/publisher/unattended/1313?wv=7&v=vg.3db71fd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95

Request headers

Origin: https://api.traq.li
Referer: https://api.traq.li/publisher/unattended/1313?wv=7&v=vg.3db71fd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1371953
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 86400
x-traqli-node: 1
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087ac9de1f00002c3e9b350000000001
last-modified: Tue, 09 Feb 2021 15:01:30 GMT
server: cloudflare
etag: W/"b70-177874fcf99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T7rqzYKbtkylNyb5Xg3adlEfLLXCNd7GFzH4u2dLzDeDUezu62o%2F88YLExhbhLCfMN4IUn9bUkwHQf6fthayY3SDOQlRj5w%2BPTJSQfqJMFlxuBUEXW0tag%3D%3D"}]}
content-type: application/font-woff
access-control-allow-origin: https://api.traq.li
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 627178dcf8e22c3e-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Wed, 09 Feb 2022 15:30:35 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2E46 37 KB
14 KB 1194ms
80ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4f358596ee8e6644%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4f358596ee8e6644%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=2:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4f358596ee8e6644%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=60060
Expires: Fri, 26 Feb 2021 05:17:29 GMT
Date: Thu, 25 Feb 2021 12:36:29 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 3D18 3 KB
681 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b1614702e395fef3a85dabdfbed0fa6ba39d52a8244ae2f5916a838ce4beac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 12:12:06 GMT
server: ESF
date: Thu, 25 Feb 2021 12:36:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Feb 2021 12:36:28 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame 3D18 2 KB
1001 B 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 12:33:22 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3D18 0
0 84ms
83ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3vQ7y5k3YIzLMPSgrASOurTAA4P2pMFhr8aOyrMMloLNhYgWEAEgq8jyJmDp5MmF2BqgAYvrzO8CyAEBqQLoAXlgIyGSPuACAKgDAcgDCqoExAFP0JtYchCYpgV_E9bejt954nOJrua3sBvL3yHKg-80_OLFCVBcIDMdLB07K7Z0CcEs0q5EloGUF45t2ZwM3WSNpvrwJuI_vH1ku0JtsH3cZm6DjHAuK9x8rKSKWSEjjnr2nPOnZBXJRG69Pf1-DN-h3eKXnQrUZYxlx6mzOYSJvrXDuXV0d0PA9uRhQWHK36G2_HHKaf2O4sxgmn-O8_aMj8G9NWMSnfrlT1DXFpkeDbJz7fHiv0nks3zJQfaK02zxSsdFwATtq-KYkwPgBAGSBQQIBBgBkgUECAUYBKAGLoAH3ZSzkAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ_LUE0ggJCIDhgBAQARgdgAoByAsB2BMNiBQGshcaChgIABIUcHViLTY1NzkyNzYxNTQ4NDI0MzE&sigh=DORDh3yLniI&template_id=5003&tpd=AGWhJmsCQ2AwPsKm8AKwEq5yda4qTDlPiTBE6WT0hY9_fbH9mA
Requested by: Host: www.5.ua
URL: https://www.5.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/ Frame 3D18 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/abg_lite_fy2019.js

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68f185f74b1c88db45d4af03c0833e9f74ff17552b163f090f16412e585a2129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 14380787468093307063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 12:35:52 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame 3D18 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 12:34:12 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D18 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169956137819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Thu, 25 Feb 2021 12:36:28 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame 3D18 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 12:35:46 GMT

GET
H2 200 5d4b6918ba53c75bacf90c3e9a55021e.js Show response
www.gstatic.com/mysidia/ Frame 3D18 25 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 08:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Feb 2021 08:27:31 GMT
server: sffe
age: 15806
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10833
x-xss-protection: 0
expires: Wed, 26 May 2021 08:13:02 GMT

GET
H3-Q050 200 17715657826975701684
tpc.googlesyndication.com/simgad/4395207188517942854/ Frame 3D18 9 KB
10 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4395207188517942854/17715657826975701684

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7180e5279236d9b2b95d251b04301dfe6f27458c8fe024452ad4d59cabc32dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 06:34:32 GMT
x-content-type-options: nosniff
age: 540116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9518
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 06:26:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 06:34:32 GMT

GET
H3-Q050 200 2210461993671696737
tpc.googlesyndication.com/simgad/ Frame 3D18 33 KB
33 KB 9ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2210461993671696737

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c73f4db4030359e1b23fb45c2c81e559a9c277b058c6c900b5eb6d363eb491b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 20:36:34 GMT
x-content-type-options: nosniff
age: 575994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33616
x-xss-protection: 0
last-modified: Thu, 10 Dec 2020 09:02:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 20:36:34 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9E2C 31 KB
10 KB 126ms
42ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e00b70e9a165e7e1bc39ba9d092d02099fde2e8607e543786f4e9bf00389e428

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12852
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Thu, 25 Feb 2021 16:10:40 GMT

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame 2EC5 158 B
253 B 55ms
55ms Script
application/javascript 52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1614256588414&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b494064db0fc8ab62f99b9d6cb0ec36eb34557f514769bddfe49212fcec14440

Request headers

Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
server: Apache-Coyote/1.1
content-length: 158
content-type: application/javascript

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 9E32 0
0 49ms
49ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a...
https://mwzeom.zeotap.com/mw?google_gid=CAESECYup0tmCJHZow3DGjdHohc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f...

95 B
299 B

23ms
22ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESECYup0tmCJHZow3DGjdHohc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178de3fc62c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9dee000002c3213ae7000000001

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESECYup0tmCJHZow3DGjdHohc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=14d253f3-7766-11eb-838a-02afc4d0ec4c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192...

95 B
178 B

23ms
23ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=14d253f3-7766-11eb-838a-02afc4d0ec4c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178de98592c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9df1e00002c3209a16000000001

Redirect headers

date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=14d253f3-7766-11eb-838a-02afc4d0ec4c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 9E32 0
188 B 1184ms
52ms Image
text/plain 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:29 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D4...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D4...
https://mwzeom.zeotap.com/mw?cid=8224c548-a9e8-4783-acf6-a3f2c17224e0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192...

95 B
179 B

22ms
21ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=8224c548-a9e8-4783-acf6-a3f2c17224e0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178dea87d2c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9df2900002c32f880e000000001

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=8224c548-a9e8-4783-acf6-a3f2c17224e0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 9E32 0
82 B 104ms
100ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 55
date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614256588.463162,VS0,VE55
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11572-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 9E32 0
361 B 4907ms
47ms Image
text/html 154.57.158.51
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.57.158.51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:33 GMT
Cache-Control: no-store
Expires: 0
Content-Type: text/html
Content-Length: 0
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9E32 0
240 B 3203ms
54ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D81e68f56-ca1b-4e5d-56ca-a98f1f11f57b%26reqId%3D45cd0f2c-d93b-4192-5a1a-0b965631de1f%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:31 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=136...
https://mwzeom.zeotap.com/mw?cid=559350ec-862b-4f26-91e6-76d226cb5525&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
179 B

25ms
24ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=559350ec-862b-4f26-91e6-76d226cb5525&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178dea8712c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9df2500002c32bc1fd000000001

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=559350ec-862b-4f26-91e6-76d226cb5525&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=24470353490961531600889017484322564602&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-...

95 B
405 B

24ms
24ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=24470353490961531600889017484322564602&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6271790d1a432c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9fc2c00002c32b6923000000001

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Qer4oO7FRyM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=24470353490961531600889017484322564602&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 /
loadeu.exelator.com/load/ Frame 9E32 0
324 B 8816ms
1025ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021022513-22690-0.221167001614256589-2b45cc5204300d580bae8a8eb36f8ee6&zdid=533&env=mWeb

95 B
179 B

26ms
22ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021022513-22690-0.221167001614256589-2b45cc5204300d580bae8a8eb36f8ee6&zdid=533&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178df79aa2c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9dfad00002c32bf2d9000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021022513-22690-0.221167001614256589-2b45cc5204300d580bae8a8eb36f8ee6&zdid=533&env=mWeb
Date: Thu, 25 Feb 2021 12:36:29 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6933179261414340756&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-...

95 B
307 B

24ms
23ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6933179261414340756&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178ea58872c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9e67500002c32b7397000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6933179261414340756&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Date: Thu, 25 Feb 2021 12:36:30 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame 9E32 95 B
426 B 51ms
50ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=rdWZ4opKwpg/9XBwQ29stu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-41...

95 B
306 B

23ms
23ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=rdWZ4opKwpg/9XBwQ29stu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:32 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178f91d1d2c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9efb300002c32d9ba9000000001

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:32 GMT
via: 1.1 google
last-modified: Thu, 25 Feb 2021 12:36:32 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=rdWZ4opKwpg/9XBwQ29stu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 9E32 36 B
378 B 4432ms
50ms Image
image/gif 89.163.159.106
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.163.159.106 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2 403 tpid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 9E32 49 B
243 B 7499ms
90ms Image
image/gif 52.48.137.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:36 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.43
content-type: image/gif
content-length: 49
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-IxHCleR1lw2fiZykm01CzWdtEI5owmDKfg--&zpartnerid=570&env=mWeb

95 B
306 B

23ms
23ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-IxHCleR1lw2fiZykm01CzWdtEI5owmDKfg--&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178e73c952c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9e48000002c320203d000000001

Redirect headers

date: Thu, 25 Feb 2021 12:36:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-IxHCleR1lw2fiZykm01CzWdtEI5owmDKfg--&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Ly9gEfJYmDPx4hgcp%2Bhrv7I%2BFrmqv8Py%2BS41iYitP1U%3D

95 B
228 B

23ms
22ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Ly9gEfJYmDPx4hgcp%2Bhrv7I%2BFrmqv8Py%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178ecabd82c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9e7ec00002c32e1a50000000001

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:30 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Ly9gEfJYmDPx4hgcp%2Bhrv7I%2BFrmqv8Py%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 9E32 43 B
324 B 144ms
51ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:30 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 9E32 0
338 B 188ms
61ms Image
text/plain 54.76.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.98.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-98-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
cache-control: private, no-cache, no-store
x-request-time: D=46 t=1614256590
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 9E32 95 B
524 B 51ms
51ms Image
image/png 159.69.76.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.76.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.76.69.159.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:30 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YDeZzAAAAGsoRjoG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b9...

95 B
179 B

34ms
34ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YDeZzAAAAGsoRjoG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178eaa8f82c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9e6a900002c32cdb58000000001

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:30 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
x-timer: S1614256590.385771,VS0,VE94
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YDeZzAAAAGsoRjoG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2...

95 B
190 B

29ms
28ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178eb8a162c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9e73200002c321c957000000001

Redirect headers

Date: Thu, 25 Feb 2021 12:36:30 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 25 Feb 2021 12:37:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9E32
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=N93GliIC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b

0
337 B

64ms
61ms

Image
text/plain

54.76.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.98.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-98-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1614256590
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 25 Feb 2021 12:36:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://spl.zeotap.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b
access-control-allow-credentials: true
cf-ray: 627178ed5cd02c32-FRA
access-control-allow-headers: *
cf-request-id: 087ac9e85a00002c32d7bda000000001

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 9E32
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56c...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56c...

43 B
433 B

66ms
66ms

Image
image/gif

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361&dcc=t
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:30 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:30 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9E32
Redirect Chain

https://tags.bluekai.com/site/87734?id=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
257 B

26ms
26ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 627178eeaeab2c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9e92600002c32e1a63000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Thu, 25 Feb 2021 12:36:31 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 729
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 404 gif
im.thenewco.id/ Frame 9E32 0
180 B 7984ms
7883ms Image
image/gif 34.102.181.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.thenewco.id/gif?3puuid=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&3pid=3181cf1b-2b10-42bf-a085-d5d3264f1a06&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.181.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:38 GMT
via: 1.1 google
last-modified: Thu, 25 Feb 2021 12:36:38 GMT
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 9E32 557 B
604 B 30ms
29ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a21a77c1ead702c90e2958db1ffb090ba5701570822352fb73be03d8038a17c

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 627178eded9b2c32-FRA
date: Thu, 25 Feb 2021 12:36:31 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 087ac9e8b300002c32d28dd000000001

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B664 1 KB
864 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 25 Feb 2021 03:14:09 GMT
expires: Fri, 26 Feb 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 33739
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3D18 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0dce2ea47d7fbee138cb39f60654720ed0ec1f7d1a5257d7528852ebd29167e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3D18 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 335134
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 21 Feb 2022 15:30:54 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Awp5eKQtGBlc.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3D18 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Awp5eKQtGBlc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ec929650db582cf0a03e31fa53fb60de6b9ee26a9de97bba71b331d67d4d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 08:15:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:09 GMT
server: sffe
age: 102082
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8840
x-xss-protection: 0
expires: Thu, 24 Feb 2022 08:15:06 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLV154tzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3D18 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2450051accce49d05e42271d291ab239765c9088b041bb396344bd796e91ecdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 17:03:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:22 GMT
server: sffe
age: 156798
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14552
x-xss-protection: 0
expires: Wed, 23 Feb 2022 17:03:10 GMT

GET
H2 200 map Show response
ih.adscale.de/ Frame 871D 3 KB
3 KB 90ms
90ms Document
text/html 52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: a8f04d88e93d19f8618291b5db73e8e528d58969351facb19aa4debb7f9d6073

Request headers

:method: GET
:authority: ih.adscale.de
:scheme: https
:path: /map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uu=acedd7d794a14dab8f424710cd84f2bc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 2702
server: Apache-Coyote/1.1
set-cookie: tu=4#478598155#48~~448404~448404~1#101~~448404~448404~1#39~~448404~448404~1#40~~448404~448404~1#42~~448404~448404~1#75~~448404~448404~1#108~~448404~448404~1#63~~448404~448404~1; Max-Age=2592000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9E2C 0
239 B 1218ms
56ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2 200 dpixel
cms.quantserve.com/ Frame B664 35 B
462 B 14ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECNRNzYoHz6o9a1DnGk9leU&google_cver=1&google_push=AQvitUI1tNJAy-Qyh9BvqfPF8dDvaD6-XMGzA9I91L9-ZwSOwl-5PaLqe_8seQY4fFYMAMNnfInlOi49aSJfZMWK1LEAHohOCQ

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B664
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDhoGkiL2lCJp6f52sWsPUA&google_cver=1&google_push=AQvitULYCrnJS_fChnSFO98rXk6p1VLByPabu66dGu8wV8AiyCkf8m-kf4eHiS1UteV7HuisulrM--k2EbjxBQaLa-d7-GjiojM
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULYCrnJS_fChnSFO98rXk6p1VLByPabu66dGu8wV8AiyCkf8m-kf4eHiS1UteV7HuisulrM--k2EbjxBQaLa-d7-GjiojM&google_hm=8EKDqvsOyd8ij3heDoRUbg==

170 B
213 B

18ms
18ms

Image
image/png

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULYCrnJS_fChnSFO98rXk6p1VLByPabu66dGu8wV8AiyCkf8m-kf4eHiS1UteV7HuisulrM--k2EbjxBQaLa-d7-GjiojM&google_hm=8EKDqvsOyd8ij3heDoRUbg==

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:29 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULYCrnJS_fChnSFO98rXk6p1VLByPabu66dGu8wV8AiyCkf8m-kf4eHiS1UteV7HuisulrM--k2EbjxBQaLa-d7-GjiojM&google_hm=8EKDqvsOyd8ij3heDoRUbg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: bgm7l9f8ft2eivbjfg52qjlt9b1s6739

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B664
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T8eNTv3HQ3-u1mxTyQgQzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
213 B

18ms
17ms

Image
image/png

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T8eNTv3HQ3-u1mxTyQgQzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEsb3-VG7gUEmCvqva7-X9lKDPTpQE6u52uXodkm-KszQaHrJgssGF4G51Hcq-fY2Kph7sUbuBlM8XlKZ68WfUsBJwqQM

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T8eNTv3HQ3-u1mxTyQgQzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEsb3-VG7gUEmCvqva7-X9lKDPTpQE6u52uXodkm-KszQaHrJgssGF4G51Hcq-fY2Kph7sUbuBlM8XlKZ68WfUsBJwqQM
Date: Thu, 25 Feb 2021 12:36:30 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B664
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBFLnpFNnGInPnp5FHZU6x0&google_cver=1&google_push=AQvitUJIg3vE6gl223DxY2Sq20TB_FnZPJTXpPeI9qLVtevUkrQL7R_vd7xxaQYA-7d1UcPVZnX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLVU9ZS0MtNC0ySThW&google_push=AQvitUJIg3vE6gl223DxY2Sq20TB_FnZPJTXpPeI9qLVtevUkrQL7R_vd7xxaQYA-7d1UcPVZnXcKAU20_gbtAGH42C0UfTqQg

170 B
201 B

17ms
16ms

Image
image/png

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLVU9ZS0MtNC0ySThW&google_push=AQvitUJIg3vE6gl223DxY2Sq20TB_FnZPJTXpPeI9qLVtevUkrQL7R_vd7xxaQYA-7d1UcPVZnXcKAU20_gbtAGH42C0UfTqQg

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLVU9ZS0MtNC0ySThW&google_push=AQvitUJIg3vE6gl223DxY2Sq20TB_FnZPJTXpPeI9qLVtevUkrQL7R_vd7xxaQYA-7d1UcPVZnXcKAU20_gbtAGH42C0UfTqQg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B664
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1&google_push=AQvitUJ566xEGDLN0A1tF63a7kZTY4szqlLz7...

170 B
190 B

17ms
17ms

Image
image/png

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1&google_push=AQvitUJ566xEGDLN0A1tF63a7kZTY4szqlLz7gsFtLwPVK_d_Zi1SHkYu9QSPz3EWcMUf626NThGlwR-00d9LU3O4VJa92G06D4

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1&google_push=AQvitUJ566xEGDLN0A1tF63a7kZTY4szqlLz7gsFtLwPVK_d_Zi1SHkYu9QSPz3EWcMUf626NThGlwR-00d9LU3O4VJa92G06D4
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Thu, 25 Feb 2021 12:36:28 GMT

GET
H2 200 trk
ag.innovid.com/ Frame B664 43 B
296 B 61ms
19ms Image
image/gif 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHcycR8vgqcjn5WFo3keXJE&google_cver=1&google_push=AQvitUIkwV2NI5dWksXwPwNsWQBkz28XcbJDF-jEQhjF3kquj604uC-zOEu1oGrQTYdF3_NSIyr_LRGm1zO91LYuYKWs5yrLIC4
Requested by: Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B664
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBcLdTC2frzYCaXlPK4huns&google_cver=1&google_push=AQvitUL2kqfRo1Zb2bNwRcGv...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL2kqfRo1Zb2bNwRcGvqSx--vmBtobxqOH9kr0k9UhsUXuzvqQOWqKrOrLzdw3_UwiJ35yaZ-a9n0kiGzZ43Ur_jWoPFiyV&google_hm=
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL2kqfRo1Zb2bNwRcGvqSx--vmBtobxqOH9kr0k9UhsUXuzvqQOWqKrOrLzdw3_UwiJ35yaZ-a9n0kiGzZ43Ur_jWoPFiyV&google_hm=&google_tc=

170 B
213 B

16ms
16ms

Image
image/png

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL2kqfRo1Zb2bNwRcGvqSx--vmBtobxqOH9kr0k9UhsUXuzvqQOWqKrOrLzdw3_UwiJ35yaZ-a9n0kiGzZ43Ur_jWoPFiyV&google_hm=&google_tc=

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL2kqfRo1Zb2bNwRcGvqSx--vmBtobxqOH9kr0k9UhsUXuzvqQOWqKrOrLzdw3_UwiJ35yaZ-a9n0kiGzZ43Ur_jWoPFiyV&google_hm=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame B664 0
24 B 17ms
15ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDgv-mpO7T7YceAQUKOCpRUEZxxodAIEze4QGvypJw60e_X6pHSKzT00jfHtUNY9yJO0Tfng

Requested by

Host: 6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
URL: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6B20
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB&dcc=t

43 B
720 B

155ms
152ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB&dcc=t
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6B20 70 B
264 B 66ms
61ms Image
image/gif 54.228.21.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=70&gdpr=1&cm_user_id=YDeZzNkXpdFLRZHHF7PWxQAA&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.21.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 6B20
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1

43 B
315 B

86ms
58ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 25 Feb 2021 12:36:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECG1qzeuUWpbKIsDg4-wf2s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6B20
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDeZzNkXpdFLRZHHF7PWxQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDZDm0GN18K4IEBIi0E3hTs&google_cver=1

43 B
1 KB

132ms
65ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDZDm0GN18K4IEBIi0E3hTs&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 12:36:29 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDZDm0GN18K4IEBIi0E3hTs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame 6B20 0
215 B 166ms
54ms Image
text/plain 51.178.20.139
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS: proxy0393.eu3.dynfactory.com
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK 113
match.deepintent.com/usersync/ Frame 6B20 0
124 B 3429ms
135ms Image
text/plain 3.220.190.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.220.190.7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6B20
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-33bbb1de-a6c4-43bd-9ff1-e5fa073926ee

43 B
1014 B

233ms
62ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-33bbb1de-a6c4-43bd-9ff1-e5fa073926ee
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 12:36:28 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-33bbb1de-a6c4-43bd-9ff1-e5fa073926ee
date: Thu, 25 Feb 2021 12:36:28 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6B20
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YDeZzAAAAGsoRjoG
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YDeZzAAAAGsoRjoG&gdpr=1&_test=YDeZzAAAAGsoRjoG

43 B
992 B

148ms
64ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YDeZzAAAAGsoRjoG&gdpr=1&_test=YDeZzAAAAGsoRjoG
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 12:36:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614256589.839572,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YDeZzAAAAGsoRjoG&gdpr=1&_test=YDeZzAAAAGsoRjoG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 um
u-ams02.e-planning.net/ Frame 6B20 42 B
103 B 51ms
48ms Image
image/gif 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=4f358596ee8e6644&uid=YDeZzNkXpdFLRZHHF7PWxQAA%261102
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4f358596ee8e6644%26uid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
server: openresty
content-type: image/gif

GET
H/1.1 200
OK match.js Show response
js.adscale.de/ Frame 871D 4 KB
2 KB 1176ms
51ms Script
application/javascript 104.111.237.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: jqQ5DfzzPZ7eATsO70.AzMNBSP0_9FJQ
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 16:38:21 GMT
Server: AmazonS3
x-amz-request-id: 6C138826AD15CFF4
ETag: "b75124846aec28a28b7a3441813682d5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Date: Thu, 25 Feb 2021 12:36:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1700
x-amz-id-2: Zd/XNhrw7KBGCn1xWpgU67lfdj0dL7ukCGWCwmsMK8dMJpCDa+Rfp+S8Fe5U7RFrOsBccDDS6Ig=

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9E2C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YDeZzAAAAFfGaCrK
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDeZzAAAAFfGaCrK&_test=YDeZzAAAAFfGaCrK

0
239 B

56ms
55ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDeZzAAAAFfGaCrK&_test=YDeZzAAAAFfGaCrK
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614256589.805704,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YDeZzAAAAFfGaCrK&_test=YDeZzAAAAFfGaCrK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9E2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJVaIC6T6YLzwXnW8yRumOE&google_cver=1

0
239 B

56ms
56ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJVaIC6T6YLzwXnW8yRumOE&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJVaIC6T6YLzwXnW8yRumOE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9E2C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa

0
239 B

52ms
51ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Date: Thu, 25 Feb 2021 12:36:01 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 25 Feb 2021 12:36:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 9E2C
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLKUOYKC-4-2I8V&sigv=1&esig=2~85fa4b6e1837dfa4cbe7f0df3614217009f61456

0
292 B

8ms
8ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLKUOYKC-4-2I8V&sigv=1&esig=2~85fa4b6e1837dfa4cbe7f0df3614217009f61456

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:28 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLKUOYKC-4-2I8V&sigv=1&esig=2~85fa4b6e1837dfa4cbe7f0df3614217009f61456
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9E2C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLVU9ZS0MtNC0ySThW

170 B
190 B

18ms
18ms

Image
image/png

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLVU9ZS0MtNC0ySThW

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLVU9ZS0MtNC0ySThW
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 9E2C 70 B
264 B 64ms
61ms Image
image/gif 54.228.21.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.21.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9E2C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDI1YTE3ZmIxNTIxY2Q3MmYzYzc2ZmU1NzdhYjJiMzBjOWQ2ZGU1Yg

170 B
190 B

17ms
16ms

Image
image/png

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDI1YTE3ZmIxNTIxY2Q3MmYzYzc2ZmU1NzdhYjJiMzBjOWQ2ZGU1Yg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDI1YTE3ZmIxNTIxY2Q3MmYzYzc2ZmU1NzdhYjJiMzBjOWQ2ZGU1Yg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9E2C
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/fInCcACfSucG7-0E8o0aeQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4180116159284779757

0
239 B

58ms
57ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4180116159284779757
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Thu, 25 Feb 2021 12:36:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4180116159284779757
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
199 B 73ms
24ms XHR
text/plain 2a0c:5c81:5052::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/448404/wrapper_hb_313501_8344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5052::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.5.ua
Date: Thu, 25 Feb 2021 12:36:28 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B009 42 B
503 B 47ms
46ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcSaLxIxyVpZ6iSNwm92Mw8gvIhSAmYi4GZvmr6BBkrqf5GPE-a1BiEfrwLrzy8OCYUXATaAFbHJ1YfF3RbWoW24rvI10huq6LPxfYRdQe_42CbQTiz17OkZB5ug&sai=AMfl-YQx_DJ-Ftvv0co6w30oBWtbng1MdUh9kT603mAUb775Hp8EEt_3AZrAXqRxzbEoQn7ukDdKgs8VTRAk06gOSWCriknNNj7r88YYRyCgP0_tZ96rC83DPOpJRMiUHmOO&sig=Cg0ArKJSzOBLoyxMcNVdEAE&cid=CAASPeRoT6lYTmHeDxSlBeEWVF0fv-kPeLiV1BoaPsBkEAvJ38PdF-SmaV19aDw_2Kg-8XDdjzLBQUVwPSZQaYo&id=ampim&o=436,137&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=259&tls=1259&g=100&h=100&tt=1259&r=v&avms=ampa&adk=3278753738

Requested by

Host: www.5.ua
URL: https://www.5.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 83ms
40ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 26 Feb 2021 12:36:29 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 66ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 26 Feb 2021 12:36:29 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D18 42 B
725 B 80ms
65ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwV9lknu2elC-PzqDo-19FiTTyJueG_lq9eddC7XT3HvWaAQeYOShZH7R3YOCelVoFahz4ndb58wnlXFUko7mZCwOh1fN9ZzTEjt1caWY9JHG75vRf0V4rf-tfcA&sai=AMfl-YQsFQD1t5d6hbz2Vcpue3wwx7NCmwP2Y7ONJIW8MinTi3llrUP5KNaisa78qVz2Y7s0782PfiAIbuiVIqGu69kfnQ7OzzCKef-rfkfPQmMhZeWnEZ0PYhWQD1it&sig=Cg0ArKJSzGu0pWnBS8udEAE&cid=CAASF-RoCLNZ8Jq5vqp5U1H5PHYItMaAEDI9&id=osdim&mcvt=1011&p=529,1070,779,1370&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20210224&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2279244755&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614256588156&dlt=75&rpt=355&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2_313501_8344.json Show response
player.adtelligent.com/prebidlink/2690427/ 119 KB
7 KB 48ms
47ms XHR
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/2690427/v2_313501_8344.json?cb=www.5.ua
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/448404/wrapper_hb_313501_8344.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: da96ded92729c45c556ac8c25bfc93f5ba3b66eefb2924fb7c4931b53191e156

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:29 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 11:21:25 GMT
server: nginx
etag: W/"603636b5-1ddd7"
content-type: application/json
access-control-allow-origin: https://www.5.ua
expires: Thu, 25 Feb 2021 13:36:29 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2

200

img
ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/ Frame 871D
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=acedd7d794a14dab8f424710cd84f2bc&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=101&tpuid=BBID-01-02889705899544728-16219800

49 B
484 B

244ms
243ms

Image
image/gif

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=101&tpuid=BBID-01-02889705899544728-16219800
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

Redirect headers

Date: Thu, 25 Feb 2021 12:36:29 GMT
Server: nginx
Transfer-Encoding: chunked
p3p: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location: https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=101&tpuid=BBID-01-02889705899544728-16219800
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 871D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=8e546932722862d0e41e674...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=

49 B
507 B

108ms
107ms

Image
image/gif

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

Redirect headers

Date: Thu, 25 Feb 2021 12:36:03 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 25 Feb 2021 12:36:02 GMT

GET
H2

200

img
ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/ Frame 871D
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fcb1515fb489%2F1614256588586%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=75&tpuid=3918247862574724850&gdpr=0

49 B
517 B

58ms
58ms

Image
image/gif

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=75&tpuid=3918247862574724850&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:30 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 833.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.150:80
AN-X-Request-Uuid: a44758da-c201-415a-add9-d5424c6414d9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=75&tpuid=3918247862574724850&gdpr=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 871D
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=3b1912d2b76d1b24d41cbcb06...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YDeZzNkXpdFLRZHHF7PWxQAA%261102

49 B
537 B

56ms
56ms

Image
image/gif

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YDeZzNkXpdFLRZHHF7PWxQAA%261102
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:30 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YDeZzNkXpdFLRZHHF7PWxQAA%261102
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 299
Expires: Thu, 25 Feb 2021 12:36:30 GMT

GET
H2

200

img
ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/ Frame 871D
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=b47ed5383da6a756178a6a3cce075047399785c7394771a27588ca7950ac83c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75ab00fc...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=b47ed5383da6a756178a6a3cce075047399785c7394771a27588ca7950ac83c8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c75a...
https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=42&gdpr=0&tpuid=3377596905015690280

49 B
546 B

77ms
77ms

Image
image/gif

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=42&gdpr=0&tpuid=3377596905015690280
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:30 GMT
server: nginx
location: https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/img?tpid=42&gdpr=0&tpuid=3377596905015690280
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 871D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=aa68762f-8f5e-4fd7-9e2f-15c56e4c5b75

49 B
569 B

63ms
62ms

Image
image/gif

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=aa68762f-8f5e-4fd7-9e2f-15c56e4c5b75
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Thu, 25 Feb 2021 12:36:30 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=aa68762f-8f5e-4fd7-9e2f-15c56e4c5b75
cache-control: no-cache
server-processing-duration-in-ticks: 3176
content-type: text/html; charset=utf-8
content-length: 237
expires: Thu, 25 Feb 2021 00:00:00 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame 9E32 0
0 24ms
24ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b&reqId=45cd0f2c-d93b-4192-5a1a-0b965631de1f&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=81e68f56-ca1b-4e5d-56ca-a98f1f11f57b; zsc=%9595%0Ad%E69%C1zH%0E%1F%BF%0C6%BF%C1Bn1%03%F7%F3a.%CF%60%E4%BB%DA%9A1%827%F0%B7%ED%19%DF%12%E8%23%CF%CA%8C7%D5+V%A9e%D5%3ATm%FC%FC%D5%C6%04%28%E8%FC%8D%DD%02%D1sU%23%F2%C8Q%5C%97%C2x%0B%8F%1B%91%16%0Ca%891%3F%1D%AAg%1C%CA%9F%5B%1Ao%E6%EDv%04%A9w%11%DCX%FE%40%85%E4nQ%96%7C%FEV%F4%FB4%E4m%F3%07%8DQ%F1%82%0EcH%A7%22V%A0%E2%D7%CDa7%0Bl%EF%FF%FA%F9%A9%F7%1A%16%3E%90q%88WyY%0A%D3%F5%CE%1F%5Ew%90%B7%3C%25%D4%F5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
set-cookie: __cfduid=d0c310e55e9696529ddcbdae25bdee75c1614256591; expires=Sat, 27-Mar-21 12:36:31 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 087ac9e8d600002c32de2eb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 627178ee2dfb2c32-FRA

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/15238/ Frame 2B79 38 KB
11 KB 200ms
69ms Script
application/json 65.9.20.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.51 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 22:27:28 GMT
content-encoding: gzip
etag: W/"2b2f816f40499d384e118ce88a266e02"
last-modified: Thu, 02 Jul 2020 15:35:12 GMT
server: AmazonS3
age: 50944
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 6fdf2ccc380f11286f9756c9578f26c6.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: im3rscIW9wyVQ2dxifnFpdU86myDPnDpe8gnwPFsDNG0L-KeBfJabQ==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 4F32 636 B
577 B 61ms
61ms Document
text/html 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method: GET
:authority: s.e-planning.net
:scheme: https
:path: /esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=APImJsRJ72S1ip4Z
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Response headers

server: openresty
date: Thu, 25 Feb 2021 12:36:30 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Tue, 24 Feb 2026 12:36:30 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 e-planning Show response
sync.quantumdex.io/usersync/ Frame 108B 2 KB
1 KB 146ms
126ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/e-planning
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87cd45a8f63e4c4b829bd8159053e74eca1763705c8f94573cc16683562face9

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/e-planning
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
content-type: text/html
set-cookie: __cfduid=d3865c6d05e406cde773c0f10cee717aa1614256591; expires=Sat, 27-Mar-21 12:36:31 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=67fb8025-9678-43f3-86b1-68e222c4f5a2; expires=Wed, 17 Mar 2021 11:36:31 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 087ac9e8f4000006051eb44000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Ug8TTg0PE8Uw%2Fu9wECVIwAvM9mk2iT7K3n6ZZ65ZchljKjMWFLfulg%2FSPhq79GzDnksJoknmmEdJxYAFR2FTdS4hJua1O3aXPU5jtvjJ3kEP8Xt9vUnkDv4OsCNFBU%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 627178ee587e0605-FRA
content-encoding: br

GET
H/1.1 200
OK Cookie set csync Show response
sync.console.adtarget.com.tr/ Frame 3F73 86 B
543 B 391ms
390ms Document
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=APImJsRJ72S1ip4Z
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.console.adtarget.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: a307080=2HiMb2pqxSRedxN1AWtb; a306709=av-84fbd69e-e733-439b-9364-39d7e37491a7; vmuid=bffe69d0d50bb266; a307565=acedd7d794a14dab8f424710cd84f2bc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Response headers

Server: VertaMedia 1.0
Date: Thu, 25 Feb 2021 12:36:31 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=bffe69d0d50bb266; expires=Wed, 28 Apr 2021 12:36:31 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=APImJsRJ72S1ip4Z; expires=Wed, 28 Apr 2021 12:36:31 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

GET
H2 200 GS.d Show response
js.cookieless-data.com/ Frame 4F32 4 KB
2 KB 1179ms
58ms Script
text/javascript 212.83.160.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.console.adtarget.com.tr%252Fcsync%253Ft%253Da%2526ep%253D307442%2526extuid%253D%2524UID&s=&rand=1614256591137

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.83.160.162 , France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

68e8598169e5d1567c50a900e5d6aa045f84009bb6eabc99fbacfb20ccebcb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:32 GMT
content-encoding: gzip
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-type: text/javascript
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 108B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3918247862574724850

43 B
324 B

125ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3918247862574724850
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/usersync/e-planning
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ORBlFwbJU6CP2J9myJstzcaPhyNAZY9CZGTqF7GmOM5QGErhrbJwJkX7oZOQMQShsEfFvhmYSblbf%2BrM2xKT1wE1ytIx0cJhrG3DiY0MbT1xiElVz2FCSrMqz6T6Mug%3D"}],"max_age":604800}
content-type: image/gif
cf-ray: 627178f03c2a0605-FRA
content-length: 43
cf-request-id: 087ac9ea2000000605188fb000000001

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:31 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid: 61317e4e-f6e6-407f-966b-627e0a4acc34
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3918247862574724850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 108B 0
474 B 1185ms
55ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/usersync/e-planning
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:32 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 108B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-EvbVqJd1l2buZJ64pHnCzgBfX1x7fFOEi3.0j0U-

43 B
442 B

126ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-EvbVqJd1l2buZJ64pHnCzgBfX1x7fFOEi3.0j0U-
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/usersync/e-planning
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uPZI2fCLXRPAXJCBRjIXJ%2FsLcZtrFjE8S0F0PiOCBe9ShtuKSNCc5ahm9ixy23uqPVAEfEN1TWXS6gzQzwEOnYKm7ybWoCwZlEejKCkadbZDfJExfjKOb5mFj9c5lOM%3D"}],"max_age":604800}
content-type: image/gif
cf-ray: 627178ef8b0c0605-FRA
content-length: 43
cf-request-id: 087ac9e9b5000006057a87f000000001

Redirect headers

Date: Thu, 25 Feb 2021 12:36:31 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-EvbVqJd1l2buZJ64pHnCzgBfX1x7fFOEi3.0j0U-
Connection: keep-alive
Content-Length: 0

GET
H2 200 um
sync.e-planning.net/ Frame 108B 42 B
103 B 55ms
52ms Image
image/gif 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=67fb8025-9678-43f3-86b1-68e222c4f5a2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://sync.quantumdex.io/usersync/e-planning
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
server: openresty
content-type: image/gif

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame A58C 2 KB
3 KB 66ms
66ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e011c88d4996ef7d4901bf35dafe31fdcf47a674e85d1ff3bafef1e6725b4d6

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/usersync/e-planning
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YDeZzNkXpdFLRZHHF7PWxQAA; CMPS=1155; CMPRO=1102; CMRUM3=c3603799cc05a00&e6603799cc27600&f1603799cc05a00&c4603799cc05a0&27603799cc0b40&2d603799cd2760CAESEDZDm0GN18K4IEBIi0E3hTs&58603799cc05a0&b0603799cc05a00; CMST=YDeZzGA3mc4A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/e-planning

Response headers

Server: Apache
Content-Type: text/html
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1600
Expires: Thu, 25 Feb 2021 12:36:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:31 GMT
Connection: keep-alive
Set-Cookie: CMID=YDeZzNkXpdFLRZHHF7PWxQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 25 Feb 2022 12:36:31 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 26 May 2021 12:36:31 GMT CMPRO=1102;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 26 May 2021 12:36:31 GMT CMST=YDeZzGA3mc8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 26 Feb 2021 12:36:31 GMT CMRUM3=e6603799cc27600&c4603799cc05a0&82603799cfa8c0&2d603799cd2760CAESEDZDm0GN18K4IEBIi0E3hTs&2e603799cf05a0&58603799cc05a0&b0603799cc05a00&c3603799cc05a00&f1603799cc05a00&29603799cf05a00&1f603799cf05a00&27603799cc0b40&ce603799cf05a00&5a603799cf05a0&0d603799cf05a0&49603799cf05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 25 Feb 2022 12:36:31 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 7F93 43 B
555 B 1172ms
53ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/usersync/e-planning
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/e-planning

Response headers

Date: Thu, 25 Feb 2021 12:36:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YDeZ0; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7105 2 KB
818 B 1161ms
48ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/usersync/e-planning
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/e-planning

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 d
ic.tynt.com/r/ Frame 8EF5 0
0 148ms
147ms Document
text/plain 208.100.17.185
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.185 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip185.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/usersync/e-planning
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sync.quantumdex.io/usersync/e-planning

Response headers

server: nginx/1.16.1
date: Thu, 25 Feb 2021 12:36:31 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 871D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=b7fab51e136842257177c12d...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=

49 B
589 B

156ms
155ms

Image
image/gif

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

Redirect headers

Date: Thu, 25 Feb 2021 12:36:04 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 25 Feb 2021 12:36:03 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A58C
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3918247862574724850

43 B
1 KB

78ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3918247862574724850
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 12:36:32 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:32 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid: a713d4d2-c4e9-4451-af22-b95cb4db1706
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3918247862574724850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A58C 43 B
718 B 37ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A58C
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB
https://pr-bh.ybp.yahoo.com/sync/casale/YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB

43 B
88 B

36ms
36ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 25 Feb 2021 12:36:31 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://pr-bh.ybp.yahoo.com/sync/casale/YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A58C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJKiE7AbzQAABH68Xwcaw&expiration=1615466191

43 B
1 KB

87ms
60ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJKiE7AbzQAABH68Xwcaw&expiration=1615466191
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 12:36:31 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJKiE7AbzQAABH68Xwcaw&expiration=1615466191
Date: Thu, 25 Feb 2021 12:36:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame A58C 43 B
408 B 200ms
61ms Image
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:31 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-2
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A58C
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05ec2203030cbb8396b9be93&expiration=[EXPIRATION]

43 B
1 KB

246ms
67ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05ec2203030cbb8396b9be93&expiration=[EXPIRATION]
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 12:36:31 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=05ec2203030cbb8396b9be93&expiration=[EXPIRATION]
Date: Thu, 25 Feb 2021 12:36:31 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A58C
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=927E346584BA4DBAA3813AB521EB4615&gdpr=1

43 B
1 KB

205ms
71ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=927E346584BA4DBAA3813AB521EB4615&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 12:36:31 GMT

Redirect headers

date: Thu, 25 Feb 2021 12:36:31 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=927E346584BA4DBAA3813AB521EB4615&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 24 Feb 2021 12:36:31 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame A58C
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6675429921038683174&uid=Q6675429921038683174&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

50ms
50ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:32 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 25 Feb 2021 12:36:32 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame A58C 43 B
431 B 128ms
126ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YDeZzNkXpdFLRZHHF7PWxQAABE4AAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zNrr2qT9l5VGRQGEt4HBf4FDXqfzy42epBRFfNEv6SrnP%2F9OSg38q6iQ1tU%2FYh4St5gw4fEWhVOr9Lrp9PQADaZi6RZ0O0OQ3Fpn76vyUstGRcDgflu8nfzbicY5DpU%3D"}],"max_age":604800}
content-type: image/gif
cf-ray: 627178efab390605-FRA
content-length: 43
cf-request-id: 087ac9e9c800000605813c6000000001

GET
H2

200

js Show response
ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/ Frame 871D
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=dab46ee5e468b9c591e66557d8a6d3fedd7ccf79249d5d4af38ed1464d2274a5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=dab46ee5e468b9c591e66557d8a6d3fedd7ccf79249d5d4af38ed1464d2274a5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8782c188dc624c...
https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/js?tpid=48&tpuid=d2c1de05dcf1cd6e2feed68bca1f7e05

44 B
606 B

58ms
57ms

Script
text/javascript

52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/js?tpid=48&tpuid=d2c1de05dcf1cd6e2feed68bca1f7e05
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b0bf26d8ab1166de58af276d94d13a90d2e64edc8b419697482ad78436f36109

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
server: Apache-Coyote/1.1
content-type: text/javascript
content-length: 44
p3p: CP=NOI PSA OUR

Redirect headers

Location: https://ih.adscale.de/sium/8782c188dc624c75ab00fcb1515fb489/1614256588586/0/js?tpid=48&tpuid=d2c1de05dcf1cd6e2feed68bca1f7e05
Date: Thu, 25 Feb 2021 12:36:31 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 147
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 sium Show response
ih.adscale.de/ Frame 871D 0
210 B 60ms
60ms XHR
application/json 52.58.54.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.54.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-54-57.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2Fsync.html&gdpr=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Feb 2021 12:36:31 GMT
server: Apache-Coyote/1.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://ih.adscale.de
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0

GET
H2 200 get-consent Show response
sddan.mgr.consensu.org/api/v1/public/ Frame 4F32 0
109 B 170ms
58ms Script
text/plain 51.158.29.13
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://sddan.mgr.consensu.org/api/v1/public/get-consent?redirect=https%3A%2F%2Fjs.cookieless-data.com%2FGS.d%3Fpa%3D24492%26r%3Dhttps%253A%252F%252Fads.us.e-planning.net%252Fuspd%252F1%252F%253Fct%253D1%2526du%253Dhttps%25253A%25252F%25252Fsync.console.adtarget.com.tr%25252Fcsync%25253Ft%25253Da%252526ep%25253D307442%252526extuid%25253D%252524UID%26rand%3D1614256591137%26s%3D%26si%3D1%26u%3Dhttps%253A%252F%252Fs.e-planning.net%252Fesb%252F4%252F0%252F1992d%252Fbb6e7a161f794f56%252Fsirdata_03022021.html&vendor_ids=53,916&user_id=NTgxYWMyMzgyM2I5MmY1NDA1ZjhiZGQw4zEI52FrIl3d9OazKW4h2Vq0DF%2B6dvT1CIGwfzWOrgBMdDhnZsx%2FaOcvQsBWewqx3fzgmnFfYACh

Requested by

Host: js.cookieless-data.com
URL: https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.console.adtarget.com.tr%252Fcsync%253Ft%253Da%2526ep%253D307442%2526extuid%253D%2524UID&s=&rand=1614256591137

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:32 GMT
server: nginx/1.11.3
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains; preload

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2E46 37 KB
14 KB 172ms
74ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=4FC78D4E-FDC7-437F-AED6-6C53C90810CF; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=88668
Expires: Fri, 26 Feb 2021 13:14:20 GMT
Date: Thu, 25 Feb 2021 12:36:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2E46 8 KB
9 KB 163ms
55ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a947ddfeca46456b6cfa1f8277d46f3f9a0137f47fe850570864c9062d987d07

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:31 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame F9E5
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

42 B
506 B

131ms
62ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=4FC78D4E-FDC7-437F-AED6-6C53C90810CF; pi=156631:4; chkChromeAb67Sec=1; DPSync3=1615420800%3A201_227_226_221; SyncRTB3=1615420800%3A3_166_55_204_176_56_21_223_161_8_54_165_189_78_71_99_222_22_81_88_13_7_5_220%7C1616803200%3A203%7C1614816000%3A67_2_15%7C1615075200%3A63%7C1615507200%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Thu, 25 Feb 2021 12:36:33 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:33 GMT; path=/
X-lat: lhrpug006:0:2591
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: Thu, 25 Feb 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3834
date: Thu, 25 Feb 2021 12:36:32 GMT
content-length: 205

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame FB29 35 B
134 B 54ms
53ms Document
image/gif 213.155.156.180
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.180 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS: 213-155-156-180.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

503
Service Unavailable

redir Show response
rtb-csync.smartadserver.com/ Frame A447
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKS2lFN0FielFBQUJINjhYd2Nhdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJKiE7AbzQAABH68Xwcaw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJKiE7AbzQAABH68Xwcaw&pid=558502&do=add
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJKiE7AbzQAABH68Xwcaw&pid=558502&do=add&_bee_ppp=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeoU7AbzQAABADGLyooA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

107 B
233 B

171ms
57ms

Document
text/html

185.86.138.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeoU7AbzQAABADGLyooA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 839488ebc08446a096a893996ed23eac321ac166724cd8c5d9092057834d2d79

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

content-length: 107
cache-control: no-cache
content-type: text/html
connection: close

Redirect headers

Date: Thu, 25 Feb 2021 12:36:33 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeoU7AbzQAABADGLyooA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server: nginx
set-cookie: bito=AAFeoU7AbzQAABADGLyooA; Domain=bidr.io; expires=Sun, 27 Mar 2022 07:36:33 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Sun, 27 Mar 2022 07:36:33 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame C653
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933179261414340756

42 B
771 B

92ms
64ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933179261414340756
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=4FC78D4E-FDC7-437F-AED6-6C53C90810CF; pi=156631:4; chkChromeAb67Sec=1; DPSync3=1615420800%3A201_227_226_221; SyncRTB3=1615420800%3A3_166_55_204_176_56_21_223_161_8_54_165_189_78_71_99_222_22_81_88_13_7_5_220%7C1616803200%3A203%7C1614816000%3A67_2_15%7C1615075200%3A63%7C1615507200%3A35; PUBMDCID=3; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; PugT=1614256592
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Thu, 25 Feb 2021 12:36:33 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6933179261414340756; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 27-Mar-2021 12:36:33 GMT; path=/ PugT=1614256593; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 27-Mar-2021 12:36:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:33 GMT; path=/
X-lat: lhrpug018:0:620
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 25 Feb 2021 12:36:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6933179261414340756; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6933179261414340756

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame E6D6
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=t4XFz3rRYvAfohvTORYdWYGU

42 B
811 B

1069ms
60ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=t4XFz3rRYvAfohvTORYdWYGU
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=4FC78D4E-FDC7-437F-AED6-6C53C90810CF; pi=156631:4; chkChromeAb67Sec=1; DPSync3=1615420800%3A201_227_226_221; SyncRTB3=1615420800%3A3_166_55_204_176_56_21_223_161_8_54_165_189_78_71_99_222_22_81_88_13_7_5_220%7C1616803200%3A203%7C1614816000%3A67_2_15%7C1615075200%3A63%7C1615507200%3A35; PUBMDCID=3; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; PugT=1614256592
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Thu, 25 Feb 2021 12:36:34 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-t4XFz3rRYvAfohvTORYdWYGU&KRTB&23212-t4XFz3rRYvAfohvTORYdWYGU; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 27-Mar-2021 12:36:34 GMT; path=/ PugT=1614256594; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 27-Mar-2021 12:36:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:34 GMT; path=/
X-lat: lhrpug018:0:492
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Thu, 25 Feb 2021 12:36:33 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=t4XFz3rRYvAfohvTORYdWYGU; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=t4XFz3rRYvAfohvTORYdWYGU
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 685D
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

42 B
979 B

76ms
60ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=4FC78D4E-FDC7-437F-AED6-6C53C90810CF; pi=156631:4; chkChromeAb67Sec=1; DPSync3=1615420800%3A201_227_226_221; SyncRTB3=1615420800%3A3_166_55_204_176_56_21_223_161_8_54_165_189_78_71_99_222_22_81_88_13_7_5_220%7C1616803200%3A203%7C1614816000%3A67_2_15%7C1615075200%3A63%7C1615507200%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Thu, 25 Feb 2021 12:36:32 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:32 GMT; path=/ PugT=1614256592; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 27-Mar-2021 12:36:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:32 GMT; path=/
X-lat: Pug23040:0:307
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

Server: Tengine
Date: Thu, 25 Feb 2021 12:36:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
ETag: OPTOUT

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame A0C0 43 B
408 B 195ms
65ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Thu, 25 Feb 2021 12:36:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 65AE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
441 B

172ms
170ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aWnoeUujieUo7YxS4pBsN22aE41U6sKpQBHZaZaMMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date: Thu, 25 Feb 2021 12:36:33 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d979752f08acae1efb8a77d852ea4e2961614256593; expires=Sat, 27-Mar-21 12:36:33 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=adnseFuyTYFBErv6Yb8knGeRnHIpw6PZafhxaxcHF9L3t36UD2oPcHgEqPN7AGCkZb1QD4vgVlZb4O5XJuUPp7a; path=/; domain=.tribalfusion.com; expires=Wed, 26-May-2021 12:36:33 GMT; SameSite=None; Secure; ANON_ID_old=adnseFuyTYFBErv6Yb8knGeRnHIpw6PZafhxaxcHF9L3t36UD2oPcHgEqPN7AGCkZb1QD4vgVlZb4O5XJuUPp7a; path=/; domain=.tribalfusion.com; expires=Wed, 26-May-2021 12:36:33 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 087ac9f11b00004ac2fe16f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 627178fb5b4c4ac2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 25 Feb 2021 12:36:33 GMT
content-type: text/html
set-cookie: __cfduid=d979752f08acae1efb8a77d852ea4e2961614256593; expires=Sat, 27-Mar-21 12:36:33 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aWnoeUujieUo7YxS4pBsN22aE41U6sKpQBHZaZaMMQ; path=/; domain=.tribalfusion.com; expires=Wed, 26-May-2021 12:36:33 GMT; SameSite=None; Secure; ANON_ID_old=aWnoeUujieUo7YxS4pBsN22aE41U6sKpQBHZaZaMMQ; path=/; domain=.tribalfusion.com; expires=Wed, 26-May-2021 12:36:33 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 1147
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 087ac9f07300004ac233ad1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 627178fa59264ac2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4537
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=3NmKqcP2z27R&pid=557219

1 B
667 B

64ms
63ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=3NmKqcP2z27R&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_22=14911-7783561373678775756; PugT=1614256593; PUBMDCID=3; KRTBCOOKIE_218=22978-YDeZzAAAAGsoRjoG&KRTB&23194-YDeZzAAAAGsoRjoG&KRTB&23209-YDeZzAAAAGsoRjoG&KRTB&23244-YDeZzAAAAGsoRjoG
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Date: Thu, 25 Feb 2021 12:36:31 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:31 GMT; path=/
X-lat: Pug23045:0:236
Content-Length: 1
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: text/html; charset=utf-8

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-75d6d6d469-jnprz
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=3NmKqcP2z27R&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=fd23d95a500b9321; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 885A
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d75983e5-27a2-4cc0-8804-1ce9ed1a24a8-tuct7311f51&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

54ms
54ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d75983e5-27a2-4cc0-8804-1ce9ed1a24a8-tuct7311f51&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d75983e5-27a2-4cc0-8804-1ce9ed1a24a8-tuct7311f51&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=d75983e5-27a2-4cc0-8804-1ce9ed1a24a8-tuct7311f51
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server: nginx
accept-ranges: bytes
date: Thu, 25 Feb 2021 12:36:33 GMT
via: 1.1 varnish
x-served-by: cache-hhn11572-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1614256593.137131,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=d75983e5-27a2-4cc0-8804-1ce9ed1a24a8-tuct7311f51;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 25-Feb-2022 12:36:33 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d75983e5-27a2-4cc0-8804-1ce9ed1a24a8-tuct7311f51&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Thu, 25 Feb 2021 12:36:33 GMT
via: 1.1 varnish
x-served-by: cache-hhn11572-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1614256593.017078,VS0,VE66
x-vcl-time-ms: 66
content-length: 0

GET
H2

200

receive Show response
pixel.tapad.com/idsync/ex/ Frame EBB7
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

95 B
154 B

50ms
50ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1614256588463; TapAd_DID=14d253f3-7766-11eb-838a-02afc4d0ec4c; TapAd_3WAY_SYNCS=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

date: Thu, 25 Feb 2021 12:36:33 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

Server: nginx
Date: Thu, 25 Feb 2021 12:36:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:33 GMT; path=/
X-lat: lhrpug001:0:451
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3132
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:eLIyDnRD1LffSG5&gdpr=0&gdpr_consent=

42 B
769 B

64ms
63ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:eLIyDnRD1LffSG5&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31155389&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_22=14911-7783561373678775756; PUBMDCID=3; KRTBCOOKIE_218=22978-YDeZzAAAAGsoRjoG&KRTB&23194-YDeZzAAAAGsoRjoG&KRTB&23209-YDeZzAAAAGsoRjoG&KRTB&23244-YDeZzAAAAGsoRjoG; KRTBCOOKIE_409=22966-t4XFz3rRYvAfohvTORYdWYGU&KRTB&23212-t4XFz3rRYvAfohvTORYdWYGU; KRTBCOOKIE_80=16514-CAESEOf6gPpeh-Qq2_sPLO52ufY&KRTB&22987-CAESEOf6gPpeh-Qq2_sPLO52ufY&KRTB&23025-CAESEOf6gPpeh-Qq2_sPLO52ufY; KRTBCOOKIE_153=19420-VI9h-VuGMa1PhzOvBI9_rweNZqtPj2r6U4l_-Tes&KRTB&22979-VI9h-VuGMa1PhzOvBI9_rweNZqtPj2r6U4l_-Tes; PugT=1614256593
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server: nginx
Date: Thu, 25 Feb 2021 12:36:34 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_107=1471-uid:eLIyDnRD1LffSG5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:34 GMT; path=/ PugT=1614256594; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 27-Mar-2021 12:36:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 12:36:34 GMT; path=/
X-lat: lhrpug011:0:488
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Thu, 25 Feb 2021 12:36:33 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:eLIyDnRD1LffSG5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=eLIyDnRD1LffSG5; Domain=.w55c.net; Expires=Fri, 25-Mar-2022 12:36:34 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 27-Mar-2021 12:36:34 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H2 200 um Show response
u-ams02.e-planning.net/ Frame 12E4 42 B
103 B 53ms
48ms Document
image/gif 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=4f358596ee8e6644&uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: u-ams02.e-planning.net
:scheme: https
:path: /um?dc=a208d9366469aa64&fi=4f358596ee8e6644&uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=APImJsRJ72S1ip4Z
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

server: openresty
date: Thu, 25 Feb 2021 12:36:33 GMT
content-type: image/gif

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=T8eNTv3HQ3-u1mxTyQgQzw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

661ms
56ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=88091
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Fri, 26 Feb 2021 13:04:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 2E46 95 B
325 B 28ms
24ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 627178fa4eb62c32-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 087ac9f06800002c3234856000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 2E46
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

627ms
626ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:32 GMT
frontend-id: 9
location: /pubmatic/1/info2?sType=sync&sExtCookieId=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&addseg=21

7 B
147 B

164ms
57ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&addseg=21
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:33 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Thu, 25 Feb 2021 12:36:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&addseg=21
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEZDNzhENEUtRkRDNy00MzdGLUFFRDYtNkM1M0M5MDgxMENG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

1199ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:34 GMT
X-lat: lhrpug009:0:578
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOf6gPpeh-Qq2_sPLO52ufY&google_cver=1

42 B
1 KB

1260ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOf6gPpeh-Qq2_sPLO52ufY&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:32 GMT
X-lat: Pug23050:0:288
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOf6gPpeh-Qq2_sPLO52ufY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2E46 43 B
409 B 59ms
54ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 24 Feb 2021 12:36:33 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3377596905015690280

42 B
770 B

179ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3377596905015690280
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:33 GMT
X-lat: lhrpug007:0:531
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3377596905015690280
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8224c548-a9e8-4783-acf6-a3f2c17224e0

42 B
1 KB

231ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8224c548-a9e8-4783-acf6-a3f2c17224e0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:32 GMT
X-lat: Pug23047:0:257
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8224c548-a9e8-4783-acf6-a3f2c17224e0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=

42 B
1 KB

233ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:31 GMT
X-lat: Pug23030:0:264
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Thu, 25 Feb 2021 12:36:05 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c4bf6037-99cc-4c00-bcdb-e81ed6a242aa&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 25 Feb 2021 12:36:04 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3918247862574724850&gdpr=0&gdpr_consent=

42 B
769 B

183ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3918247862574724850&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:34 GMT
X-lat: lhrpug014:0:352
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:34 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid: 674ae5b1-637f-43e5-93bc-36d6e475837f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3918247862574724850&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MkXw.Ix1l2KWGo.H6y.aYihEypL7JjU-&gdpr=0&gdpr_consent=

0
587 B

1260ms
56ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MkXw.Ix1l2KWGo.H6y.aYihEypL7JjU-&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Thu, 25 Feb 2021 12:36:34 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Thu, 25 Feb 2021 12:36:33 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-MkXw.Ix1l2KWGo.H6y.aYihEypL7JjU-&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 4FC78D4E-FDC7-437F-AED6-6C53C90810CF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2E46 43 B
192 B 37ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/4FC78D4E-FDC7-437F-AED6-6C53C90810CF?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6cbc9374-a239-4789-b75c-067d36e1f38a&ssp=pubmatic
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=1&user_id=6cbc9374-a239-4789-b75c-067d36e1f38a&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=63a36526-70b7-4907-a294-4c1045712e08&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

64ms
64ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=63a36526-70b7-4907-a294-4c1045712e08&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:36 GMT
X-lat: lhrpug004:0:528
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=63a36526-70b7-4907-a294-4c1045712e08&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 25 Feb 2021 12:36:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VI9h-VuGMa1PhzOvBI9_rweNZqtPj2r6U4l_-Tes

42 B
1 KB

1232ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VI9h-VuGMa1PhzOvBI9_rweNZqtPj2r6U4l_-Tes
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:33 GMT
X-lat: Pug23040:0:310
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VI9h-VuGMa1PhzOvBI9_rweNZqtPj2r6U4l_-Tes
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7783561373678775756&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

257ms
60ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7783561373678775756&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:33 GMT
X-lat: lhrpug012:0:475
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7783561373678775756&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 25 Feb 2021 12:36:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDeZzAAAAGsoRjoG&gdpr=0&gdpr_consent=

1 B
1013 B

72ms
63ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDeZzAAAAGsoRjoG&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:33 GMT
X-lat: Pug23027:0:316
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614256593.261671,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YDeZzAAAAGsoRjoG&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
964 B

61ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:34 GMT
X-lat: Pug23040:0:611
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 2E46 0
103 B 18ms
13ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4FC78D4E-FDC7-437F-AED6-6C53C90810CF&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4676abc6-3007-460c-8937-7130fd948adb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
709 B

64ms
63ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4676abc6-3007-460c-8937-7130fd948adb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:34 GMT
X-lat: Pug23037:0:250
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4676abc6-3007-460c-8937-7130fd948adb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 25 Feb 2021 12:36:36 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5642703577122305677

42 B
505 B

117ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5642703577122305677
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:33 GMT
X-lat: lhrpug020:0:295
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:33 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid: 130f9b0c-8a2e-414a-9768-110c9b30557f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5642703577122305677
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2E46
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_bec54e7e-95ae-4712-ad72-791f26601887

42 B
994 B

64ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_bec54e7e-95ae-4712-ad72-791f26601887
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 25 Feb 2021 12:36:32 GMT
X-lat: Pug23048:0:264
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_bec54e7e-95ae-4712-ad72-791f26601887
date: Thu, 25 Feb 2021 12:36:34 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame 2B79 380 B
882 B 399ms
138ms XHR
text/plain 34.204.119.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?p=M1353665098&artime=2021-02-25T12:36:38.923Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci9zeW5jLmh0bWw/YWlkPTYwOTA5Ng==
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.119.109 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-119-109.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4265772f541764b03cd6d11056765ebf32e6a797514534896c441f132a1dbfef

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:39 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://ads.us.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 265

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 066F
Redirect Chain

https://bcp.crwdcntrl.net/5/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr

1 KB
2 KB

101ms
100ms

Document
text/html

52.48.137.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1efe47436d91944dfda94f352f85437a883945309e363765c89bf99f696d695a

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
content-type: text/html;charset=UTF-8
content-length: 1117
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.14.6
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 22-Nov-2021 12:11:00 GMT;SameSite=None;Secure _cc_id=ce262fbc635396c1ce2f5364ddbd47e2;Path=/;Domain=crwdcntrl.net;Expires=Mon, 22-Nov-2021 12:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSE41MjNKS0o2MzY1tjRLNgTy00yNzUxSUpJSTMxTjRiAIMF85vVX%2F%2F%2F%2F52eAAwDH5A9B";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 22-Nov-2021 12:11:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGBIMJ95nQEOABiGAgg%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 22-Nov-2021 12:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

Redirect headers

date: Thu, 25 Feb 2021 12:36:38 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.5.128
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure

GET
H2

200

tpid=no-consent
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 066F
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent

49 B
239 B

70ms
69ms

Image
image/gif

52.48.248.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:39 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.145
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:38 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-Q050 200 pixel
cm.g.doubleclick.net/ Frame 066F 170 B
213 B 17ms
16ms Image
image/png 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2UyNjJmYmM2MzUzOTZjMWNlMmY1MzY0ZGRiZDQ3ZTI

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 066F 62 B
329 B 185ms
184ms Image
image/gif 23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=969c17ae3b1e6b7f0d6826ff2d56c828
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:39 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: d65c
Content-Type: image/gif

GET
H2

200

tpid=1b2d3850-7766-11eb-a965-3a750b5c05a6
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 066F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=ce262fbc635396c1ce2f5364ddbd47e2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=ce262fbc635396c1ce2f5364ddbd47e2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=1b2d3850-7766-11eb-a965-3a750b5c05a6

49 B
238 B

69ms
68ms

Image
image/gif

52.48.248.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=1b2d3850-7766-11eb-a965-3a750b5c05a6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:39 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.145
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

date: Thu, 25 Feb 2021 12:36:39 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=1b2d3850-7766-11eb-a965-3a750b5c05a6
alt-svc: clear
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 066F 70 B
264 B 62ms
61ms Image
image/gif 54.228.21.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.21.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbxx
global.ib-ibi.com/ Frame 066F 0
72 B 686ms
171ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=ce262fbc635396c1ce2f5364ddbd47e2
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Englewood, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=184030621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame 2B79 0
344 B 178ms
61ms Image
text/plain 3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=null
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200

p
a.audrte.com/ Frame 2B79
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=null
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=null&google_gid=CAESEEFxsmetTAaA_Y43Beo7I5M&google_cver=1
https://a.audrte.com/p

68 B
618 B

277ms
132ms

Image
image/avif

34.204.119.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.119.109 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-119-109.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:39 GMT
Server: nginx/1.16.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/avif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 25 Feb 2021 12:36:39 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 2B79
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=null
https://a.audrte.com/a?adform_uid=5316896818216049983
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&google_gid=CAESEEFxsmetTAaA_Y43Beo7I5M&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=

0
344 B

63ms
62ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 12:36:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Thu, 25 Feb 2021 12:36:39 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9544cd470951b67899b07a410613d566ff48d5d39ec3d9c99a31b23d1f202ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 12:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6494
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E6F6 0
150 B 65ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.5.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.5.ua
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.5.ua/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1746
date: Thu, 25 Feb 2021 12:36:39 GMT
content-length: 0

GET
H2 200 194467.jpg
www.5.ua/media/pictures/820x546/ 34 KB
35 KB 16ms
16ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/820x546/194467.jpg?t=1600240740

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a460988f663e1c6329042351a9e91b057ccadc01a7adc97d5c2b9bec3bc1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12615
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35224
cf-request-id: 087aca0b7d00002c2e64267000000001
last-modified: Wed, 16 Sep 2020 07:19:11 GMT
server: cloudflare
etag: "5f61bc6f-8998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627179259ca52c2e-FRA
expires: Thu, 25 Feb 2021 15:06:24 GMT

GET
H2 200 209098.jpg
www.5.ua/media/pictures/300x200/ 51 KB
51 KB 15ms
14ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209098.jpg?t=1613482561

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa97895f074ccab6823c4c347bb7a03c507edf420208611ea35b318cbc992efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18778
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51897
cf-request-id: 087aca0b7d00002c2e608fc000000001
last-modified: Tue, 16 Feb 2021 13:36:04 GMT
server: cloudflare
etag: "602bca44-cab9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627179259ca72c2e-FRA
expires: Thu, 25 Feb 2021 13:23:41 GMT

GET
H2 200 209743.jpg
www.5.ua/media/pictures/300x200/ 55 KB
55 KB 16ms
16ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209743.jpg?t=1614084290

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a48078ba158561b44a98b1c34886e6c6fde79d74655c1982d4488d94219c21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10113
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56145
cf-request-id: 087aca0b7d00002c2e54a13000000001
last-modified: Tue, 23 Feb 2021 12:44:52 GMT
server: cloudflare
etag: "6034f8c4-db51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627179259ca82c2e-FRA
expires: Thu, 25 Feb 2021 15:48:06 GMT

GET
H2 200 181566.jpg
www.5.ua/media/pictures/300x200/ 9 KB
9 KB 23ms
22ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/181566.jpg?t=1585396290

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b7104e206c3a54d4a6fec07701e7ff2c4c45a5869d764c600e86daf9690403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5686
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9409
cf-request-id: 087aca0b7e00002c2e2f07a000000001
last-modified: Sat, 30 May 2020 16:44:46 GMT
server: cloudflare
etag: "5ed28d7e-24c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627179259cad2c2e-FRA
expires: Thu, 25 Feb 2021 17:01:53 GMT

GET
H2 200 210016.jpg
www.5.ua/media/pictures/300x200/ 47 KB
47 KB 18ms
18ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/210016.jpg?t=1614243503

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dd39a2093f6233f5dc9653522f770defcca908b2fea8926f74e60fa9e437d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12990
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47982
cf-request-id: 087aca0b7e00002c2ef509f000000001
last-modified: Thu, 25 Feb 2021 08:58:26 GMT
server: cloudflare
etag: "603766b2-bb6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627179259caf2c2e-FRA
expires: Thu, 25 Feb 2021 15:00:09 GMT

GET
H2 200 210033.jpg
www.5.ua/media/pictures/300x200/ 68 KB
68 KB 16ms
16ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/210033.jpg?t=1614255177

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85c8490ba438a6484adf0b1475a4e3942b3ade32dd5b5e7b0171295191857c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1246
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69743
cf-request-id: 087aca0b7f00002c2e433e6000000001
last-modified: Thu, 25 Feb 2021 12:13:00 GMT
server: cloudflare
etag: "6037944c-1106f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627179259cb02c2e-FRA
expires: Thu, 25 Feb 2021 18:15:53 GMT

GET
H2 200 logo_day.svg
www.5.ua/img/logo/ 3 KB
2 KB 107ms
103ms Image
image/svg+xml 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5.ua/img/logo/logo_day.svg
Requested by: Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5020f40820787eb99460bce11732b0120527e85b418fba50ab4c2711c308bc4

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Sep 2020 13:03:06 GMT
server: cloudflare
age: 2048
etag: W/"5f5f6a0a-db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 62717925bce22c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 087aca0b9100002c2e49907000000001
expires: Thu, 25 Feb 2021 18:02:31 GMT

GET
H2 200 33124.jpg
www.5.ua/media/pictures/300x200/ 19 KB
19 KB 16ms
13ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/33124.jpg?t=1424179210

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c361faa49fbbe154e35e4425183f45f8ae913c8ffb9ef45de0040a27cd6191c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20184
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19294
cf-request-id: 087aca0b9100002c2e6cb79000000001
last-modified: Fri, 13 Jan 2017 22:13:18 GMT
server: cloudflare
etag: "587950fe-4b5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62717925bce52c2e-FRA
expires: Thu, 25 Feb 2021 13:00:15 GMT

GET
H2 200 209532.jpg
www.5.ua/media/pictures/300x200/ 30 KB
31 KB 105ms
102ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209532.jpg?t=1613919984

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d96623e4fbef35c698405e8d7b2cdac7be826780c6a722e20eb564a55a65fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3119
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31110
cf-request-id: 087aca0b9200002c2e40b5f000000001
last-modified: Sun, 21 Feb 2021 15:06:08 GMT
server: cloudflare
etag: "603276e0-7986"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62717925bce72c2e-FRA
expires: Thu, 25 Feb 2021 17:44:40 GMT

GET
H2 200 209980.jpg
www.5.ua/media/pictures/300x200/ 45 KB
45 KB 103ms
102ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209980.jpg?t=1614183314

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

089ae84ce1b7810c22b1e688a291d683b71d4abcfd0a1f1bd33cd220be95e387

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2190
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46134
cf-request-id: 087aca0b9200002c2e04113000000001
last-modified: Wed, 24 Feb 2021 16:15:16 GMT
server: cloudflare
etag: "60367b94-b436"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62717925bce92c2e-FRA
expires: Thu, 25 Feb 2021 18:00:09 GMT

GET
H2 200 179952.jpg
www.5.ua/media/pictures/300x200/ 80 KB
80 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/179952.jpg?t=1611393299

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bef7f0fbf2abbfd0e5b1630549220e6775db401a09496370a64d1a365b61a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3119
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81964
cf-request-id: 087aca0b9200002c2e690e7000000001
last-modified: Sat, 23 Jan 2021 11:14:24 GMT
server: cloudflare
etag: "600c0510-1402c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62717925bceb2c2e-FRA
expires: Thu, 25 Feb 2021 17:44:40 GMT

GET
H2 200 95538.jpg
www.5.ua/media/pictures/300x72/ 17 KB
18 KB 95ms
95ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x72/95538.jpg?t=1502292107

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05db08f9c3962055e5a6d48b7d7d6d54a33d59ca3e7a1fe4cdf30bd19412f1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2961
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17726
cf-request-id: 087aca0b9a00002c2e0eba3000000001
last-modified: Wed, 09 Aug 2017 15:21:43 GMT
server: cloudflare
etag: "598b2887-453e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62717925ccff2c2e-FRA
expires: Thu, 25 Feb 2021 17:47:18 GMT

GET
H2 200 184384.jpg
www.5.ua/media/pictures/300x72/ 5 KB
5 KB 64ms
63ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x72/184384.jpg?t=1589785738

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e546f34478619f60b092b8000e8223c26155d8d0c7829569c5ef33aaa3082f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2962
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4713
cf-request-id: 087aca0bbd00002c2e60901000000001
last-modified: Sat, 30 May 2020 17:08:05 GMT
server: cloudflare
etag: "5ed292f5-1269"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62717925fd5a2c2e-FRA
expires: Thu, 25 Feb 2021 17:47:18 GMT

GET
H2 200 180855.jpg
www.5.ua/media/pictures/300x72/ 3 KB
3 KB 79ms
79ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x72/180855.jpg?t=1584353207

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbef1f31be942e9e91d3b04f5f24b0209b1739aba33cbd20dfcf139792f59d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2962
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3176
cf-request-id: 087aca0c0f00002c2e5a068000000001
last-modified: Sat, 30 May 2020 17:07:09 GMT
server: cloudflare
etag: "5ed292bd-c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627179267e452c2e-FRA
expires: Thu, 25 Feb 2021 17:47:18 GMT

GET
H2 200 209681.jpg
www.5.ua/media/pictures/300x200/ 87 KB
88 KB 79ms
79ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x200/209681.jpg?t=1614017359

Requested by

Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d6e718dff6f581add7ac5cb79a2fe5e9ea7182778abbfe414e45bc315e5e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3123
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89442
cf-request-id: 087aca0c1100002c2e5a069000000001
last-modified: Mon, 22 Feb 2021 18:09:29 GMT
server: cloudflare
etag: "6033f359-15d62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 627179267e472c2e-FRA
expires: Thu, 25 Feb 2021 17:44:37 GMT

GET
H2 200 169440.jpg
www.5.ua/media/pictures/300x72/ 4 KB
4 KB 32ms
32ms Image
image/jpeg 2606:4700:10::6816:317d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5.ua/media/pictures/300x72/169440.jpg?t=1565086471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:317d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b8f04ab4775da9e1d5dc84a03f9d0f2c606437a838ea62ece045ef0cd3e0bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3123
cf-bgj: h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4423
cf-request-id: 087aca0c3f00002c2efeaeb000000001
last-modified: Sat, 30 May 2020 17:04:12 GMT
server: cloudflare
etag: "5ed2920c-1147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 62717926ceed2c2e-FRA
expires: Thu, 25 Feb 2021 17:44:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 25 Feb 2021 12:36:39 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 50E6 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.5.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 25 Feb 2021 12:29:11 GMT
expires: Fri, 25 Feb 2022 12:29:11 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 448
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame 50E6 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 09:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 10903
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 09:34:56 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
508 B 48ms
47ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=3550511945691679&bg=!AQKlAkHNAAXB_3NtwTsAKQB2-DxaLIceMFC12VFuVbjOENCcruhB2zH46EitaQSOIKQyyAXcl4FqAgAAAHNSAAAADmgBBwoBJO1u4MqL9DLsqFrlUbhC1vL9IrDV-hdvZquiBpXwOrxYKeFE7de1Izik62nRa8Bs6pSUJkQNLFxszag568MoC0YasV5bXrfmY51NwOdZvfugiM9goLlnoCDcRghYphRlic4gBFUOd4OWdOJu9z9MMWHyMOwn4GGKp55zRNlU0ZZsg-LmfPFpmFDBz6GSxr9gP0x8Gpe9z6ILxmyOwpbm3qimFHVQE9EkQk4Vo0y0CFOLDUsuEWTENleraXxRkLCyg6h6cqQGOtixeV0jThzgCHK-_gcRgtYATr032CmvgcFzz9LbSfzvA4i5HkbJJx5UVIh5bgh-cxjW4h2CN0CfjtF6Y-10bYjzz-kIXSYtkwHoXdOApuXP09MOLSmN3RF0oCSgZPyZAcnu1bNqru16vSn5cbPBlKJ4cvKfhr-CbTi_WM6_LC6kPSgThIDHZCfiJvK513_sIYeYaeLI49msyxopsVSBv42vizX5RkFUv9_zvW7Ie-70qx9TpyVZSizO2zhW6COo4UBCV5Op9887sKP2JCBegPwRHv--bbMJeba4cWTf7xN24D4CgRSzeSOphv0npUOBcFxVPF8I3dtNrld5d8BwNB1Yiaoo2RQejLmMazm3kHxlF1MWDRXPWEyhadxLUzTwuDLMAyKm4Qvl3ndRO3ETkH-b6KFrED-7nUOlJt6MWel3BTH038TDRDJOatPHKI6iuiUI6u10-5YW8whERLW1ToR0ARL6076UwHP9-umGJ8NqfDu_ejGQ8tADinPgJitI0eZcbr05fSYH8K_hXBW7kLttumgIVGtXKVH4cP6u4Z1VC3ifplA57BvvnhwDWX0oVhIY9UawGiKjTyRSrJJLs--MDZr8IQHVuT8tAxP0_SKss1tquzBHupw3hiyS8jMzDgGgI1WGIwIk2ztD6kRr_Ux8T8-PRGqlP9Vvgwqu_79_0l18gyksQZD_DEX5_AQW1KKrxIhRNx1qaTK9IufOsnZuUjoSK1N9JpEm

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 12:36:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tapad.com/	1970-01-19 17:50:40	Name: TapAd_3WAY_SYNCS Value:
.tapad.com/	1970-01-19 17:50:40	Name: TapAd_TS Value: 1614256599125
.crwdcntrl.net/	1970-01-19 22:53:04	Name: _cc_aud Value: "ABR4nGNgYGBIMJ95nQEOABiGAgg%3D"
.crwdcntrl.net/	1970-01-19 22:53:03	Name: _cc_id Value: ce262fbc635396c1ce2f5364ddbd47e2
.crwdcntrl.net/	1970-01-19 22:53:03	Name: _cc_dc Value: 1
.zeotap.com/	1970-01-20 09:55:28	Name: zc Value: d308387d-75d9-4c06-5c17-50bacaa54320
.pubmatic.com/	1970-01-19 17:07:28	Name: PugT Value: 1614256596
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_1074 Value: 22956-e_bec54e7e-95ae-4712-ad72-791f26601887
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_22 Value: 14911-7783561373678775756
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_409 Value: 22966-t4XFz3rRYvAfohvTORYdWYGU&KRTB&23212-t4XFz3rRYvAfohvTORYdWYGU
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_107 Value: 1471-uid:eLIyDnRD1LffSG5
.pubmatic.com/	1970-01-19 17:07:28	Name: SPugT Value: 1614256594
.pubmatic.com/	1970-01-19 18:33:52	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_466 Value: 16530-63a36526-70b7-4907-a294-4c1045712e08
.adform.net/	1970-01-19 17:50:40	Name: uid Value: 5316896818216049983
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_57 Value: 22776-3918247862574724850
.tribalfusion.com/	1970-01-19 18:33:52	Name: ANON_ID Value: adnseFuyTYFBErv6Yb8knGeRnHIpw6PZafhxaxcHF9L3t36UD2oPcHgEqPN7AGCkZb1QD4vgVlZb4O5XJuUPp7a
.adform.net/	1970-01-19 17:04:35	Name: C Value: 1
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_153 Value: 19420-VI9h-VuGMa1PhzOvBI9_rweNZqtPj2r6U4l_-Tes&KRTB&22979-VI9h-VuGMa1PhzOvBI9_rweNZqtPj2r6U4l_-Tes
.crwdcntrl.net/	1970-01-19 22:53:04	Name: _cc_cc Value: "ACZ4nGNQSE41MjNKS0o2MzY1tjRLNgTy00yNzUxSUpJSTMxTjRiAIMF85vVX%2F%2F%2F%2F52eAAwDH5A9B"
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_80 Value: 16514-CAESEOf6gPpeh-Qq2_sPLO52ufY&KRTB&22987-CAESEOf6gPpeh-Qq2_sPLO52ufY&KRTB&23025-CAESEOf6gPpeh-Qq2_sPLO52ufY
.pubmatic.com/	1970-01-19 17:07:28	Name: KRTBCOOKIE_218 Value: 22978-YDeZzAAAAGsoRjoG&KRTB&23194-YDeZzAAAAGsoRjoG&KRTB&23209-YDeZzAAAAGsoRjoG&KRTB&23244-YDeZzAAAAGsoRjoG
.tapad.com/	1970-01-19 17:50:40	Name: TapAd_DID Value: 1b2d3850-7766-11eb-a965-3a750b5c05a6

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://player.adtcdn.com/prebidlink/448404/wrapper_hb_313501_8344.js(Line 1) Message: localStorage unavailable
console-api	warning	URL: https://player.adtelligent.com/prebidlink/ex18684/hb_313501_8344.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Mraid Ready false
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Chrome
console-api	info	URL: https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2011302221000 https://www.5.ua/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.5.ua/
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 127) Message: arResponse->{"pxcalls":"https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=null\|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a63-imiYaYlSTqVp55v33d7TQ&gdpr=0&gdpr_consent=null\|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null"}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6879cdc5a0871722e790789281945f02.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.adriver.ru
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
ag.innovid.com
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
ams.creativecdn.com
analytics.google.com
analytics.shareaholic.com
api.traq.li
aud.pubmatic.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
bn01.er.bemail.it
c1.adform.net
cdn.admixer.net
cdn.ampproject.org
cdn.shareaholic.net
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
creativecdn.com
cs.admanmedia.com
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
global.ib-ibi.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
gu.dyntrk.com
gum.criteo.com
ib.adnxs.com
ic.tynt.com
idsync.frontend.weborama.fr
ih.adscale.de
im.thenewco.id
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
ismatlab.com
js.adscale.de
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
m9m6e2w5.stackpathcdn.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.shareaholic.com
piguiqproxy.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
sddan.mgr.consensu.org
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.tidaltv.com
t.trafmag.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
visitor.fiftyt.com
www.5.ua
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.shareaholic.net
x.bidswitch.net
104.111.237.88
104.111.242.53
107.20.147.136
142.250.186.130
146.0.227.110
151.1.205.165
151.101.14.49
151.139.128.11
154.57.158.51
159.253.128.188
159.65.196.12
159.69.76.252
178.162.133.149
178.250.0.157
178.250.0.163
178.250.2.131
18.159.187.109
18.197.64.250
185.183.112.155
185.184.8.30
185.187.81.38
185.29.135.234
185.33.220.244
185.33.221.53
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.86.138.114
188.165.137.78
188.34.165.163
188.42.191.196
193.200.65.5
193.200.65.6
194.247.175.19
195.209.108.36
198.148.27.140
199.232.137.44
2.18.233.180
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::11
208.100.17.185
212.82.100.182
212.83.160.162
213.155.156.180
213.174.135.2
213.19.147.151
216.46.185.182
216.58.212.130
217.182.200.29
23.37.42.132
23.79.152.128
2606:4700:10::6816:317d
2606:4700:10::ac43:db6
2606:4700:20::681a:34e
2606:4700:3031::6815:327d
2606:4700::6810:df3
2606:4700::6812:d05
2606:4700:e0::ac40:6208
2606:4700:e6::ac40:ce20
2607:f8b0:4007:803::2003
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c07::9a
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:12::1370
2a03:90c0:41:2801::254
2a05:d018:24:b001:d120:1359:acbb:2de6
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
2a0c:5c81:5052::2
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.121.27.153
3.124.165.65
3.126.56.137
3.220.190.7
34.102.181.119
34.204.119.109
34.226.132.24
34.242.72.242
34.98.107.212
34.98.67.61
35.186.253.211
35.201.81.244
35.201.96.126
35.227.248.159
35.244.159.8
37.157.4.28
37.157.4.40
37.157.5.142
37.157.6.246
37.252.173.108
46.249.52.249
5.178.65.252
51.158.29.13
51.178.20.139
51.89.9.252
52.207.141.143
52.211.12.168
52.215.241.211
52.22.109.130
52.29.225.117
52.31.242.159
52.46.130.13
52.48.137.92
52.48.248.240
52.58.54.57
52.95.123.167
54.197.98.98
54.228.21.183
54.76.98.123
54.78.254.47
62.149.0.72
62.209.227.210
63.251.232.170
65.9.20.51
66.155.71.150
69.173.144.138
69.173.144.141
69.173.144.165
77.243.60.138
85.114.159.118
88.214.194.185
88.214.206.247
89.163.159.106
04663c266755839c4b2e26190644235f4726102f96fef17fb33b900d72e0384b
05db08f9c3962055e5a6d48b7d7d6d54a33d59ca3e7a1fe4cdf30bd19412f1d3
060662df88544f1a8261f230ab473a05e25483e53801aebfe4baa9ec88f1b0d8
073b41d117e725870f33ec4a4f111e1744d17ad9a81c33d98c4c5b1e9469d51e
089ae84ce1b7810c22b1e688a291d683b71d4abcfd0a1f1bd33cd220be95e387
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c164faa768d0c5f23c2f971638665afc8eff53255872299b9a4a9de24a11ea3
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e546f34478619f60b092b8000e8223c26155d8d0c7829569c5ef33aaa3082f6
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
112166bf87184943fc6a4d627efac5445f02670cd4ecf55587f5d67b78986342
12ec929650db582cf0a03e31fa53fb60de6b9ee26a9de97bba71b331d67d4d22
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15373d173d9f9c3630a299d43f86f1f9a6ec494f56e566cd571904be1d783f5c
167f7d48939f2a2ed3fb00bf9af6cfa9024d22a32af7493fdcf12491394fb437
16b7104e206c3a54d4a6fec07701e7ff2c4c45a5869d764c600e86daf9690403
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186fb6f7edbbeda01728ada4652cda14a27340275e0b478485f007d1648cd774
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1917a146b7b51f7aff532ac1abb4b6848ba7a443074d24ba8f543531fe3da716
1ae266bd874ab509a4a6fb29a273ca369e00aeb414dc59c02de583a5d5f3e7e3
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
1cadf6d394e339fca290395c0672e7b0f11d5b401745c5b41f2b123d72587237
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1d724b775c3d9ce659b50edea9d719e4155682a4842a225420d0e26e10267c8e
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1efe47436d91944dfda94f352f85437a883945309e363765c89bf99f696d695a
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2450051accce49d05e42271d291ab239765c9088b041bb396344bd796e91ecdf
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c73f4db4030359e1b23fb45c2c81e559a9c277b058c6c900b5eb6d363eb491b
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e793a6d654e64f50d1ee4c5313dd41956781384df5cec39aab09648db4a6766
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95
33f73711e4fb573905b19e50774de887a75fc3b0d7724362a9ca97693a4393f6
345da7c19b56d35e255a18ce8efe26a10e0908e56d0e1e8117cbf3bdea320d74
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3a21a77c1ead702c90e2958db1ffb090ba5701570822352fb73be03d8038a17c
3a48078ba158561b44a98b1c34886e6c6fde79d74655c1982d4488d94219c21a
3c7c1ac07d8f07cff11fe8c359fc922fe3fe349a30449df29561825355eb622b
3e92189e138b505b27d2f607e14bf62ef2eed575df15f6bbea9fbd8c7bbdb29d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4265772f541764b03cd6d11056765ebf32e6a797514534896c441f132a1dbfef
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ac6274c84692ccd214eafd97103203cf06f3fd8dc0be1bbcb8afa2e0f7f5ed4
4bef7f0fbf2abbfd0e5b1630549220e6775db401a09496370a64d1a365b61a6b
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f600b1db2ac23f7973100fae454508086ff2db74558b89428d64639c2b38e79
51d7ef6a86944735afcceb14f3e1ad9efdf3a6282696d7091d0248bdae8fa06b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54a460988f663e1c6329042351a9e91b057ccadc01a7adc97d5c2b9bec3bc1a4
55188ad66462f99aad5a01a117a0a9a6bb2c72d1d5b3fefd1ab340ea5a708e2a
5584d653470428a28ddf731d9fbc5bb6d71642b0b2d1a036db823371234cd7cc
56b519d9ddfda4f2c3918cfd492a97f21402d666d5c372d17c3d80693d5e077b
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345
5d485ec6125d1ef7861ad39985261654db3c0cedd2ad1db781e12d4655a2c81e
5e28f593aa0c52f459c7da1d9e0ec6bba11bea1626457b4c50cb9e7bafacc74f
5e2a1359061f2cd15a11826a5ec7dd76f0cf6489d66a68cc3acc6c063c453565
6016402b22007239e8540542e89bd8b6ada2d113bf70c7c4aa621c16e0bc370c
60403cfb9d5b48fd628b725249d22d063fc5063acf299b4549cd2c118bfa6059
606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6
6172f3cad225741f89effdf290b37f5d5924d57038ce8ab502a90f703e202a0e
63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899
63d4cb802bba4faca9ccb1a8a9296b4174ca138667ef2dd5795661c91787581c
642136e0f229542f53f85645e67d4bd977e5cbd13e451759c827a2fed620e969
6667079de105057ab1cc4e4f7f6610dce15d9d633ed143183f4a207fc4e622aa
67a91569c88e09fb8ddfc1a433193dac8da4848c52577a0f5e424064eba88a7e
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68e8598169e5d1567c50a900e5d6aa045f84009bb6eabc99fbacfb20ccebcb30
68f185f74b1c88db45d4af03c0833e9f74ff17552b163f090f16412e585a2129
6a36debcfaefa0268cdb972291fe5f2055f0737cb6e75a1bbb328a9a306b8f8c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1614702e395fef3a85dabdfbed0fa6ba39d52a8244ae2f5916a838ce4beac1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7180e5279236d9b2b95d251b04301dfe6f27458c8fe024452ad4d59cabc32dce
71ddd4b3a6c15a6b8a30ddc48f5653ba474c2d10c0b9b26bfd35bbc0a0971d6e
73f6bfc962639314b45d8158b9ddd8507868233ebfba15d6d11c74f8213721d0
74234027b67e5fa479110dd5eaa985d791ce841cc9cb6140d8a18574d84d641f
74ad7b4a00b914bdcfc27faefbe0f281a40966d1a152f618fdc776c32a8fcfa4
75cdd9416d4c67c2ebe841de3798651c00d8fba520f7cfe01bdf4db3167f5fa5
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
76daad608660fc47060ac42479b0413c3d211544ad4d77573e6cbf5f3a16fb5c
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
796bab2b50aec1d2e2564950f8b912c6ae172281a7ecbe378dd1bc68ce7669bc
7dd39a2093f6233f5dc9653522f770defcca908b2fea8926f74e60fa9e437d25
7e011c88d4996ef7d4901bf35dafe31fdcf47a674e85d1ff3bafef1e6725b4d6
8150bd4ba42b0abb5c7deadf5096d1964c19bdcf5504e7b99d320fc74206f059
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839488ebc08446a096a893996ed23eac321ac166724cd8c5d9092057834d2d79
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c8490ba438a6484adf0b1475a4e3942b3ade32dd5b5e7b0171295191857c2d
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
87cd45a8f63e4c4b829bd8159053e74eca1763705c8f94573cc16683562face9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d96623e4fbef35c698405e8d7b2cdac7be826780c6a722e20eb564a55a65fe9
8da5cb13b271ab4086755bbfbfdccf8dcdfc6c20b1bc83d774bb47b73b6632c0
913f591ad91b8f98db19677b3e82eac3415d53adb15f7752e0770b086859e85e
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
9503111432bbaa37cfef271c29162ec7a0ca26fb07805ce56f3697edf4f8d164
9544cd470951b67899b07a410613d566ff48d5d39ec3d9c99a31b23d1f202ee7
957e92a918653fd40bdc7abf17b23fef1993b2e5297fa8230f5de385299417ec
97833d96420cccd3d540689e88e926ecf377aae2b403e7b7a5279122dd1bfe0e
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9933b17f62ddedcdaadf32e641bf0fdd86fdf822cc055a25c946e4f12b1b9e62
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8f04ab4775da9e1d5dc84a03f9d0f2c606437a838ea62ece045ef0cd3e0bf6
9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38
9cab79c5160c0c4ef4aea5ee18956bb3626421e6f46da6f9a7d600de6df55d17
9e42514d47de9f0a4102b90250a81cc61a4a152a4f5f2254d1268467a6396601
9f04d551197e3b098a8216b0a0104037f2a8bc8b4f71bd41181bcd13438bebe2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a12573c989a95e0b4449174ce4bd42157c61ea30585f56a72eedd29a707f68
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a641707e7fd5f9d5b4f2ecccf2047ba269ba2e5e6b1f0409b8e8705658f7851b
a6ea93782788a35fff8c878d709489ca2c06ec6534cf6b4f211cdc747d49f503
a7e5cd0998c4a06587d6f3a0f3941380d0c9f7eec7756dd747b36f5f301a4800
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a8f04d88e93d19f8618291b5db73e8e528d58969351facb19aa4debb7f9d6073
a947ddfeca46456b6cfa1f8277d46f3f9a0137f47fe850570864c9062d987d07
a9bed3de8b4f55f925c2cead7b90ed8c50ee72259f9d1ce50aa466ba33ae459a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa97895f074ccab6823c4c347bb7a03c507edf420208611ea35b318cbc992efc
b0bf26d8ab1166de58af276d94d13a90d2e64edc8b419697482ad78436f36109
b0bf270709dbc0062ea29408210510b2aeefc8793434c43b4915986555c44ebf
b0c36c4d23c4977b110f998806928dd944fea7594bb7b9b6abfc4a617a8f4c54
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b2edff214ab969086c5028141e42d78fb367851ad5fa67061d8b558caab40f7b
b2f752697bd33df4852991705c94be3069fc954847004ca0b75e514ed597ad44
b3270e94b074a33614f9bddf8d7512dff64e666be45c2bd2525d58ca3075a5e7
b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554
b47640444bf21fc22987897586f6713c2ed97cf5a83d84ebb74cb9c258029532
b494064db0fc8ab62f99b9d6cb0ec36eb34557f514769bddfe49212fcec14440
b5020f40820787eb99460bce11732b0120527e85b418fba50ab4c2711c308bc4
b58f96f51273c01f06940a6c53b8bf28becbf1669bd79f7525bc805af8968ec3
b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b9dc4ba428b568043191bc4d1f91daf62168239c8df7c504ff04601373ceb804
bb3b7b43ef77882d1cf2c9cf82c316f7e91ac8c632bce00a2995483522f58e77
bb6ea2f92c9e4e38cf818da0d51c84f755200d0e9a8b24f73bde687022ecdd42
bc1a4a6e75717031513499092fb0fcb294e4aaafd5aaf8c43094cf0dbea6a700
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bec44f49368ca1a0aea779cb9ba4b778d3f93542d3e8aa22720d0a273f07cdf4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c361faa49fbbe154e35e4425183f45f8ae913c8ffb9ef45de0040a27cd6191c6
c3d6e718dff6f581add7ac5cb79a2fe5e9ea7182778abbfe414e45bc315e5e2e
ca20712fc836ba9d51cb7bc766b1095867f2ebd221e050d8aa79990ff7016444
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
cded380ddc97c0b532c85a446c1e30b353ee795ebea0ee20f5e0e5000a1deaeb
ce0ef1dfff991a46b5aa3b2a726103bbf1e25ddd82fee3cba52d656717699fda
cf05eccbec30de9efd0e74546f01702ec3417ed2a283ea816df584d65ed86626
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfff9354ba9811ff9ed3660d6961f840d864255bf398e3c4ff7f77ffc044bcb1
d0dce2ea47d7fbee138cb39f60654720ed0ec1f7d1a5257d7528852ebd29167e
d15fa0f252484edce146935d43590773d865614b255f7740c3435c170247bd79
d4a9b1d80adb489b4beecb166d05e2360d7dfbd388378c76d0dffb90a80424dd
d568f192c576f136afeeb596dce1070cfd9bea7dcb1ea7b591da7ba4ff6b127f
d73ef6d073688c78e09852b6be2d52a7b96df0f91a18e4a75974d2b5221aed00
d891a3caf07774ba2732761542748e5b125ea5037e0f72d4f8f64ac6cedd161f
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da96ded92729c45c556ac8c25bfc93f5ba3b66eefb2924fb7c4931b53191e156
dbef1f31be942e9e91d3b04f5f24b0209b1739aba33cbd20dfcf139792f59d6e
e00b70e9a165e7e1bc39ba9d092d02099fde2e8607e543786f4e9bf00389e428
e17ea6db32d44acaf74ced343aaa5ee50facbe79f847fa0758a9d3dabaf4df98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3da1a5944dc5da09a47e05e4f80eb5958248db160e289f418783e16d721be2a
e55f799a127b930bf5bdbd61c9c0b8c99489bc3d4482b2970fc8aaf78ba702ae
e69186033526109e4d6e6d0439b83d3aa14076f6311185df688a3f7ad74b773d
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e9c13e4f54b53d83174136112d88c94e10116241dbac7e04d98a72cd34151bb9
eb6a1ca26492b388e1be34b834404064c04a6e68c9794d83cfc8b02644d07f85
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc369cf68b75544ce894f39bb5c59e1522530f196f252faf92a6ea290d31625
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f5b62d40921fb76a6a407047dc6438929bb1ef88ce5f6df1195eae119f0385a1
f9801ca1fe7400ffeb25ba3083c646465256f9545b7374e12cbd2b775de4320b
f9fd82bd80e76c6d446bcb011bec02417aed3335458d475d3040d9663839393a
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fee5f4c87dabd8d30661714f8adababf64ba25b7cec543517eb5e80351a8dbef
ffa5d5f02b8706cbf6af9dcd33406dec9ee9006f57ad03912e10bec1d57db747

www.5.ua Open in urlscan Pro 2606:4700:10::6816:317d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

359 Requests

100 %HTTPS

28 %IPv6

103 Domains

165 Subdomains

107 IPs

15 Countries

3189 kBTransfer

6742 kBSize

24 Cookies

4 Outgoing links

Redirected requests

359 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 31 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.5.ua Open in urlscan Pro
2606:4700:10::6816:317d Public Scan

Screenshot
Live screenshot

Full Image

359
Requests

100 %
HTTPS

28 %
IPv6

103
Domains

165
Subdomains

107
IPs

15
Countries

3189 kB
Transfer

6742 kB
Size

24
Cookies

359 HTTP transactions
31 data transactions