urlscan.io logo urlscan.io
SecurityTrails logo

www.ukr.net Open in urlscan Pro
212.42.76.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ukr.net/
Effective URL: https://www.ukr.net/
Submission: On May 07 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 13 countries across 86 domains to perform 309 HTTP transactions. The main IP is 212.42.76.252, located in Ukraine and belongs to UKRNET Kiev, Ukraine, UA. The main domain is www.ukr.net.
TLS certificate: Issued by Thawte RSA CA 2018 on March 31st 2021. Valid for: a year.
This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 212.42.76.252 8856 (UKRNET Kiev)
1 2a00:1450:400... 15169 (GOOGLE)
16 212.42.76.247 8856 (UKRNET Kiev)
2 212.42.76.248 8856 (UKRNET Kiev)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 212.42.75.249 8856 (UKRNET Kiev)
4 213.174.135.1 39572 (ADVANCEDH...)
15 172.217.23.98 15169 (GOOGLE)
1 10 212.42.75.253 8856 (UKRNET Kiev)
6 136.243.84.74 24940 (HETZNER-AS)
1 37.187.205.228 16276 (OVH)
1 147.135.189.55 16276 (OVH)
8 212.42.76.151 8856 (UKRNET Kiev)
4 212.42.83.135 8856 (UKRNET Kiev)
1 193.200.65.2 6681 (GIVEME-CLOUD)
1 104.19.132.78 13335 (CLOUDFLAR...)
4 195.214.195.101 8856 (UKRNET Kiev)
1 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a0c:5c81:514... 55081 (24SHELLS)
2 2a0c:5c81:513... 55081 (24SHELLS)
1 1 162.55.6.212 24940 (HETZNER-AS)
4 14 62.149.0.72 15497 (COLOCALL ...)
2 193.200.65.5 6681 (GIVEME-CLOUD)
1 37.18.16.21 205675 (HYBRID-AS)
2 3 185.184.8.30 204995 (RTB-HOUSE...)
1 2 5.178.65.246 50673 (SERVERIUS-AS)
4 2.18.233.180 16625 (AKAMAI-AS)
2 5 104.111.237.88 16625 (AKAMAI-AS)
2 3 37.157.4.25 198622 (ADFORM)
2 62.113.194.12 47447 (TTM)
1 1 52.207.141.143 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 213.19.162.31 26667 (RUBICONPR...)
2 3 72.251.249.14 29791 (VOXEL-DOT...)
2 146.0.227.110 20773 (GODADDY)
7 10 185.33.220.243 29990 (ASN-APPNEX)
1 35.244.159.8 15169 (GOOGLE)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 67.202.110.34 32748 (STEADFAST)
4 4 35.227.252.103 15169 (GOOGLE)
1 178.250.2.146 44788 (ASN-CRITE...)
1 13 52.29.148.200 16509 (AMAZON-02)
3 3 66.155.71.149 13768 (COGECO-PEER1)
8 46.249.52.248 50673 (SERVERIUS-AS)
3 3 213.19.147.45 3356 (LEVEL3)
4 6 52.30.186.230 16509 (AMAZON-02)
5 5.178.65.253 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 8 52.4.128.233 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 168.119.149.178 24940 (HETZNER-AS)
3 178.162.133.149 60781 (LEASEWEB-...)
3 3 18.156.0.31 16509 (AMAZON-02)
1 1 88.214.206.142 46636 (NATCOWEB)
1 1 23.79.143.124 16625 (AKAMAI-AS)
2 104.111.230.142 16625 (AKAMAI-AS)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
4 15 2.18.234.21 16625 (AKAMAI-AS)
1 18 2606:4700:10:... 13335 (CLOUDFLAR...)
7 8 142.250.186.98 15169 (GOOGLE)
4 5 35.227.248.159 15169 (GOOGLE)
2 3 37.157.4.39 198622 (ADFORM)
1 199.232.137.44 54113 (FASTLY)
1 154.57.158.50 26558 (FREEWHEEL)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
3 3 34.251.60.147 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.101 24961 (MYLOC-AS ...)
5 7 54.194.226.253 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 52.58.248.2 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 52.49.95.65 16509 (AMAZON-02)
4 4 151.101.114.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 18.213.190.7 14618 (AMAZON-AES)
1 2 52.95.124.165 16509 (AMAZON-02)
2 2 23.45.99.241 16625 (AKAMAI-AS)
1 54.76.71.14 16509 (AMAZON-02)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 54.239.17.112 16509 (AMAZON-02)
1 1 52.17.166.60 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 65.9.73.74 16509 (AMAZON-02)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 212.129.3.113 12876 (Online SAS)
2 2 23.111.200.117 7979 (SERVERS-COM)
1 51.89.9.251 16276 (OVH)
1 1 62.209.227.210 5588 (GTSCE GTS...)
1 37.252.172.38 29990 (ASN-APPNEX)
1 1 2001:678:cb4:... 56396 (TURN)
3 3 185.29.135.226 30419 (MEDIAMATH...)
2 2 52.209.246.140 16509 (AMAZON-02)
1 2.18.234.233 16625 (AKAMAI-AS)
1 1 159.253.128.188 36351 (SOFTLAYER)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 5 54.171.173.220 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (TURN)
4 4 51.89.42.86 16276 (OVH)
1 18.184.216.10 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
309 87
10    212.42.76.252 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv252.fwdcdn.com
ukr.net
www.ukr.net
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    212.42.76.247 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv247.fwdcdn.com
upst.fwdcdn.com
2    212.42.76.248 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv248.fwdcdn.com
zakladki.ukr.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    212.42.75.249 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com
mail.ukr.net
4    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
15    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
10    212.42.75.253 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com
accounts.ukr.net
6    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
go.rcvlink.com
recreativ.ru
1    37.187.205.228 (France)

ASN16276 (OVH, FR)
PTR: app-04.adpartner.pro
a4p.adpartner.pro
1    147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
8    212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com
pinformer.sinoptik.ua
4    212.42.83.135 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
kinoafisha.ua
1    193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com
trafmag.com
1    104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)
servicer.mgid.com
4    195.214.195.101 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
counter.ukr.net
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
2    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
s.adtelligent.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
14    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
sync.console.adtarget.com.tr
2    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    37.18.16.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
3    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
prebid-eu.creativecdn.com
2    5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com
js.adscale.de
tracking.m6r.eu
3    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    62.113.194.12 (Münster, Germany)

ASN47447 (TTM, DE)
cdn.admatic.com.tr
1    52.207.141.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.at
adservice.google.com
27    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
cdn.ampproject.org
26    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
10    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adtelligent-d.openx.net
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2606:4700:e0::ac40:6308 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
2    67.202.110.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-110.static.steadfastdns.net
ic.tynt.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
13    52.29.148.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ih.adscale.de
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
8    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
u-ams02.e-planning.net
sync.e-planning.net
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
6    52.30.186.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
5    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
8    52.4.128.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
1    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de
sync.richaudience.com
3    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
18    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
3    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    154.57.158.50 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    34.251.60.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-60-147.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Bellagio, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.101 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
7    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    52.58.248.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-248-2.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
2    52.49.95.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    18.213.190.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.76.71.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.17.166.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    65.9.73.74 (United States)

ASN16509 (AMAZON-02, US)
tags.crwdcntrl.net
7    2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    212.129.3.113 (France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-113.rev.poneytelecom.eu
js.cookieless-data.com
2    23.111.200.117 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    62.209.227.210 (Prague, Czech Republic)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
PTR: bbnautid1.ibillboard.com
bbnaut.ibillboard.com
1    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
3    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    52.209.246.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-246-140.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    54.171.173.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
4    51.89.42.86 (London, United Kingdom)

ASN16276 (OVH, FR)
id5-sync.com
1    18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
37 googlesyndication.com
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
222 KB
29 ukr.net
ukr.net
www.ukr.net
zakladki.ukr.net
mail.ukr.net
accounts.ukr.net
counter.ukr.net
330 KB
22 ampproject.org
cdn.ampproject.org
444 KB
21 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
173 KB
19 adtelligent.com
player.adtelligent.com
ghb.adtelligent.com
sync.adtelligent.com
s.adtelligent.com
ghb1.adtelligent.com
139 KB
18 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
6 KB
16 adscale.de
js.adscale.de
ih.adscale.de
17 KB
16 fwdcdn.com
upst.fwdcdn.com
359 KB
15 casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
19 KB
15 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
19 KB
13 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
17 KB
11 adnxs.com
ib.adnxs.com
secure.adnxs.com
8 KB
8 audrte.com
a.audrte.com
9 KB
8 google.com
www.google.com
adservice.google.com
624 B
8 sinoptik.ua
pinformer.sinoptik.ua
47 KB
7 quantumdex.io
sync.quantumdex.io
3 KB
7 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
4 KB
6 adsrvr.org
match.adsrvr.org
3 KB
6 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
14 KB
6 adform.net
cm.adform.net
dmp.adform.net
track.adform.net
2 KB
6 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
35 KB
5 tapad.com
pixel.tapad.com
2 KB
5 yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
4 KB
5 openx.net
adtelligent-d.openx.net
rtb.openx.net
2 KB
5 criteo.com
gum.criteo.com
mug.criteo.com Failed
bidder.criteo.com
dis.criteo.com
848 B
5 rcvlink.com
go.rcvlink.com
7 KB
4 id5-sync.com
id5-sync.com
6 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 mathtag.com
pixel.mathtag.com
sync.mathtag.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 kinoafisha.ua
kinoafisha.ua
81 KB
3 turn.com
ad.turn.com
d.turn.com
1 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
935 B
3 demdex.net
dpm.demdex.net
3 KB
3 sonobi.com
sync.go.sonobi.com
1 KB
3 richaudience.com
sync.richaudience.com
743 B
3 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
976 B
3 lijit.com
ap.lijit.com
2 KB
3 creativecdn.com
creativecdn.com
prebid-eu.creativecdn.com
894 B
3 trafmag.com
trafmag.com
t.trafmag.com
920 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 bluekai.com
tags.bluekai.com
641 B
2 weborama.fr
idsync.frontend.weborama.fr
843 B
2 tidaltv.com
sync.tidaltv.com
792 B
2 criteo.net
static.criteo.net
51 KB
2 1rx.io
sync.1rx.io
1 KB
2 tynt.com
ic.tynt.com
2 admixer.net
inv-nets.admixer.net
972 B
2 betweendigital.com
ads.betweendigital.com Failed
925 B
2 google.at
adservice.google.at
964 B
2 admatic.com.tr
cdn.admatic.com.tr
21 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 eyeota.net
ps.eyeota.net
1 KB
1 simpli.fi
um.simpli.fi
624 B
1 stickyadstv.com
ads.stickyadstv.com
727 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 onetag-sys.com
onetag-sys.com
818 B
1 cookieless-data.com
js.cookieless-data.com
367 B
1 rfihub.com
p.rfihub.com
769 B
1 adroll.com
d.adroll.com
112 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
384 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 taboola.com
trc.taboola.com
164 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com
721 B
1 admanmedia.com
cs.admanmedia.com
428 B
1 dotomi.com
prebid-match.dotomi.com
104 B
1 navdmp.com
tag.navdmp.com
4 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
490 B
1 adxpremium.services
rtb.adxpremium.services
972 B
1 advangelists.com
nep.advangelists.com
229 B
1 hybrid.ai
dm.hybrid.ai
238 B
1 loopme.me
csync.loopme.me
209 B
1 google.de
www.google.de
107 B
1 recreativ.ru
recreativ.ru
192 B
1 mgid.com
servicer.mgid.com
3 KB
1 mixadvert.com
m.mixadvert.com
494 B
1 adpartner.pro
a4p.adpartner.pro
844 B
1 googletagmanager.com
www.googletagmanager.com
35 KB
309 86
Domain Requested by
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
22 cdn.ampproject.org securepubads.g.doubleclick.net
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
16 upst.fwdcdn.com www.ukr.net
pinformer.sinoptik.ua
upst.fwdcdn.com
15 mwzeom.zeotap.com 1 redirects ads.us.e-planning.net
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
10 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
10 ib.adnxs.com 7 redirects player.adtelligent.com
spl.zeotap.com
ssum-sec.casalemedia.com
10 accounts.ukr.net 1 redirects upst.fwdcdn.com
accounts.ukr.net
www.ukr.net
10 securepubads.g.doubleclick.net www.ukr.net
securepubads.g.doubleclick.net
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
9 www.ukr.net 1 redirects www.ukr.net
pinformer.sinoptik.ua
upst.fwdcdn.com
8 cm.g.doubleclick.net 7 redirects bcp.crwdcntrl.net
8 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
8 sync.adtelligent.com 3 redirects player.adtelligent.com
s.console.adtarget.com.tr
s.adtelligent.com
8 pinformer.sinoptik.ua upst.fwdcdn.com
pinformer.sinoptik.ua
7 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
7 bcp.crwdcntrl.net 5 redirects ssum.casalemedia.com
tags.crwdcntrl.net
6 pagead2.googlesyndication.com www.ukr.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 match.adsrvr.org 4 redirects ssum.casalemedia.com
bcp.crwdcntrl.net
6 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
s.adtelligent.com
js.adscale.de
ads.us.e-planning.net
6 www.google.com 2 redirects www.ukr.net
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
5 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
5 pixel.tapad.com 4 redirects ads.us.e-planning.net
5 s.e-planning.net ads.us.e-planning.net
5 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
5 c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 ghb.adtelligent.com player.adtelligent.com
5 go.rcvlink.com www.ukr.net
go.rcvlink.com
4 id5-sync.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 rtb.openx.net 4 redirects
4 ads.pubmatic.com s.console.adtarget.com.tr
ads.pubmatic.com
ads.us.e-planning.net
4 counter.ukr.net www.ukr.net
counter.ukr.net
4 kinoafisha.ua upst.fwdcdn.com
kinoafisha.ua
4 player.adtelligent.com www.ukr.net
player.adtelligent.com
3 sync.mathtag.com 3 redirects
3 dpm.demdex.net 3 redirects
3 dmp.adform.net 2 redirects spl.zeotap.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
3 ups.analytics.yahoo.com 3 redirects
3 sync.go.sonobi.com ads.us.e-planning.net
sync.quantumdex.io
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
3 ap.lijit.com 2 redirects player.adtelligent.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 mail.ukr.net 2 redirects upst.fwdcdn.com
2 d.turn.com 2 redirects
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 ssum-sec.casalemedia.com ssum.casalemedia.com
sync.quantumdex.io
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 tags.bluekai.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 googleads.g.doubleclick.net www.ukr.net
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
2 sync.1rx.io 2 redirects
2 ic.tynt.com s.adtelligent.com
sync.quantumdex.io
2 inv-nets.admixer.net player.adtelligent.com
2 fastlane.rubiconproject.com player.adtelligent.com
2 ads.betweendigital.com player.adtelligent.com
2 gum.criteo.com static.criteo.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.at securepubads.g.doubleclick.net
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 creativecdn.com 2 redirects
2 t.trafmag.com www.ukr.net
s.adtelligent.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 zakladki.ukr.net www.ukr.net
1 ps.eyeota.net s.console.adtarget.com.tr
1 dis.criteo.com 1 redirects
1 um.simpli.fi 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 bbnaut.ibillboard.com 1 redirects
1 onetag-sys.com sync.quantumdex.io
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 p.rfihub.com 1 redirects
1 d.adroll.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 prebid-match.dotomi.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.sitescout.com 1 redirects
1 rtb.adxpremium.services player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 ghb1.adtelligent.com player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 adtelligent-d.openx.net player.adtelligent.com
1 mug.criteo.com www.ukr.net
1 nep.advangelists.com 1 redirects
1 s.adtelligent.com s.console.adtarget.com.tr
1 cm.adform.net s.console.adtarget.com.tr
1 dm.hybrid.ai www.ukr.net
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr player.adtelligent.com
1 www.google.de www.ukr.net
1 stats.g.doubleclick.net www.google-analytics.com
1 recreativ.ru go.rcvlink.com
1 servicer.mgid.com upst.fwdcdn.com
1 trafmag.com upst.fwdcdn.com
1 m.mixadvert.com upst.fwdcdn.com
1 a4p.adpartner.pro upst.fwdcdn.com
1 www.googletagmanager.com www.ukr.net
1 ukr.net 1 redirects
309 131

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
tvgid.ua
kinoafisha.ua
avtosale.ua
z.cdn.adpool.bet
rozetka.com.ua
kasta.ua
www.citrus.ua
makeup.com.ua
panama.ua
www.booking.com
auto.ria.com
rst.ua
ab.ua
atlanticexpress.com.ua
vidi-automarket.com.ua
osaggo.com.ua
lassa-tyres.com.ua
evatech.com.ua
dom.ria.com
lun.ua
nerukhomi.ua
1realty.ua
flatfy.ua
bit.ly
onona.ua
www.accordtour.com
www.impuls24.com.ua
med-magazin.ua
www.lissod.com.ua
www.ailas.com.ua
healthyway.com.ua
www.lampa.ua
e27.com.ua
www.caravella.com.ua
www.dybok.com.ua
electrica-shop.com.ua
sex-shop.ua
work.ua
grc.ua
learning.ua
optima.school
buki.com.ua
slav.in.ua
www.otpusk.com
panoramadeluxe.com
www.hotelscombined.com
www.youtube.com
vv-hotel.com
hvosting.ua
nic.ua
www.besthosting.ua
internetua.com
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
student-taxi.com.ua
ua.interfax.com.ua
biz.censor.net
kontrakty.ua
24tv.ua
prm.ua
www.bbc.com
ukrainian.voanews.com
gordonua.com
regionews.ua
www.epravda.com.ua
agropravda.com
agroportal.ua
skeptik.com.ua
suspilne.media
www.rbc.ua
ua.news
sprotyv.info
www.radiosvoboda.org
bykvu.com
news.obozrevatel.com
www.pravda.com.ua
www.slovoidilo.ua
tgn.in.ua
www.eurointegration.com.ua
rupor.info
me3.com.ua
svidok.online
lenta.ua
portaltele.com.ua
flot2017.com
gsminfo.com.ua
take-profit.org
charter97.org
agronews.ua
cikavosti.com
mind.ua
zn.ua
mmr.net.ua
newsyou.info
ua-electro.com
bizua.org
www.ua-football.com
terrikon.com
ua.tribuna.com
football24.ua
nashamama.com
changeua.com
u-news.com.ua
golos.ua
sport.politeka.net
www.bagnet.org
newsru.co.il
ru.krymr.com
novosti-n.org
simya.24tv.ua
racurs.ua
showbusiness.politeka.net
stars.clutch.net.ua
telegraf.com.ua
magnolia-tv.com
www.footboom.com
kurs.com.ua
rezina.cc
testoteka.ukr.net
www.zapchast.com.ua
americamotors.com
kiaparts.com.ua
autoshini.com
pokraska.diskservice.com.ua
transshina.com.ua
shinadiski.com.ua
sailuntyre.com.ua
goldnomer.com
www.aks.ua
www.mykite.com.ua
kidbutik.ua
diaton.ua
artpotolok.kiev.ua
590.ua
pro-electronics.com.ua
lascala.ua
www.m-stelya.com.ua
stellag.com.ua
leoceramika.com
flowers.ua
isex.com.ua
buketland.com.ua
amurchik.ua
zarina.ua
trafmag.com
answear.ua
sneakerstudio.com.ua
pierrecardin.net.ua
mgid.com
www.mgid.com
adline.kiev.ua
mail.ukr.net
zakladki.ukr.net
Subject Issuer Validity Valid
*.ukr.net
Thawte RSA CA 2018		 2021-03-31 -
2022-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.fwdcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-09 -
2021-11-07		 2 years crt.sh
mail.ukr.net
Thawte RSA CA 2018		 2020-04-06 -
2022-05-06		 2 years crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
rcvlink.com
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
adpartner.pro
R3		 2021-02-26 -
2021-05-27		 3 months crt.sh
m.mixadvert.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
sinoptik.uk
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-12		 a year crt.sh
kinoafisha.ua
Sectigo RSA Domain Validation Secure Server CA		 2020-08-11 -
2021-11-07		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-15 -
2021-06-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2020-08-14 -
2021-09-06		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-05-06 -
2021-08-04		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-04-03 -
2021-07-02		 3 months crt.sh
sync.adtelligent.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
sync.console.adtarget.com.tr
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
cat.adscale.de
DigiCert SHA2 Secure Server CA		 2020-10-23 -
2021-11-21		 a year crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
*.google.at
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2020-08-17 -
2021-11-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
ghb1.adtelligent.com
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.adscale.de
Amazon		 2020-06-05 -
2021-07-07		 a year crt.sh
*.e-planning.net
R3		 2021-03-26 -
2021-06-24		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
js.cookieless-data.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.eyeota.net
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh

This page contains 37 frames:

Primary Page: https://www.ukr.net/
Frame ID: 91E3FDEF482A5372A6FA2B0852447F42
Requests: 78 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 910ADBBA49571051FE1EDD35FA4C3D09
Requests: 8 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 124BABCF287BF730FCFB7ACA8E0421B0
Requests: 6 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
Frame ID: 0DD97E7ED2BBF6C50BF51EE924DCBFFD
Requests: 13 HTTP requests in this frame

Frame: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1620406907177
Frame ID: C4F8EA2209630D3307F01B3CE4D5AFAB
Requests: 5 HTTP requests in this frame

Frame: https://www.ukr.net/dat/covid19.html
Frame ID: F82ECEB5CD7BB59B98D0FF2A7D999497
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: 4A8BE697CBA6EBF8635C776A1D9C391C
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5f57ee3c-248e-4884-8b3c-b6335968afbe
Frame ID: 54226D0C3BCE3CCEF6167BDFACA03F5C
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ZUjnGuhb60XpKcW40cNF&pi=admatic&tc=1
Frame ID: E1A47A2DABD4B5A21AA9B0C9C86E3877
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 93CA8F33FB93661315109ED1FED3B18B
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: E950C97F5297B17325C26FDF4A563DE6
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: ECAE979245206850922767DAA96FFFC5
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 5C97E5867936E7BAC0C3A664BEA80103
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 5943C93F0C99AAAE0E1ECD5F4EBA716D
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: 003051038F86B8244AEBDAF30B989D38
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 79F51674D6B3A8DEC476FF81D7F05C57
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 4C0041118079E1B37697DF80E1BD6CE6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 1BA2090836FA8F307BD87EF6E11AECEF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da8032093996d09fc%26uid%3D
Frame ID: 84B1EF1FB7BFC316D67D59B5B3412778
Requests: 1 HTTP requests in this frame

Frame: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DF1E25788E48D2B4D19D60B06AC4E85
Requests: 17 HTTP requests in this frame

Frame: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 88DFE46F66CA890349C5F634D211540B
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9EFA73060A794C258AAFCE8C064D91FB
Requests: 1 HTTP requests in this frame

Frame: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C21DF735887FE380A5710F3E6F70E941
Requests: 17 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Frame ID: 867E276AB9045945516750FF7FBDEE89
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&cmp=0
Frame ID: 3A86089A16FA641B6251A464810D523E
Requests: 31 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 02656059F507E07FE8DA10353970C91F
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: E63B90E2445D8063F20F4457FB62500D
Requests: 8 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AA2%2fWPd7q6ouhac5
Frame ID: D4A341B606507326A51C9A079EC97957
Requests: 1 HTTP requests in this frame

Frame: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E5CB724FE836AC7575C9FCDE69779C9B
Requests: 20 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 2C3F0546F2F7FBB24C232747D4B5A97C
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 01EE6672535B6016CFF49BF1517CD344
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: D2AE0DF67D5DE5D004BD65FB4A297CCA
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 0C5CE11C4AAC8DC4ED0E8A04D8864503
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 2B3849AB5F1421A2752AF0E58937B3F8
Requests: 11 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 60A70EDA718C20997F98587D7FADF835
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.ukr.net
Frame ID: 7284DCE2C456FDADF0E2F22FFEC171D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0F7F26A06E816CDCD41DE9E9BC524BE7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ukr.net/ HTTP 301
    http://www.ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

309
Requests

99 %
HTTPS

22 %
IPv6

86
Domains

131
Subdomains

87
IPs

13
Countries

2096 kB
Transfer

6043 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ukr.net/ HTTP 301
    http://www.ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mail.ukr.net/widget?lang=uk HTTP 303
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Request Chain 74
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5f57ee3c-248e-4884-8b3c-b6335968afbe
Request Chain 75
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ab1efff72a291718
Request Chain 77
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ZUjnGuhb60XpKcW40cNF&pi=admatic&tc=1
Request Chain 78
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 84
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-86170d6b-31c9-4386-8852-7063e50efc7a
Request Chain 85
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=119a41cb3fb76a06
Request Chain 95
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ij9a6nwvUFk2Y21oSll3UCtoK25LRlk5bmZYREF4S01pUUk0Z1ZUU05NVnR1SGJiR1ByTTB0enhsR0o5aEw2RG5UMU5kV2piSE0zbzhXRndJRGRtNVpYcFVFeWRRM3lBeUtrRmhHblhmNUZCeWx0RE9CMGViOG96RVdabXh4QkFveVNrR1hxaGRXSjdyUCszUWZhbEpvanV0WjdhS1QzbEtvd2JjZmp6dURoeFpMUnZhakNML0tJSnRRTXNxTzJsbTM0WWVNcmMraFpDR1hZRUZWTWd2STVWeTQyS1JzMThaWVBxUzZsSlRTSm90Q2o4PXw&cppv=2
Request Chain 110
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ab1efff72a291718
Request Chain 112
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=55bd0aee2b484b9c4cc9367a
Request Chain 113
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=d7884458-09d7-4006-a4b0-e188c34f7271
Request Chain 114
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7489267687012257549
Request Chain 115
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=ab1efff72a291718
Request Chain 117
  • https://ih.adscale.de/uu?cbfn=receive&t=1620406908 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1620406908&nut&uu=4392baca47fb4affacf2308e0146099c
Request Chain 119
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Da8032093996d09fc HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a8032093996d09fc
Request Chain 120
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4452998077 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4452998077 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cb218fe7-8eb0-4d20-9223-72a8f2be8033 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3f65df11-6999-4eeb-bb45-fb83a0ac46c2-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-3f65df11-6999-4eeb-bb45-fb83a0ac46c2-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-3f65df11-6999-4eeb-bb45-fb83a0ac46c2-003&dc=1079cc634ca638f8&iss=1
Request Chain 124
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Da8032093996d09fc%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Da8032093996d09fc%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=a8032093996d09fc&uid=d7884458-09d7-4006-a4b0-e188c34f7271
Request Chain 128
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Da8032093996d09fc HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 129
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da8032093996d09fc%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253Da8032093996d09fc%2526uid%253D%2524UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a8032093996d09fc&uid=6198753840348078043
Request Chain 131
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-9JtAOWFE2uHcysSUPjzzlILMlqCnKTLn8zQD6iA-~A
Request Chain 132
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3Da8032093996d09fc%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=a8032093996d09fc&uid=de47d9051270144ebb02785d3a5012b87534657a
Request Chain 134
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 163
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 177
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 197
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENm7E37cu3nUeBpuYFs0J_A&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Request Chain 204
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=9df4b304-b6cf-4849-8681-c92a04107fab&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Request Chain 206
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=cb218fe7-8eb0-4d20-9223-72a8f2be8033&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Request Chain 210
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=fb049840-1b73-4e93-a086-4dfcb859beed&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 211
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=19364020546312801192109103201837077591&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Request Chain 213
  • https://bn01.er.bemail.it/zeotap.php?_bid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021050719-28714-0.951793001620406912-e54c60114a080ac802cb9de29b7b1269&zdid=533&env=mWeb
Request Chain 214
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6959594693261392017&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Request Chain 215
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
Request Chain 216
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361&bounce=1&random=389352943 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=waIck3nBgijMK4rbgsF7EO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Request Chain 218
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=57d36bdcfb717f8aced51c8b2eaef252&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Request Chain 219
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-SHnmf.lE2oq2o3SHghKu5zL7VeZ_QNpsCw--~A&zpartnerid=570&env=mWeb
Request Chain 220
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ik0TRJIHJDyQEm6yCMsGM7q6egUVzBnQ%2BS41iYitP1U%3D
Request Chain 224
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361&_test=YJVygQAA0inmxgA4 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJVygQAA0inmxgA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&_test=YJVygQAA0inmxgA4
Request Chain 225
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4f876095-7282-4100-bb1c-3e06bbf7b14e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Request Chain 226
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OGz5Xlc4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
Request Chain 227
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&dcc=t
Request Chain 228
  • https://tags.bluekai.com/site/87734?id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 233
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB&dcc=t
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELXgK9itvMvktt09Rc-pQNs&google_cver=1
Request Chain 236
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJVyf.-UWjBt44T5X1vkigAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKl0K4F5o562ymQj7X0r3Rw&google_cver=1&gdpr=1&google_hm=2
Request Chain 237
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YJVyf.-UWjBt44T5X1vkigAA%261167 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJVyf.-UWjBt44T5X1vkigAA%261167
Request Chain 238
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 239
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969852030226 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969852030226&C=1
Request Chain 267
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7489267687012257549
Request Chain 268
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b5c514fd-558d-517f-9c14-68c5fc811a45
Request Chain 270
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7489267687012257549
Request Chain 271
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DbY_mW5E2uH11bNYJsixDLe5Cm1aWjG9CqRcf7U-~A
Request Chain 272
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=7489267687012257549
Request Chain 281
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=4392baca47fb4affacf2308e0146099c&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?tpid=101&tpuid=BBID-01-02951209132642341-16281144
Request Chain 283
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3490688419953741391
Request Chain 284
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=63956095-7282-4f00-bac8-0ce49ee5978f&gdpr=1&gdpr_consent=
Request Chain 285
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADFRU7BKuUAACxbtLQ56Q&expiration=1621616514&gdpr=1
Request Chain 287
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622998912
Request Chain 289
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B108B9E8306549F4AACE44F67D0671A1&gdpr=1
Request Chain 291
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=979987311b6c612e6f638d9da0c9d8bcf563d4ef1cec20176b57a060463e078b&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YJVyf.-UWjBt44T5X1vkigAA%261167
Request Chain 292
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=883e39b703a5596a74cfd20d6265c70b57a09e48dc56a4f1a36be686ff7c3dd1&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=7fb56095-7283-4c00-b34e-18d7a08f7f2c&gdpr=0&gdpr_consent=
Request Chain 293
  • https://track.adform.net/serving/cookie/match/?party=9&uid=2899283fba1f4e2d55b7178fa7d81e7dff0c0c604fc6432b7912430534cb29e6&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=2899283fba1f4e2d55b7178fa7d81e7dff0c0c604fc6432b7912430534cb29e6&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?tpid=42&gdpr=0&tpuid=5657684807464352183
Request Chain 294
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=1cf49b82b2ecaa3763555fb65700cada702c0d270d27b9394b4ff65c96717909&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=92cebd63-0932-45f0-aa3c-06e4ae2d643e
Request Chain 295
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=664c8e91d45faae8e2a8ee5bf1a0e905933d1bd59220285922c16321d1c171cc&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=7fb56095-7283-4c00-b34e-18d7a08f7f2c&gdpr=0&gdpr_consent=
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=6b40b995411b7f814242fdf0a09086d2417b867311f85f3e7140c79d3db97011&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?uid=6b40b995411b7f814242fdf0a09086d2417b867311f85f3e7140c79d3db97011&tpid=38&gdpr=0&tpuid=CAESEG0q22CQme7eytgZG7RIANU&google_cver=1
Request Chain 297
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=33e0545088ee180434728fc7e879d5a59bfc7de6137cae9e0a92f53adf7f2e01&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=33e0545088ee180434728fc7e879d5a59bfc7de6137cae9e0a92f53adf7f2e01&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/js?tpid=48&tpuid=7c0854810f9f91ae0184a47e9c552f8a
Request Chain 300
  • https://bcp.crwdcntrl.net/5/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Request Chain 301
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=57d36bdcfb717f8aced51c8b2eaef252&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=19364020546312801192109103201837077591
Request Chain 302
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YJVyiAAAywM4cwAC HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YJVyiAAAywM4cwAC&_test=YJVyiAAAywM4cwAC
Request Chain 303
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Request Chain 305
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/57d36bdcfb717f8aced51c8b2eaef252/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2483718234057654791
Request Chain 306
  • https://id5-sync.com/s/19/9.gif?puid=57d36bdcfb717f8aced51c8b2eaef252&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=57d36bdcfb717f8aced51c8b2eaef252&gdpr=1&gdpr_consent= HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOpFc4Gyb_j3tZfJZkB-0Xe18OZETAL2tB6zbYqA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/8/2.gif?puid=2483718234057654791&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=6eec9edaaa834332089f7cdd48afd40a&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOpFc4Gyb_j3tZfJZkB-0Xe18OZETAL2tB6zbYqA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTdkMzZiZGNmYjcxN2Y4YWNlZDUxYzhiMmVhZWYyNTI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOpFc4Gyb_j3tZfJZkB-0Xe18OZETAL2tB6zbYqA
Request Chain 308
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=9140366141743119460 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESEEd43jU5Xa9hS2H3ZEWEppM&google_cver=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=dimRJXro5gCR2C5TSVOxeK5Ew&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent=&google_gid=CAESEEd43jU5Xa9hS2H3ZEWEppM&google_cver=1 HTTP 302
  • https://a.audrte.com/p

309 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ukr.net/
Redirect Chain
  • http://ukr.net/
  • http://www.ukr.net/
  • https://www.ukr.net/
192 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
42304d0806cf56e633de2b19510357a3c5186b40c8a45c3df7f5a0d56ca6d877
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ukr.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Fri, 07 May 2021 17:01:46 GMT
content-type
text/html
content-length
47602
cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
expires
-1
set-cookie
un_lang=ua; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure snr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure scr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure sfr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure
etag
"60957256-b9f2"
content-encoding
gzip
vary
User-Agent
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Server
nginx
Date
Fri, 07 May 2021 17:01:46 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://www.ukr.net/
Vary
User-Agent
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Set-Cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==; expires=Sat, 07-May-22 17:01:46 GMT; domain=.ukr.net; path=/
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5903420-1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63e01ca1171b0a0e622a6334a52f2a60b7f7704f22a1414724f41f9ecf850003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35719
x-xss-protection
0
last-modified
Fri, 07 May 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 May 2021 17:01:46 GMT
top_links.css
upst.fwdcdn.com/css/1619792094/ 		2 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/1619792094/top_links.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
87a40b3ba8c8cb07b1925708839047c50c9856ea6436d6a6f96ef8f58ceda07d

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
content-encoding
gzip
last-modified
Fri, 30 Apr 2021 14:15:03 GMT
server
nginx
etag
W/"608c10e7-79d"
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
expires
Sat, 07 May 2022 17:01:46 GMT
/
upst.fwdcdn.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
af0cb902656b4fde470988b5fafcfb29703d1e18469371fca027bbcb6fbd7724

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 08:56:16 GMT
server
nginx
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
expires
Sat, 07 May 2022 17:01:46 GMT
main.css
upst.fwdcdn.com/css/66/portal/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/66/portal/main.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
f3352012cfa03559709cc1820c6ef16f21c2a556cca03750e0c7201ba7b8e307

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 14:19:03 GMT
server
nginx
etag
"60803457-1e58"
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
7768
expires
Sat, 07 May 2022 17:01:46 GMT
_desktop.js
www.ukr.net/news/ 		20 B
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/news/_desktop.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/news/_desktop.js
pragma
no-cache
cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
content-encoding
gzip
vary
User-Agent
server
nginx
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
concat.js
upst.fwdcdn.com/js/31/portal/ 		166 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/31/portal/concat.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 09:53:05 GMT
server
nginx
etag
"5f6dbe01-cc31"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
52273
expires
Sat, 07 May 2022 17:01:46 GMT
main.js
upst.fwdcdn.com/js/516/portal/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/516/portal/main.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
061769e5c7eb97935122a0492b7b2365f8a8538ec018a37e31e030f2192750ab

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 14:28:03 GMT
server
nginx
etag
"6076fbf3-40d9"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
16601
expires
Sat, 07 May 2022 17:01:46 GMT
zakladki_v2.min.js
zakladki.ukr.net/bookmarks/js/ 		104 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.248 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv248.fwdcdn.com
Software
nginx/1.16.1 /
Resource Hash
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Last-Modified
Fri, 14 Aug 2020 10:42:05 GMT
Server
nginx/1.16.1
ETag
"5f366a7d-19e00"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
close
Accept-Ranges
bytes
Content-Length
105984
Expires
Fri, 14 May 2021 17:01:47 GMT
top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-140f"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
5135
expires
Fri, 14 May 2021 17:01:46 GMT
grey-pix.gif
upst.fwdcdn.com/img/ 		53 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/grey-pix.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-35"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
53
expires
Fri, 14 May 2021 17:01:46 GMT
fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-1134"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
4404
expires
Fri, 14 May 2021 17:01:46 GMT
fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:46 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-134e"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
4942
expires
Fri, 14 May 2021 17:01:46 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2095
date
Fri, 07 May 2021 16:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 07 May 2021 18:26:52 GMT
can_https
mail.ukr.net/ 		46 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.ukr.net/can_https
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.249 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-249.fwdcdn.com
Software
nginx /
Resource Hash
bfc9fbc4575f67c1903d4ff0b0d8889b7a66b72676dd61cec9abec0019a2fe50

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
server
nginx
content-length
46
content-type
text/javascript
hb_300016_4947.js
player.adtelligent.com/prebidlink/450113/ 		321 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
861bca9472dfbcf9c1cb4acd328ecf74e8a0de07733797d406036193094cd543

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 11:25:28 GMT
server
nginx
etag
W/"60815d28-50486"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 07 May 2021 18:01:47 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
cc64d30d612c9dcfe85fa11d8bed257b26ff7c67d5f4c2733d2c14f1931f31b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"864 / 933 of 1000 / last-modified: 1620385836"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21224
x-xss-protection
0
expires
Fri, 07 May 2021 17:01:47 GMT
wrapper_hb_300016_4947.js
player.adtelligent.com/prebidlink/450113/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
4d6d050db8e69a4a77a8ca3a33d0aba6353adfe7845908e5fec574a70d11a0e2

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 13:54:43 GMT
server
nginx
etag
W/"6093f523-1499f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 07 May 2021 18:01:47 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
test
accounts.ukr.net/public/access/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/public/access/test?_=1620406907157
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
server
nginx
access-control-max-age
600
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
access-control-allow-credentials
true
x-upstream
4510.10.20.49:5080
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length
2
login
accounts.ukr.net/widget/ Frame 910A
Redirect Chain
  • https://mail.ukr.net/widget?lang=uk
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
1b82fb755d98e24c6828fff4691e8dd4611834965a3ec877a86aa1ea9b8e04a5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://www.ukr.net/
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.ukr.net
:scheme
https
:path
/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.569648341.1620406907; _gid=GA1.2.656524154.1620406907; can_https=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Fri, 07 May 2021 17:01:47 GMT
content-type
text/html; charset=UTF-8
expires
Fri, 07 May 2021 17:01:46 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-frame-options
ALLOW-FROM https://www.ukr.net/
vary
*
content-security-policy
default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-encoding
gzip
x-upstream
4210.10.20.48:5080

Redirect headers

server
nginx
date
Fri, 07 May 2021 17:01:47 GMT
content-length
0
location
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
set-cookie
freemail=; Domain=ukr.net; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ sid=; Domain=mail.ukr.net; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ sid=; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ fvsid=; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/
x-detected-skin
widget
expires
Fri, 07 May 2021 17:01:46 GMT
cache-control
no-cache
content-security-policy
default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
5ysrIfrF92
go.rcvlink.com/ifr/ Frame 124B 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
c6e062ccfb4e7bf2e4020e000a457da3cee98015550fb029221d9797d9e19858

Request headers

:method
GET
:authority
go.rcvlink.com
:scheme
https
:path
/ifr/5ysrIfrF92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Fri, 07 May 2021 17:01:47 GMT
content-type
text/html
last-modified
Sat, 03 Apr 2021 06:37:04 GMT
etag
W/"60680d10-3435"
expires
Sat, 08 May 2021 17:01:47 GMT
cache-control
max-age=86400
content-encoding
gzip
v2
a4p.adpartner.pro/jsunit/jsonp/ 		1 KB
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery30008034093390907842_1620406906894&_=1620406906895
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS
app-04.adpartner.pro
Software
nginx /
Resource Hash
bc29649276d038c4454e400915c4f773eb0d1a56677a3bbf1b7c006ab24120f4

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show_json/ukrnet/ 		194 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery30008034093390907842_1620406906896&_=1620406906897
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
bea9c62b3e121ebfc2ee63d22420a826bbab63bf4fdcd1a4417d84fd5f1ad282
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
pinformer4.php
pinformer.sinoptik.ua/ Frame 0DD9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx / PHP/5.5.38
Resource Hash
370ff21700e5f8afc85e261782db8535a7e9cf14cc0ee3e0a7c660f54824ac73

Request headers

:method
GET
:authority
pinformer.sinoptik.ua
:scheme
https
:path
/pinformer4.php?lang=ua&rnd=1620406907175
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Fri, 07 May 2021 17:01:47 GMT
content-type
text/html; charset=utf-8
set-cookie
os=WINDOWS; path=/
x-powered-by
PHP/5.5.38
expires
Fri, 07 May 2021 17:06:47 GMT
cache-control
max-age=300, must-revalidate, proxy-revalidate
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding
gzip
vary
Accept-Encoding
ukrnet_ua.html
kinoafisha.ua/widget/ Frame C4F8 		416 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1620406907177
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
112efee847ec73b08202dd1feab69e2ef0b699493f690d1bf73999a4688ea2d0

Request headers

:method
GET
:authority
kinoafisha.ua
:scheme
https
:path
/widget/ukrnet_ua.html?rnd=1620406907177
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Fri, 07 May 2021 17:01:47 GMT
content-type
text/html
last-modified
Fri, 07 May 2021 17:00:00 GMT
etag
W/"60957210-681cf"
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
content-encoding
gzip
covid19.html
www.ukr.net/dat/ Frame F82E 		48 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/dat/covid19.html
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
5f652b9a17a6a168daf915972b1bb2e83d3e3cc7eaa26681ce387df6ca8ef2a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ukr.net
:scheme
https
:path
/dat/covid19.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.569648341.1620406907; _gid=GA1.2.656524154.1620406907; can_https=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Fri, 07 May 2021 17:01:47 GMT
content-type
text/html
content-length
13685
last-modified
Fri, 07 May 2021 16:35:29 GMT
etag
"60956c51-3575"
content-encoding
gzip
vary
User-Agent
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ukrnet2.js
trafmag.com/ 		331 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trafmag.com/ukrnet2.js?callback=jQuery30008034093390907842_1620406906898&_=1620406906899
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
decadc5d5fe655be2daca83854753ec0caaf6e2d74baf22fc735a8c44d13458f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
server
nginx
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
p3p
CP="NON DSP COR CURa TIA"
1119189
servicer.mgid.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1119189?callback=jQuery30008034093390907842_1620406906900&_=1620406906901
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf1b274af54292786b5383117ec1e53b345ed96417eeb7f1fd8bf7a734a12af

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09e9604b24000038b3b3311000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
64bc03250b4638b3-VIE
access-control-allow-headers
*
addlink.gif
zakladki.ukr.net/bookmarks/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zakladki.ukr.net/bookmarks/img/addlink.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.248 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv248.fwdcdn.com
Software
nginx/1.16.1 /
Resource Hash
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Last-Modified
Tue, 20 Aug 2013 02:30:01 GMT
Server
nginx/1.16.1
ETag
"5212d4a9-6dc"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
close
Accept-Ranges
bytes
Content-Length
1756
Expires
Fri, 14 May 2021 17:01:47 GMT
cnt.php
counter.ukr.net/c5/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/c5/cnt.php?rand=0.7182041201839247&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Fri, 07 May 2021 17:01:46 GMT
cnt.php
counter.ukr.net/aid/portal/ 		317 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/aid/portal/cnt.php?rand=0.0037356052970036746&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
1933fba4e48cb8a5c2bb3f00001ae384db8b01e478a78a95379ea1ec30c99e76

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Fri, 07 May 2021 17:01:46 GMT
cnt.php
counter.ukr.net/lid/329/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/lid/329/cnt.php?rand=0.18617458292567335&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Fri, 07 May 2021 17:01:46 GMT
chartist.min.css
www.ukr.net/css/1/ Frame F82E 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/css/1/chartist.min.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/dat/covid19.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/1/chartist.min.css
pragma
no-cache
cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.569648341.1620406907; _gid=GA1.2.656524154.1620406907; can_https=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.ukr.net
referer
https://www.ukr.net/dat/covid19.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/dat/covid19.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
vary
User-Agent
last-modified
Wed, 22 Apr 2020 15:50:12 GMT
server
nginx
etag
"5ea067b4-5db"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
content-length
1499
x-xss-protection
1; mode=block
expires
Fri, 14 May 2021 17:01:47 GMT
chartist.min.js
www.ukr.net/js/1/ Frame F82E 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/js/1/chartist.min.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/dat/covid19.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
de624a0a9b0ce2f2a5a44c44f80210ed7c42095f089a6109d0b29d6eecc2b074
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/1/chartist.min.js
pragma
no-cache
cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.569648341.1620406907; _gid=GA1.2.656524154.1620406907; can_https=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ukr.net
referer
https://www.ukr.net/dat/covid19.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/dat/covid19.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
vary
User-Agent
last-modified
Wed, 22 Apr 2020 15:50:12 GMT
server
nginx
etag
"5ea067b4-2f28"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=604800
content-length
12072
x-xss-protection
1; mode=block
expires
Fri, 14 May 2021 17:01:47 GMT
1
recreativ.ru/cs/1/ Frame 124B 		34 B
192 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recreativ.ru/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a90ffbca12ae717107114c6bfd60566dadea0ec018e6d119d6f5bdcbc59934f3

Request headers

Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b18
cache-control
private, max-age=315360000
expires
Mon, 05 May 2031 20:01:47 +0300
1
go.rcvlink.com/cs/1/ Frame 124B 		34 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
82d23b3593bf116bbdf9ed035dc7d872ce07abd042873dcfdd929a222b21c271

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b13
cache-control
private, max-age=315360000
expires
Mon, 05 May 2031 20:01:47 +0300
swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame 0DD9 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 13:04:12 GMT
server
nginx
etag
W/"5f620d4c-2deb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Sun, 06 Jun 2021 17:01:47 GMT
swPortal4.js
pinformer.sinoptik.ua/js/15/ Frame 0DD9 		115 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 14:54:44 GMT
server
nginx
etag
W/"5f622734-1cc1f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000, public
expires
Sun, 06 Jun 2021 17:01:47 GMT
t.gif
pinformer.sinoptik.ua/img/ Frame 0DD9 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/t.gif
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Thu, 23 Oct 2014 10:32:30 GMT
server
nginx
etag
"5448d93e-2b"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
43
expires
Sun, 06 Jun 2021 17:01:47 GMT
5_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 0DD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/5_0.jpg
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
fc9fb6f8acbad1909173bfcad58ee0d5ff8f6c742f70d96a25cc00ee23936838

Request headers

Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-73e"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1854
expires
Sun, 06 Jun 2021 17:01:47 GMT
/
www.ukr.net/sinoptik/102761369/ Frame 0DD9 		0
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/sinoptik/102761369/
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1620406907175
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/sinoptik/102761369/
pragma
no-cache
cookie
un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ukr.net
referer
https://pinformer.sinoptik.ua/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Fri, 7 May 2021 17:01:47 UTC
server
nginx
etag
"582596a6-0"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
set-cookie
pcity=102761369; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure uid=Cj1tBGCVcntmigLhDXLmAg==; expires=Sat, 07-May-22 17:01:47 GMT; domain=.ukr.net; path=/
accept-ranges
bytes
content-type
application/x-javascript
content-length
0
expires
Fri, 7 May 2021 17:01:47 UTC
bundle.css
accounts.ukr.net/widget/login/css/ Frame 910A 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/css/bundle.css?63ed99eb
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
cf4f8ce4e9d310e448f37a9868c601fe20a9a8b2bf098bce26c59881f92c5a08

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:16 GMT
server
nginx
etag
W/"609562a8-211a"
content-type
text/css
x-upstream
4210.10.20.49:5080
cache-control
max-age=1209600
expires
Fri, 21 May 2021 17:01:47 GMT
bundle.js
accounts.ukr.net/widget/login/js/ Frame 910A 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/bundle.js?bbd83175
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
725d247cc26901d5fc768a9cc09b03eb894191efb8c65aa44e9e5ee0b8d667df

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:16 GMT
server
nginx
etag
W/"609562a8-2491e"
content-type
application/javascript
x-upstream
4210.10.20.48:5080
cache-control
max-age=1209600
expires
Fri, 21 May 2021 17:01:47 GMT
runtime.js
upst.fwdcdn.com/js/ Frame 0DD9 		408 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/runtime.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 14:33:26 GMT
server
nginx
etag
"59380eb6-1e6e9"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
124649
expires
Sat, 07 May 2022 17:01:47 GMT
1
go.rcvlink.com/cs/1/ Frame 124B 		34 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a90ffbca12ae717107114c6bfd60566dadea0ec018e6d119d6f5bdcbc59934f3

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
Cache-Control
max-age=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-cache
t5_a7tDVumj_0hg

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b23
cache-control
private, max-age=315360000
expires
Mon, 05 May 2031 20:01:47 +0300
cnt.php
counter.ukr.net/advert/adv/portal/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.0037356052970036746&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.0037356052970036746&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Fri, 07 May 2021 17:01:46 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=405889086&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ukr.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUABAAAAAC~&jid=1319484325&gjid=107727036&cid=569648341.1620406907&tid=UA-5903420-1&_gid=656524154.1620406907&_r=1&gtm=2ou4s0&cd1=Unregistered&cd2=n&cd3=0&z=269876619
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
start.json
www.ukr.net/ajax/ 		62 KB
62 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/ajax/start.json
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
55b467ad09838d40ad9e94d23053b3a922dbae537c2e0c14737d8fd8a46c7258
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.569648341.1620406907; _gid=GA1.2.656524154.1620406907; can_https=1; pcity=102761369; tracknew=1620406907456942.1620406907.1; _gat_gtag_UA_5903420_1=1
:path
/ajax/start.json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
vary
User-Agent
server
nginx
x-frame-options
SAMEORIGIN
content-length
63245
x-xss-protection
1; mode=block
content-type
application/json
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5903420-1&cid=569648341.1620406907&jid=1319484325&gjid=107727036&_gid=656524154.1620406907&_u=6GBAAUAAAAAAAC~&z=1361433907
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 07 May 2021 17:01:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 124B 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=t5_a7tDVumj_0hg&ver=210403-0937&w=0&h=0&vw=0&ms=184.0&ref=&
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 17:01:47 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b28
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/javascript;charset=utf-8
expires
Fri, 07 May 2021 20:01:47 +0300
truncated
/ Frame C4F8 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5903420-1&cid=569648341.1620406907&jid=1319484325&_u=6GBAAUAAAAAAAC~&z=964073692
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5903420-1&cid=569648341.1620406907&jid=1319484325&_u=6GBAAUAAAAAAAC~&z=964073692
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1620406907578.html
www.ukr.net/viewids/main/84877982,104,324,40,19,71,73,48,50,16,53,59,39,15,18,46,6,2,6,5,68,23,13,29,2,9,26,4,32,16,5,4,7,2,9,6,4,9,5,2,6,1,1,3,5,1,12,3,1,24,2,1,7,4,13,6,1,5,5,2,18,1,3,1,1,4,7,1,1... 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/viewids/main/84877982,104,324,40,19,71,73,48,50,16,53,59,39,15,18,46,6,2,6,5,68,23,13,29,2,9,26,4,32,16,5,4,7,2,9,6,4,9,5,2,6,1,1,3,5,1,12,3,1,24,2,1,7,4,13,6,1,5,5,2,18,1,3,1,1,4,7,1,1,6,2,3,2,4,5,30,5,5,7,2,10,5,3/1620406907578.html
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.252 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv252.fwdcdn.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
uid=Cj1tBGCVcnprEgLnCoFVAg==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.569648341.1620406907; _gid=GA1.2.656524154.1620406907; can_https=1; pcity=102761369; tracknew=1620406907456942.1620406907.1; _gat_gtag_UA_5903420_1=1
:path
/viewids/main/84877982,104,324,40,19,71,73,48,50,16,53,59,39,15,18,46,6,2,6,5,68,23,13,29,2,9,26,4,32,16,5,4,7,2,9,6,4,9,5,2,6,1,1,3,5,1,12,3,1,24,2,1,7,4,13,6,1,5,5,2,18,1,3,1,1,4,7,1,1,6,2,3,2,4,5,30,5,5,7,2,10,5,3/1620406907578.html
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Fri, 11 Nov 2016 10:00:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"582596a2-0"
vary
User-Agent
content-type
text/plain
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
top_links.png
upst.fwdcdn.com/img/1619792094/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/1619792094/top_links.png
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1619792094/top_links.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
210874cb09f5427f1273e8c36b66f44094ad29147d171047ebeb4b86e60a69aa

Request headers

Referer
https://upst.fwdcdn.com/css/1619792094/top_links.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Fri, 30 Apr 2021 14:15:03 GMT
server
nginx
etag
"608c10e7-15a3"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
5539
expires
Fri, 14 May 2021 17:01:47 GMT
icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 		395 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/66/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

Referer
https://upst.fwdcdn.com/css/66/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
nginx
etag
"6076e064-18b"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
395
expires
Fri, 14 May 2021 17:01:47 GMT
icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 		461 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/66/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

Referer
https://upst.fwdcdn.com/css/66/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
nginx
etag
"6076e064-1cd"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
461
expires
Fri, 14 May 2021 17:01:47 GMT
dot.svg
upst.fwdcdn.com/img/portal/main/ 		650 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/66/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

Referer
https://upst.fwdcdn.com/css/66/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Fri, 11 Nov 2016 10:06:26 GMT
server
nginx
etag
"58259822-18e"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
content-length
398
expires
Fri, 14 May 2021 17:01:47 GMT
arrow.svg
upst.fwdcdn.com/img/portal/main/ 		233 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/66/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

Referer
https://upst.fwdcdn.com/css/66/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Fri, 11 Nov 2016 10:06:26 GMT
server
nginx
etag
"58259822-bc"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
content-length
188
expires
Fri, 14 May 2021 17:01:47 GMT
ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 0DD9 		149 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-95"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
149
expires
Sun, 06 Jun 2021 17:01:47 GMT
term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 0DD9 		389 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-185"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
389
expires
Sun, 06 Jun 2021 17:01:47 GMT
s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 0DD9 		185 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-b9"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
185
expires
Sun, 06 Jun 2021 17:01:47 GMT
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ 		300 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Fri, 07 May 2021 17:01:47 GMT
m_22bfdwi5those-who-wish-me-dead.jpeg
kinoafisha.ua/upload/2021/02/films/9448/ Frame C4F8 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2021/02/films/9448/m_22bfdwi5those-who-wish-me-dead.jpeg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1620406907177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
21049f88264482b3e3309312b4926f05516dc6c6afff9ee61f6d0502afbe5e55

Request headers

Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1620406907177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Tue, 06 Apr 2021 17:03:57 GMT
server
nginx
etag
"606c947d-4f2e"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
20270
expires
Fri, 14 May 2021 17:01:47 GMT
m_22et0ntdvoyajer.jpg
kinoafisha.ua/upload/2021/03/films/9497/ Frame C4F8 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2021/03/films/9497/m_22et0ntdvoyajer.jpg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1620406907177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
dcf7cc2f869a2218d32ed5b92ed7921bad28a75f316bc6cc74073001290361ae

Request headers

Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1620406907177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Fri, 30 Apr 2021 08:33:10 GMT
server
nginx
etag
"608bc0c6-4fa4"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
20388
expires
Fri, 14 May 2021 17:01:47 GMT
m_22enqtjg100-volk.jpg
kinoafisha.ua/upload/2019/08/films/8976/ Frame C4F8 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2019/08/films/8976/m_22enqtjg100-volk.jpg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1620406907177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
995d2dd48525a7b6fd830019a455421673589d4416fc4db82b0e15b25ebf6ba9

Request headers

Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1620406907177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
last-modified
Thu, 29 Apr 2021 07:56:58 GMT
server
nginx
etag
"608a66ca-574c"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
22348
expires
Fri, 14 May 2021 17:01:47 GMT
get
accounts.ukr.net/api/v1/cai/browser/ Frame 910A 		107 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/cai/browser/get
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?bbd83175
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
b6a9b7bdb011c5071c5682b80db3506f9dcd2a752cc3987cd4465e4ba957759a

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
server
nginx
content-type
application/json
x-upstream
4210.10.20.48:5080
expires
Fri, 07 May 2021 17:01:46 GMT
cache-control
no-cache
content-length
107
x-served-by
127.0.0.1:10000
get
accounts.ukr.net/api/v1/cai/browser/ Frame 910A 		107 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/cai/browser/get
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?bbd83175
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
e080787f4971a57e3bb64457d835fee43aebc5f94430fc6e665335f6250e73fb

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
server
nginx
content-type
application/json
x-upstream
4210.10.20.49:5080
expires
Fri, 07 May 2021 17:01:46 GMT
cache-control
no-cache
content-length
107
x-served-by
127.0.0.1:10000
tracking
ghb.adtelligent.com/adunit/ 		43 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=300016&site_id=4947&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=ekfo0v.qn&vpbv=0774&lifecycle_tte=1517
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Fri, 07 May 2021 17:01:47 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 910A 		58 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?5bcf5f0601d113158f97
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
14b6e5af3d417a68ef517da9b376b77cb4e936a389bf6ba12d09c5062a7ddc10

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:16 GMT
server
nginx
etag
W/"609562a8-e602"
content-type
application/javascript
x-upstream
4210.10.20.48:5080
cache-control
max-age=1209600
expires
Fri, 21 May 2021 17:01:47 GMT
workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 910A 		58 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?5bcf5f0601d113158f97
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
14b6e5af3d417a68ef517da9b376b77cb4e936a389bf6ba12d09c5062a7ddc10

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:16 GMT
server
nginx
etag
W/"609562a8-e602"
content-type
application/javascript
x-upstream
4210.10.20.49:5080
cache-control
max-age=1209600
expires
Fri, 21 May 2021 17:01:47 GMT
acquire
accounts.ukr.net/api/v1/token/verification/ Frame 910A 		27 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?bbd83175
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-upstream
4210.10.20.48:5080
date
Fri, 07 May 2021 17:01:47 GMT
server
nginx
content-length
27
content-type
application/json
/
go.rcvlink.com/err/ Frame 124B 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/err/?code=5ysrIfrF92&ver=210403-0937&ms=460&text=!responseText&ref=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx / PHP/7.4.12
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

hn
m1
date
Fri, 07 May 2021 17:01:47 GMT
cache-control
no-store
server
nginx
x-powered-by
PHP/7.4.12
content-type
image/gif
csyncs
ghb.adtelligent.com/ 		796 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=463287&aid2=463288&aid3=605039&aid4=607661&aid5=undefined
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
8546ab535fa1c034eecb9a770e59e8945a9601332cf3028f99c87ef90cdbcfe9

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
378
sync.html
s.console.adtarget.com.tr/ Frame 4A8B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
7f75e79ec3f481ce050adc9b0e9fbc75ba3e8e70cdd02613b96477f4e1ccde77

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ukr.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

Server
VertaMedia 1.0
Date
Fri, 07 May 2021 17:01:47 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
942
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.adtelligent.com/ Frame 5422
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5f57ee3c-248e-4884-8b3c-b6335968afbe
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5f57ee3c-248e-4884-8b3c-b6335968afbe
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ukr.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=ab1efff72a291718
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

Server
VertaMedia 1.0
Date
Fri, 07 May 2021 17:01:48 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=ab1efff72a291718; expires=Thu, 08 Jul 2021 17:01:48 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a319130=5f57ee3c-248e-4884-8b3c-b6335968afbe; expires=Thu, 08 Jul 2021 17:01:48 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

set-cookie
viewer_token=5f57ee3c-248e-4884-8b3c-b6335968afbe; path=/; domain=csync.loopme.me; Expires=Mon, 07-Jun-2021 17:01:47 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5f57ee3c-248e-4884-8b3c-b6335968afbe
content-length
0
date
Fri, 07 May 2021 17:01:47 GMT
server
_
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ab1efff72a291718
35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ab1efff72a291718
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ab1efff72a291718
Date
Fri, 07 May 2021 17:01:48 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:48 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
101
x-xss-protection
1; mode=block
expires
-1
Cookie set csync
sync.console.adtarget.com.tr/ Frame E1A4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ZUjnGuhb60XpKcW40cNF&pi=admatic&tc=1
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ZUjnGuhb60XpKcW40cNF&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Fri, 07 May 2021 17:01:48 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=119a41cb3fb76a06; expires=Thu, 08 Jul 2021 17:01:48 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=ZUjnGuhb60XpKcW40cNF; expires=Thu, 08 Jul 2021 17:01:48 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date
Fri, 07 May 2021 17:01:48 GMT Fri, 07 May 2021 17:01:48 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ZUjnGuhb60XpKcW40cNF&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 93CA
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
bed6014f85f8406ced900a73577f543d59a87c08445683049d905ae86e06bab1

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Fri, 07 May 2021 17:01:48 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AA2/WPd7q6ouhac5; path=/; domain=e-planning.net; expires=Fri, 05-May-2028 17:01:48 GMT; SameSite=None; Secure
expires
Fri, 07 May 2021 17:01:48 GMT
x-sid
AMS-607
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 07 May 2021 17:01:48 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-607
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E950 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=165018
Expires
Sun, 09 May 2021 14:52:06 GMT
Date
Fri, 07 May 2021 17:01:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame ECAE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Host
js.adscale.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

x-amz-id-2
gP4kyJgm9jhO0VUUdLTBT2FWpFhQmCAW/re9IS8ZQIJX8fTLSq2/YHJz4jHPt+LSgIODv8ND+4c=
x-amz-request-id
TJ1Q7NA6JYQADF0B
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
ETag
"5550fca00caf055568d6ced373f2721f"
x-amz-version-id
ljUMRnw1Ux.L_G6sluuTuNwF_kYaf8ny
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=300
Date
Fri, 07 May 2021 17:01:48 GMT
Content-Length
1509
Connection
keep-alive
cookie
cm.adform.net/ Frame 5C97 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cm.adform.net
:scheme
https
:path
/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Fri, 07 May 2021 17:01:48 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 5943 		251 B
602 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.113.194.12 Münster, Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-481
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
AT
cdn-edgestorageid
481
cdn-storageserver
DE-51
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-05-07 15:49:03
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
636224d8fdfe99be830abbb861e32657
cdn-cache
HIT
content-encoding
gzip
sync.html
s.adtelligent.com/ Frame 0030 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
06b0f91f690a5ddc096187307c63af0de19dc9d61cc95ef686e283c843895bb9

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=ab1efff72a291718
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Fri, 07 May 2021 17:01:47 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
901
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 4A8B
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-86170d6b-31c9-4386-8852-7063e50efc7a
86 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-86170d6b-31c9-4386-8852-7063e50efc7a
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

location
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-86170d6b-31c9-4386-8852-7063e50efc7a
date
Fri, 07 May 2021 17:01:48 GMT
server
Apache-Coyote/1.1
content-length
0
csync
sync.adtelligent.com/ Frame 4A8B
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=119a41cb3fb76a06
86 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=119a41cb3fb76a06
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=119a41cb3fb76a06
Date
Fri, 07 May 2021 17:01:50 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
config.json
player.adtelligent.com/exchange_rates/299917/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/299917/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c717bf0b5d1abece05f3e596b32701f9088e5abc3b7a520042c0e3a4abd37884

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 12:01:06 GMT
server
nginx
etag
W/"60952c02-19c8"
content-type
application/json
access-control-allow-origin
https://www.ukr.net
expires
Fri, 07 May 2021 18:01:48 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
integrator.js
adservice.google.at/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.at/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3831021979484789&correlator=475440089204387&output=ldjh&impl=fifs&eid=31060413%2C31060839&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=17774365%2Cukr.net_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1620406908&dt=1620406908081&dlt=1620406906680&idt=1356&frm=20&biw=1600&bih=1200&oid=3&adxs=995&adys=196&adks=583682291&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x557&msz=300x250&ga_vid=569648341.1620406907&ga_sid=1620406908&ga_hid=405889086&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
25bea63677a26c0b2a3806d5c92105e079d08245a90a38cd96a5f2127aa98d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11827
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3831021979484789&correlator=1959244386605570&output=ldjh&impl=fifs&eid=31060413%2C31060839&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=17774365%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x145%7C300x175&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1620406908&dt=1620406908087&dlt=1620406906680&idt=1356&frm=20&biw=1600&bih=1200&oid=3&adxs=995&adys=446&adks=2005426448&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x557&msz=300x145&ga_vid=569648341.1620406907&ga_sid=1620406908&ga_hid=405889086&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
bb5c9440e0c068464b0d4a9624d83ec881a8eb483ecac3b07271189912d465b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10888
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3831021979484789&correlator=970613358232606&output=ldjh&impl=fifs&eid=31060413%2C31060839&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=17774365%2Cukr.net_brend_resize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C120x600%7C160x600&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1620406908&dt=1620406908094&dlt=1620406906680&idt=1356&frm=20&biw=1600&bih=1200&oid=3&adxs=130&adys=89&adks=1069264500&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4328&msz=160x-1&ga_vid=569648341.1620406907&ga_sid=1620406908&ga_hid=405889086&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
d1420214e9808122ed6792d44b2cf16a172d276b43af742ab145bf2002fea7d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10474
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.ukr.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.ukr.net
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1498
date
Fri, 07 May 2021 17:01:47 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1
  • https://mug.criteo.com/sid?cpp=Ij9a6nwvUFk2Y21oSll3UCtoK25LRlk5bmZYREF4S01pUUk0Z1ZUU05NVnR1SGJiR1ByTTB0enhsR0o5aEw2RG5UMU5kV2piSE0zbzhXRndJRGRtNVpYcFVFeWRRM3lBeUtrRmhHblhmNUZCeWx0RE9CMGViOG96RVdabX...
0
0
adjson
ads.betweendigital.com/ 		0
0
/
ghb.adtelligent.com/v2/auction/ 		2 KB
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
50d540b4f96b6389e66dd1948c361771c4318434c30a0cb44bd78adbe18198ba

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
429
fastlane.json
fastlane.rubiconproject.com/a/api/ 		236 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832306&size_id=15&rp_schain=1.0,1!adtelligent.com,300016,1,,,&eid_pubcid.org=fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v4.36.0-1&x_source.tid=55398a17-64ab-43f0-8e11-3cf5f5d803ef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.041342276467532635
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
74d37244c485ffb4aae014445940410b185642be72cb7fb48320c33fd727234b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:48 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
236
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		256 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832306&size_id=15&alt_size_ids=10&rp_schain=1.0,1!adtelligent.com,300016,1,,,&eid_pubcid.org=fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v4.36.0-1&x_source.tid=894df587-c45e-4760-8deb-3696e010bd35&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5971050937975142
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e477b7907777d214554bb831d287bc1dd18248c0c7b18c52bc018c3a32ac497f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:48 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
256
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		94 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0-1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
d06d258502b8bf61cdaf7beda903d52974a9aa26c6f742e541bd9d8562e7bfda

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 07 May 2021 17:01:48 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid.1.1.aspx
inv-nets.admixer.net/ 		42 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22id%22:15960,%22name%22:%22AmplifiAdmixer%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22amplifi%22,%22entityId%22:12072,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22b335c008-b837-40e8-b569-4468a77e1c0b%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:2637829,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,145],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528258762-0%22,%22transactionId%22:%2255398a17-64ab-43f0-8e11-3cf5f5d803ef%22,%22sizes%22:[[300,145],[300,250]],%22bidId%22:%221717806285001f4%22,%22bidderRequestId%22:%22164803017d2af3a%22,%22auctionId%22:%22ekfobi.f4%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwww.ukr.net%2F%22}
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 07 May 2021 17:01:48 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
prebid.1.1.aspx
inv-nets.admixer.net/ 		42 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22id%22:12204,%22name%22:%22Admixer%20premium%20bottom%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:12072,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22b2f69d9c-d99f-4bcd-a357-a6c083deaf9a%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:1649992,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,145],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528258762-0%22,%22transactionId%22:%2255398a17-64ab-43f0-8e11-3cf5f5d803ef%22,%22sizes%22:[[300,145],[300,250]],%22bidId%22:%22198f829e880541f%22,%22bidderRequestId%22:%2218dc00390706ea7%22,%22auctionId%22:%22ekfobi.f4%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0},{%22id%22:13987,%22name%22:%22Admixer%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:14496,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22d765a0ca-a2cc-4c2c-a7cf-cc07398aab34%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:1805870,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528657150-0%22,%22transactionId%22:%22894df587-c45e-4760-8deb-3696e010bd35%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2220da6cd313dcbaf%22,%22bidderRequestId%22:%2218dc00390706ea7%22,%22auctionId%22:%22ekfobi.f4%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwww.ukr.net%2F%22}
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 07 May 2021 17:01:48 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
prebid
ib.adnxs.com/ut/v3/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
71b3f54f4dc58c5d0f7f4290c3ae4d2b5215e32ec75551bf6c39e7a8233c2db9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:48 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid
9e6e7080-3f24-4206-94c7-850a45c8d4c3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
261
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adtelligent-d.openx.net/w/1.0/ 		172 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ukr.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=55398a17-64ab-43f0-8e11-3cf5f5d803ef%2C894df587-c45e-4760-8deb-3696e010bd35&nocache=1620406908182&pubcid=fa7c98d9-19f5-4ce6-8e09-d46d23bf39c3&schain=1.0%2C1!adtelligent.com%2C300016%2C1%2C%2C%2C&aus=300x145%2C300x250%7C300x600%2C300x250&divIds=div-gpt-ad-1544528258762-0%2Cdiv-gpt-ad-1544528657150-0&auid=541177132%2C541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
0e4e666747e655eb5a107a8f584414c58778a2c15f68224ea85c2dd5a18c642b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ukr.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
161
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ukr.net
date
Fri, 07 May 2021 17:01:48 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
ghb1.adtelligent.com/v2/auction/ 		481 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
62bc4892f7d4c292e1c9214dc9dd6249e321ca7dd2f9072e34ed528d610d9868

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 07 May 2021 17:01:47 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
184
cdb
bidder.criteo.com/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.36.0-1&cb=16372912124
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ukr.net
date
Fri, 07 May 2021 17:01:47 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
auction
rtb.adxpremium.services/openrtb2/ 		324 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
012e173cca96df83725d136b320b235225e828bb7880668850b31e59a9b400d1

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09e9604d30000007469fb2f000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uij3HhY%2Fjlyp8ua3itfuaN3VxobzicfSthP2WbHObZ9OBixRE4971LUyhwvv0B9pPHRUqVdkFNxe9z8Fjbj5Ignd5McT%2Bv1WIpX8VdRBlfwb7UVfcqdRdRx69n%2F%2FvRo8SAC9xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
64bc0328482d0746-FRA
expires
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 79F5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=26530
Expires
Sat, 08 May 2021 00:23:58 GMT
Date
Fri, 07 May 2021 17:01:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 0030
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ab1efff72a291718
35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ab1efff72a291718
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=ab1efff72a291718
Date
Fri, 07 May 2021 17:01:48 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
d
ic.tynt.com/r/ Frame 4C00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-110.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.adtelligent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.adtelligent.com/

Response headers

server
nginx/1.16.1
date
Fri, 07 May 2021 17:01:48 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
csync
sync.adtelligent.com/ Frame 0030
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=55bd0aee2b484b9c4cc9367a
86 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=55bd0aee2b484b9c4cc9367a
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Fri, 07 May 2021 17:01:48 GMT
Server
nginx
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=55bd0aee2b484b9c4cc9367a
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame 0030
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=d7884458-09d7-4006-a4b0-e188c34f7271
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=d7884458-09d7-4006-a4b0-e188c34f7271
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:50 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=d7884458-09d7-4006-a4b0-e188c34f7271
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
laoal6234hhomnkrpibf4g4jm505m0ps
csync
sync.adtelligent.com/ Frame 0030
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7489267687012257549
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7489267687012257549
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:48 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid
b5ca2e0d-045e-478e-8355-898d0a2b59ff
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7489267687012257549
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame 0030
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=ab1efff72a291718
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=ab1efff72a291718
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=ab1efff72a291718
Date
Fri, 07 May 2021 17:01:48 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Ij9a6nwvUFk2Y21oSll3UCtoK25LRlk5bmZYREF4S01pUUk0Z1ZUU05NVnR1SGJiR1ByTTB0enhsR0o5aEw2RG5UMU5kV2piSE0zbzhXRndJRGRtNVpYcFVFeWRRM3lBeUtrRmhHblhmNUZCeWx0RE9CMGViOG96RVdabXh4QkFveVNrR1hxaGRXSjdyUCszUWZhbEpvanV0WjdhS1QzbEtvd2JjZmp6dURoeFpMUnZhakNML0tJSnRRTXNxTzJsbTM0WWVNcmMraFpDR1hZRUZWTWd2STVWeTQyS1JzMThaWVBxUzZsSlRTSm90Q2o4PXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
810
date
Fri, 07 May 2021 17:01:51 GMT
content-encoding
gzip
vary
Accept-Encoding
uu
ih.adscale.de/ Frame ECAE
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1620406908
  • https://ih.adscale.de/uu?cbfn=receive&t=1620406908&nut&uu=4392baca47fb4affacf2308e0146099c
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1620406908&nut&uu=4392baca47fb4affacf2308e0146099c
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3043a4d72590c635f4e960acaaaa9efdf16e9cbcc09e094cca3febcdcac50e11

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1620406908&nut&uu=4392baca47fb4affacf2308e0146099c
date
Fri, 07 May 2021 17:01:51 GMT
content-length
0
bundle.js
cdn.admatic.com.tr/user/ Frame 5943 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.113.194.12 Münster, Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
br
cdn-edgestorageid
481
cdn-storageserver
DE-51
cdn-cachedat
2021-05-07 15:07:20
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
70efc4b75a6109f41f006175b439675a
cdn-requestcountrycode
AT
cdn-requestpullsuccess
True
um
u-ams02.e-planning.net/ Frame 93CA
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Da8032093996d09fc
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a8032093996d09fc
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a8032093996d09fc
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:50 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=a8032093996d09fc
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame 93CA
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4452998077
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4452998077
  • https://sync.1rx.io/usersync/tradedesk/cb218fe7-8eb0-4d20-9223-72a8f2be8033
  • https://sync.targeting.unrulymedia.com/csync/RX-3f65df11-6999-4eeb-bb45-fb83a0ac46c2-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-3f65df11-6999-4eeb-bb45-fb83a0ac46c2-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-3f65df11-6999-4eeb-bb45-fb83a0ac46c2-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-3f65df11-6999-4eeb-bb45-fb83a0ac46c2-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:56 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-3f65df11-6999-4eeb-bb45-fb83a0ac46c2-003&dc=1079cc634ca638f8&iss=1
date
Fri, 07 May 2021 17:01:56 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3f65df1169994eebbb45fb83a0ac46c2003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 93CA 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:50 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 06 May 2026 17:01:50 GMT
tm60118.js
tag.navdmp.com/ Frame 93CA 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
09e9604d650000d6b563320000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
64bc0328ac31d6b5-FRA
expires
Fri, 07 May 2021 18:01:33 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 93CA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:50 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 06 May 2026 17:01:50 GMT
um
u-ams02.e-planning.net/ Frame 93CA
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Da8032093996d09fc%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Da8032093996d09fc%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=a8032093996d09fc&uid=d7884458-09d7-4006-a4b0-e188c34f7271
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=a8032093996d09fc&uid=d7884458-09d7-4006-a4b0-e188c34f7271
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:50 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=a8032093996d09fc&uid=d7884458-09d7-4006-a4b0-e188c34f7271
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
o432bigni4sickk7tam82cehp0arbn8e
ptag
a.audrte.com/ Frame 93CA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6f1f67251dece15753e1426a0fd018abd1adb4b2082be2673aae3dfd128f5ba6

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 93CA 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:50 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 06 May 2026 17:01:50 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 93CA 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Da8032093996d09fc%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 93CA
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Da8032093996d09fc
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:48 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 07 May 2021 17:01:48 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 93CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da8032093996d09fc%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253Da8032093996d09fc%2526uid%253D%2524UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a8032093996d09fc&uid=6198753840348078043
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a8032093996d09fc&uid=6198753840348078043
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:48 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid
71da6256-86e8-4b50-a524-bbb687bf356c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a8032093996d09fc&uid=6198753840348078043
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 93CA 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Da8032093996d09fc%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 93CA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-9JtAOWFE2uHcysSUPjzzlILMlqCnKTLn8zQD6iA-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-9JtAOWFE2uHcysSUPjzzlILMlqCnKTLn8zQD6iA-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Fri, 07 May 2021 17:01:51 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-9JtAOWFE2uHcysSUPjzzlILMlqCnKTLn8zQD6iA-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 93CA
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3Da8032093996d09fc%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=a8032093996d09fc&uid=de47d9051270144ebb02785d3a5012b87534657a
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=a8032093996d09fc&uid=de47d9051270144ebb02785d3a5012b87534657a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=a8032093996d09fc&uid=de47d9051270144ebb02785d3a5012b87534657a
Date
Fri, 07 May 2021 17:01:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame 93CA 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 1BA2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 07 May 2021 17:01:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 07 May 2021 17:01:51 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 84B1 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da8032093996d09fc%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=165018
Expires
Sun, 09 May 2021 14:52:06 GMT
Date
Fri, 07 May 2021 17:01:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 79F5 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21018466&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:48 GMT
Content-Length
0
container.html
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DF1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 07 May 2021 17:01:48 GMT
expires
Sat, 07 May 2022 17:01:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012103020108001/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b08f507be9178208cdb6c60463bb0a2355ee7bd9943fc6efbe357d87ed0f2676
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
541770
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7390
x-xss-protection
0
server
sffe
date
Sat, 01 May 2021 10:32:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3ee5fd327122cd2d"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 10:32:18 GMT
container.html
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 88DF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 07 May 2021 17:01:48 GMT
expires
Sat, 07 May 2022 17:01:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 5DF1 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27615
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:21:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:21:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5DF1 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27615
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:21:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:21:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5DF1 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28399
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5DF1 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28399
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5DF1 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28399
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
16238234278673020250
tpc.googlesyndication.com/daca_images/simgad/ Frame 5DF1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16238234278673020250
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0d1773329fd06a6227f7c4e293033955edafed790fa0a95ed3faf0d7124dcf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 16:19:43 GMT
x-content-type-options
nosniff
age
348125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21326
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 16:45:38 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 May 2022 16:19:43 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5DF1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 06:08:30 GMT
x-content-type-options
nosniff
server
cafe
age
39198
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Sat, 08 May 2021 06:08:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5DF1 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
27359
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 08 May 2021 09:25:49 GMT
l
www.google.com/ads/measurement/ Frame 5DF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDV9VqtkWLaywFHmF3ffbSy6J1vzAyVtAKbJk6TC-Pz93Bxdo74ZbG_E74atfUaK1Gd3NJ
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5DF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUzdqfHKVYPrNCPTU7_UPjuW_mAL6mfiqYc75o9aCDaCHgOyQAhABIJWn_A1gqbC-gMwBoAGPydXNA8gBAqkC1EBYS1dAtD7gAgCoAwHIAwiqBNgBT9DM1uKVnUYQTNqZ09DiJIyFIS7Ft1HVJullxx9c_miYIjpB3ZCbhQqQN--WmQ5Mm4vMaXTtj-C-sfb23DIlfAm4ySS4uH8mtZjar_oI98ZD1ozOYqa6b1bJFdivL4PihrqpWRSrLyUmzK7DDQYxtAx-sZpdeey6yHPYfJ85xercv_HHaq4enQtONnQ-10svM17g2nUxLP7N6Vply3Qyyk_bR0n1fH_bkm2yGQKHvasTXLTz62mC0X_xAuhx13B1eV5pihsnHdVKu4rNMMKI7WXYIrWjy9nywATBj9jwwgPgBAGSBQQIBBgBkgUECAUYBKAGAoAH2baqMqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCtiQHSCAkIgOGAUBABGB2ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNzMwMjAzNjA4ODc2OTQxNw&sigh=rGyVXr76FZQ
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 5DF1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37f2dbc90d822e7585cce9a912592535f1db376a98183a40d848332ad0c4add5

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9EFA 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da8032093996d09fc%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da8032093996d09fc%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da8032093996d09fc%26uid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=26530
Expires
Sat, 08 May 2021 00:23:58 GMT
Date
Fri, 07 May 2021 17:01:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
container.html
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C21D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 07 May 2021 17:01:48 GMT
expires
Sat, 07 May 2022 17:01:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 88DF 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27615
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:21:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:21:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 88DF 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27615
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:21:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:21:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 88DF 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28399
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 88DF 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28399
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 88DF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28399
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 88DF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 06:08:30 GMT
x-content-type-options
nosniff
server
cafe
age
39198
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Sat, 08 May 2021 06:08:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 88DF 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
27359
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 08 May 2021 09:25:49 GMT
11682740917413862862
tpc.googlesyndication.com/simgad/ Frame 88DF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11682740917413862862?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkc-_zHVPv89Bda0p6ayTKuTvZ3EQ
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66a5db2e20a6f14d40174b032664733e3943faa630064a2946cb6507fd70ee2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 04:48:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 Aug 2020 13:06:28 GMT
server
sffe
age
130405
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30078
x-xss-protection
0
expires
Fri, 06 May 2022 04:48:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 88DF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2sSYfHKVYJeECbCT7_UPye6iqAO35-2BYcDo9L6wDMbs9oKiCxABIJXUmR9gqbC-gMwBoAHmz8r8A8gBAqkCZ4NuP5tGtD7gAgCoAwHIAwiqBNIBT9AYUYRfAhIVkNSkQowo2WqVpS2JGwPdkqmnph0U-lFwnDLxCzvCaLPE-aKd3px7oiSyaVK4Beo00yVFAUKkEMOCiKTx7Pab8D9DhZI0DMtys43vf2NtLQBnPpIPkf_BxbvEntqV7YdJT57Urs6Bwwg4c0wBhQL4BOSpaspejehPaLahj5SkqkBaP53lhWEKtex1mHD3xuc_CivdgbDjEZKI8vUGzrOpOhXGXQhYR94Nljl7lQIHGq5Exhq2fnOR-_-jL9FP6qCtfqmwNRaDm-iUwATLuJyfowPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHgrC1A6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCw1gjSCAkIgOGAUBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNjM1NzE1NzAyMDg4MTc5Nw&sigh=71pJBNU1XIo
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 88DF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e7efa7d565a728c07c8e12459db57fcd76ab3e9e3dc7335f54316555dbfcf4

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5DF1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 07 May 2021 17:01:48 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
16238234278673020250
tpc.googlesyndication.com/daca_images/simgad/ Frame 5DF1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16238234278673020250
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0d1773329fd06a6227f7c4e293033955edafed790fa0a95ed3faf0d7124dcf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 16:19:43 GMT
x-content-type-options
nosniff
age
348125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21326
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 16:45:38 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 May 2022 16:19:43 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5DF1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 06:08:30 GMT
x-content-type-options
nosniff
server
cafe
age
39198
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Sat, 08 May 2021 06:08:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5DF1 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
27359
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 08 May 2021 09:25:49 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032104130153000/ Frame C21D 		192 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83860ee17d1e1cdbf26eeb3d0fd3a99f253fc29e6ef7db46eefe7c1694f361ed
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
518333
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55476
x-xss-protection
0
server
sffe
date
Sat, 01 May 2021 17:02:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9bc265c4d5adfa7f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 17:02:55 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame C21D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
518332
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 01 May 2021 17:02:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 17:02:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame C21D 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
518331
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Sat, 01 May 2021 17:02:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 17:02:57 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame C21D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
21319
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 11:06:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 11:06:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame C21D 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-form-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
518331
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sat, 01 May 2021 17:02:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 17:02:57 GMT
css
fonts.googleapis.com/ Frame C21D 		4 KB
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 May 2021 16:15:10 GMT
server
ESF
date
Fri, 07 May 2021 17:01:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 May 2021 17:01:48 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C21D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 06:08:30 GMT
x-content-type-options
nosniff
server
cafe
age
39198
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Sat, 08 May 2021 06:08:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C21D 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
27359
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 08 May 2021 09:25:49 GMT
l
www.google.com/ads/measurement/ Frame C21D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrCHaRKyg2PpxRSdXAgQBslggZfP_IaLloSeUatXc4nNpYSNWwNk8hwTMeohXk4twjYXYa
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C21D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTC9gfHKVYLzFCPah7_UPrv2t6AHAl-LQYtm2ve31Ddbt7OyuCRABIJXUmR9gqbC-gMwBoAGrsfnSAsgBCakC1EBYS1dAtD7gAgCoAwHIAwqqBNcBT9Bcz53MB6AofUb_u4IvVC2_uAFkou3gaOBtdyZMoEtd6wBUPX0pL1-alsNm_7zp4aEdmlE7CutcEYwNoIUcMhk2TUO1npzmrTmMpmvds4Y36vQbxEO7zdsH8hMVXDN6rXYyZCztLZicZPCA_bkYpuBWrgF6ysOio5bAvAFi7d0QyYsUqdcI_hMbXj3WJcftxMs-WVrU7R9IpcYGZWaXwy_3YN4Pg77cWHNkPhrQpxs0FNPeIvatHwS7XcwkiCUsAlj3o4R62XTrvVlwGcZOIt2lkjfFFMnABJDf49W2A-AEAZIFBAgEGAGSBQQIBRgEoAYugAeWjZWlAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC43AjSCAkIgOGAUBABGB2ACgPICwHYEw2IFAXQFQGAFwGyFxoKGAgAEhRwdWItNjM1NzE1NzAyMDg4MTc5Nw&sigh=ggqEHqc-Uqw&template_id=484
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 88DF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 07 May 2021 17:01:48 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/605759765360394860/ Frame C21D 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/605759765360394860/2076313506083323656
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df0ba2f35e514755d9fda81095a07b859367e1d74d71b8272728362c32ebe43c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 06:56:50 GMT
x-content-type-options
nosniff
age
122698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43237
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 08:06:25 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 May 2022 06:56:50 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11157263399928627605/ Frame C21D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11157263399928627605/downsize_200k_v1?w=100&h=100
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a4337bbb05d97beaf2e79783b87fa0664934dabcde6f1ad7e8fca68cdf80da8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 04:07:17 GMT
x-content-type-options
nosniff
age
392071
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2691
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 09:55:13 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 May 2022 04:07:17 GMT
truncated
/ Frame C21D 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C21D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99b9032823f180b65dba44d14bf732e1d45e2c19def27eae2cb7dca265326bb2

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C21D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
91579
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 06 May 2022 15:35:29 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Fri, 07 May 2021 17:01:48 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
integrator.js
adservice.google.at/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.at/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 17:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 17:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3831021979484789&correlator=3022695602153065&output=ldjh&impl=fifs&eid=31060413%2C31060839&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=17774365%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x145%7C300x250%2C300x600%7C300x250&fsfs=1%2C1&fsbs=1%2C1&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1620406909&dt=1620406909457&dlt=1620406906680&idt=1356&frm=20&biw=1600&bih=1200&oid=3&adxs=995%2C995&adys=1126%2C2779&adks=4227265388%2C1469812228&ucis=4%7C5&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x983%7C300x600&msz=300x145%7C300x600&ga_vid=569648341.1620406907&ga_sid=1620406908&ga_hid=405889086&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
adaa158ec139ae9c555f128090d318f0f6caeed7c414253f21dd2b9825e15b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12084
x-xss-protection
0
google-lineitem-id
-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:49 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 08 May 2021 17:01:49 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:49 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 08 May 2021 17:01:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5DF1 		42 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseqOUbNF5vjHY5ckTk0lBEcre7WjwjMUyCD3fOZMV1tpXa7ug30zaII6CyrxIUcO1VGqMk9hlKLexPJgE1NYg5uLwwn9c9yE4pwfuT8AaqEptNr262wPX_fLFBJQ&sai=AMfl-YQyEYwfDn8pw3X0mCAt5G0p4-ufxm-2QnJnyUpxkOWDyGf_UvayzAqig8bbNvKjoaldehuvoLkBb0Hl1KqQG8hzWDO4UtLXwHctNndkWPRJmnOzCn8Hs_keF88J1kE&sig=Cg0ArKJSzIvxUDuKsdyvEAE&cid=CAASPeRoGXKJ6WHNdzTNWQbLdiaPuK_SwEGS5CVhs05SxkxW_1ISwncqrFfu0IR-C9pBjbyGVDgaD1xS6m1if60&id=ampim&o=995,456&d=300,145&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=199&tls=1199&g=100&h=100&tt=1199&r=v&avms=ampa&adk=2005426448
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 88DF 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWST0yigAfexAQ5iq3BhyqKdVpztifQ1eDGBWeJuf7jOV9I7qZzzyS-EQHirV3_OqOR6LvXR6yyWHpHPms2EMyDgwF31-FlpgD0S4VVcvEpK0rKB05KXmoyLxLoQ&sai=AMfl-YSIp_1U7x35dlUjQvqomux9Cd83YLAz3arnWXhZXVveEoQZT_wQeU4Mr8cgn2QZYbQDWWwCXM1oAjkr198WZF8tdUn2k55We2pK2Md-yrTrhclKBIP79c22aekcJB9V&sig=Cg0ArKJSzLEdONbzGLlJEAE&cid=CAASPeRoGwD7ukwTbZH6pQvbplnElvjETNLA9iC4OcYDHfhWP68lT29xmCXFAJA_J7_SeA-jZhBz0vNqoM8YQQg&id=ampim&o=170,89&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=207&tls=1207&g=100&h=100&tt=1207&r=v&avms=ampa&adk=1069264500
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C21D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaZaNofn-mtVPSx3U4E-ULbolr-4WJ158AYxw_hf8Rp_Py3cds0EvIeqcMN8m4yxDTBLjDLzUILAwsQMyxZB3VUO-RPpEpPpdMG9IIZMPvTl_a6uUPTIwuF0JKXmqAyAhR_coqcfXs5sCgY1JThcJe&sai=AMfl-YRuaFhANOEXg1OOaOhT77we8-SIrGtkEsR8kVaJe0Tld_FIDd_t2Ae2vQ7MaPutQIno5b8He-C5e9lt53-2dum3cg9YQSDRAPOX5N__6lk8_xDQ767Kh3NEvYuMq3vF&sig=Cg0ArKJSzORa_Zp1hbloEAE&cid=CAASPeRodptuSp_9pIB_BlEqWR935gpK0r_NqB3oh06CulRA4MSpVfiwv5RbNn3htffKNGVRqig5WRnoernCNhQ&id=ampim&o=995,196&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=129&tls=1130&g=100&h=100&tt=1130&r=v&avms=ampa&adk=583682291
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Fri, 07 May 2021 17:01:49 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
v2_300016_4947.json
player.adtelligent.com/prebidlink/2700678/ 		28 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2700678/v2_300016_4947.json?cb=www.ukr.net
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
dfb04c0b4d4916fa6f29d6cc090ac0e73c34f6b037633f95fee0806ffbf6e1f5

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 13:54:43 GMT
server
nginx
etag
W/"6093f523-6e10"
content-type
application/json
access-control-allow-origin
https://www.ukr.net
expires
Fri, 07 May 2021 18:01:51 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
html5objects.js
upst.fwdcdn.com/js/ Frame 0DD9 		555 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/html5objects.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 14:33:19 GMT
server
nginx
etag
"59380eaf-21ee1"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
138977
expires
Sat, 07 May 2022 17:01:51 GMT
truncated
/ Frame 0DD9 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 0DD9 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d755bf5e913048783ea51c777d7fcfeb453a65001b14e2055d7766c28ebae73

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Cookie set usermatch
ssum.casalemedia.com/ Frame 867E
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
204e1b8a2c0bb2871f855f71449cc8583223e23ffbde1336124de86ea098227d

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YJVyf.-UWjBt44T5X1vkigAA; CMPS=5235
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|221|105|57|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1653
Expires
Fri, 07 May 2021 17:01:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 07 May 2021 17:01:51 GMT
Connection
keep-alive
Set-Cookie
CMID=YJVyf.-UWjBt44T5X1vkigAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 07 May 2022 17:01:51 GMT CMPS=5235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 05 Aug 2021 17:01:51 GMT CMPRO=1167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 05 Aug 2021 17:01:51 GMT CMST=YJVyf2CVcn8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 08 May 2021 17:01:51 GMT CMRUM3=e66095727f27600&2d6095727f05a0&f16095727f05a0&396095727f05a0&696095727f05a0&276095727f0b40&dd6095727f27600&496095727f05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 07 May 2022 17:01:51 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 07 May 2021 17:01:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 07 May 2021 17:01:51 GMT
Connection
keep-alive
Set-Cookie
CMID=YJVyf.-UWjBt44T5X1vkigAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 07 May 2022 17:01:51 GMT CMPS=5235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 05 Aug 2021 17:01:51 GMT
/
spl.zeotap.com/ Frame 3A86 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4b7b9a919fcab065a32b9e35b2d59465ac03424302dab7af233afcbecaac4c

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
content-type
text/html
set-cookie
__cfduid=d8e72a66bbfa4507206b892982d3389e81620406911; expires=Sun, 06-Jun-21 17:01:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=893e5ebb-f511-4735-4fa3-c8b94af8c6ba; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%3A%86%BA%04%1A%C3%AE%93%BD%5D%CE%CF%D1k%DBC%8E%B1%D8%E9_%BC%88%29Z-%F8%A2%AC%C07%B0X1n%3C%16%E2%AC~%F5h0%B3u%EC%BCt%E6%E2F%D1%E3%91%E2%A1%17f%21P~%08%D1%03%82%7C%AA%C0%DA%E2~%CE%A6c0%19%A4%9E%17k%5E%AA5%98%E5%92%8E%1C%1A%81XT%0C%0F%D1%3B%EE%94%17%15%B2%A4%22s%91%DF%D4%1B%FD%28%A2q%BD%17%CC%F6%AF%F0%83%92p%87%04E%7Bs%D3%9F%AE%7D%8B%AE%7B%AF_%8B%CA%DBM5%C3%1E%23Xe%06%E9%3A%CF%A1%A7G%05Z_%B1%AD%9Fs%883%15%8C%BE%B3%2AJ_%F8; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
09e9605acf00002c4a35a18000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64bc033e1b6a2c4a-FRA
content-encoding
br
userconnect.js
js.adscale.de/ Frame ECAE 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Vg_Jp.ZJ2u3YbQXNKkA7T4fbgrmEYgFi
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
FSVMN4NAT29K7A67
ETag
"98f37b242862929d9aef4bde91abc8ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Fri, 07 May 2021 17:01:51 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4485
x-amz-id-2
6QUOYCNbvtUL3ZhmW7J9md43BdYE0qwmy68DuImMhfbKvjQThSpN/VcdIjXp9gsf6kQf986OZ48=
csync
sync.console.adtarget.com.tr/ Frame ECAE 		86 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=4392baca47fb4affacf2308e0146099c
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 1BA2 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42032
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sat, 08 May 2021 04:42:23 GMT
getuid
ib.adnxs.com/ Frame 3A86 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-77...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENm7E37cu3nUeBpuYFs0J_A&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81...
95 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESENm7E37cu3nUeBpuYFs0J_A&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc034a3ff32c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e960626200002c4a5c1b3000000001

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESENm7E37cu3nUeBpuYFs0J_A&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=9df4b304-b6cf-4849-8681-c92a04107fab&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=9df4b304-b6cf-4849-8681-c92a04107fab&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc03528e272c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e960679a00002c4a47b2b000000001

Redirect headers

date
Fri, 07 May 2021 17:01:54 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=9df4b304-b6cf-4849-8681-c92a04107fab&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 3A86 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:51 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9...
  • https://mwzeom.zeotap.com/mw?cid=cb218fe7-8eb0-4d20-9223-72a8f2be8033&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5...
95 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=cb218fe7-8eb0-4d20-9223-72a8f2be8033&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc0341cee12c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e9605d2200002c4a2ab8c000000001

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=cb218fe7-8eb0-4d20-9223-72a8f2be8033&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 3A86 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Fri, 07 May 2021 17:01:56 GMT
via
1.1 varnish
server
nginx
x-timer
S1620406916.154025,VS0,VE58
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11576-HHN
u
dmp.v.fwmrm.net/ad/ Frame 3A86 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.57.158.50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:59 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3A86 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:51 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=fb049840-1b73-4e93-a086-4dfcb859beed&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=fb049840-1b73-4e93-a086-4dfcb859beed&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc033f880d2c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e9605bb900002c4a832ed000000001

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:51 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=fb049840-1b73-4e93-a086-4dfcb859beed&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=19364020546312801192109103201837077591&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-...
95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=19364020546312801192109103201837077591&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc0370d9d62c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e9607a8400002c4a24357000000001

Redirect headers

DCS
dcs-prod-irl1-1-v005-0f280f692.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
/Hw0piTJSFM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=19364020546312801192109103201837077591&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 3A86 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021050719-28714-0.951793001620406912-e54c60114a080ac802cb9de29b7b1269&zdid=533&env=mWeb
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021050719-28714-0.951793001620406912-e54c60114a080ac802cb9de29b7b1269&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc0343cca22c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e9605e5a00002c4a5c14e000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021050719-28714-0.951793001620406912-e54c60114a080ac802cb9de29b7b1269&zdid=533&env=mWeb
Date
Fri, 07 May 2021 17:01:52 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6959594693261392017&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6959594693261392017&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc034268632c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e9605d7f00002c4a5c133000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6959594693261392017&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Date
Fri, 07 May 2021 17:01:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 3A86
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:54 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Fri, 07 May 2021 17:01:54 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
alt-svc
clear
content-length
0
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=waIck3nBgijMK4rbgsF7EO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=waIck3nBgijMK4rbgsF7EO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc0344bf752c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e9605ef900002c4a62b0d000000001

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
via
1.1 google
last-modified
Fri, 07 May 2021 17:01:52 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=waIck3nBgijMK4rbgsF7EO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 3A86 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.101 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=57d36bdcfb717f8aced51c8b2eaef252&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-27...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=57d36bdcfb717f8aced51c8b2eaef252&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc034579772c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e9605f6d00002c4a88ad6000000001

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=57d36bdcfb717f8aced51c8b2eaef252&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
cache-control
no-cache
x-server
10.45.1.158
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-SHnmf.lE2oq2o3SHghKu5zL7VeZ_QNpsCw--~A&zpartnerid=570&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-SHnmf.lE2oq2o3SHghKu5zL7VeZ_QNpsCw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc034508292c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e9605f2500002c4a35aac000000001

Redirect headers

date
Fri, 07 May 2021 17:01:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-SHnmf.lE2oq2o3SHghKu5zL7VeZ_QNpsCw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ik0TRJIHJDyQEm6yCMsGM7q6egUVzBnQ%2BS41iYitP1U%3D
95 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ik0TRJIHJDyQEm6yCMsGM7q6egUVzBnQ%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc0348ab492c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e960616700002c4a6786f000000001

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:53 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ik0TRJIHJDyQEm6yCMsGM7q6egUVzBnQ%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 3A86 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 3A86 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.95.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:53 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1620406913
x-served-by
beacon-n004-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 3A86 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:53 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJVygQAA0inmxgA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJVygQAA0inmxgA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&_test=YJVygQAA0inmxgA4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc03499e242c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e960620600002c4a0f00e000000001

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620406914.520787,VS0,VE0
x-served-by
cache-hhn4071-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJVygQAA0inmxgA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&_test=YJVygQAA0inmxgA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=4f876095-7282-4100-bb1c-3e06bbf7b14e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4f876095-7282-4100-bb1c-3e06bbf7b14e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc034fbe922c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e96065d200002c4a0eaa1000000001

Redirect headers

Date
Fri, 07 May 2021 17:01:54 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=4f876095-7282-4100-bb1c-3e06bbf7b14e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 07 May 2021 17:03:20 GMT
usermatch.gif
beacon.krxd.net/ Frame 3A86
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OGz5Xlc4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.95.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1620406914
x-served-by
beacon-n001-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 07 May 2021 17:01:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=893e5ebb-f511-4735-4fa3-c8b94af8c6ba
access-control-allow-credentials
true
cf-ray
64bc034eabc72c4a-FRA
access-control-allow-headers
*
cf-request-id
09e960652800002c4a2032f000000001
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3A86
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3A86
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64bc03526ddd2c4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e960678500002c4a55362000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Fri, 07 May 2021 17:01:54 GMT
Connection
keep-alive
Content-Length
0
BK-Server
536a
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 3A86 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D893e5ebb-f511-4735-4fa3-c8b94af8c6ba%26reqId%3D9c3c81d3-2774-44b5-777a-781b8d105adb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.71.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:54 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 3A86 		557 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3408a0f7e32c51d022c797b79122c93e173b450de5db03c825dbdc4eb95f516

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
64bc033e9cee2c4a-FRA
date
Fri, 07 May 2021 17:01:51 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
09e9605b1c00002c4a14a0e000000001
khaos.jpg
token.rubiconproject.com/ Frame 1BA2 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
cmp
spl.zeotap.com/ Frame 3A86 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=893e5ebb-f511-4735-4fa3-c8b94af8c6ba&reqId=9c3c81d3-2774-44b5-777a-781b8d105adb&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=893e5ebb-f511-4735-4fa3-c8b94af8c6ba; zsc=%3A%86%BA%04%1A%C3%AE%93%BD%5D%CE%CF%D1k%DBC%8E%B1%D8%E9_%BC%88%29Z-%F8%A2%AC%C07%B0X1n%3C%16%E2%AC~%F5h0%B3u%EC%BCt%E6%E2F%D1%E3%91%E2%A1%17f%21P~%08%D1%03%82%7C%AA%C0%DA%E2~%CE%A6c0%19%A4%9E%17k%5E%AA5%98%E5%92%8E%1C%1A%81XT%0C%0F%D1%3B%EE%94%17%15%B2%A4%22s%91%DF%D4%1B%FD%28%A2q%BD%17%CC%F6%AF%F0%83%92p%87%04E%7Bs%D3%9F%AE%7D%8B%AE%7B%AF_%8B%CA%DBM5%C3%1E%23Xe%06%E9%3A%CF%A1%A7G%05Z_%B1%AD%9Fs%883%15%8C%BE%B3%2AJ_%F8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
set-cookie
__cfduid=da948efeba6bb5aa5f37280376e95cdc41620406911; expires=Sun, 06-Jun-21 17:01:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
09e9605b6100002c4a5a188000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64bc033f0e4c2c4a-FRA
dcm
s.amazon-adsystem.com/ Frame 867E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:59 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:59 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 867E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJVyf.-UWjBt44T5X1vkigAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.186.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 867E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELXgK9itvMvktt09Rc-pQNs&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELXgK9itvMvktt09Rc-pQNs&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 07 May 2021 17:01:53 GMT

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELXgK9itvMvktt09Rc-pQNs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 867E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJVyf.-UWjBt44T5X1vkigAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKl0K4F5o562ymQj7X0r3Rw&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKl0K4F5o562ymQj7X0r3Rw&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 07 May 2021 17:01:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKl0K4F5o562ymQj7X0r3Rw&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=YJVyf.-UWjBt44T5X1vkigAA%261167
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 867E
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YJVyf.-UWjBt44T5X1vkigAA%261167
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJVyf.-UWjBt44T5X1vkigAA%261167
49 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJVyf.-UWjBt44T5X1vkigAA%261167
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.84
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJVyf.-UWjBt44T5X1vkigAA%261167
cache-control
no-cache
x-server
10.45.21.39
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 867E
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 07 May 2021 17:01:55 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 07 May 2021 17:01:55 GMT
server
nginx/1.18.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 867E
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969852030226
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969852030226&C=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969852030226&C=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 07 May 2021 17:01:59 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969852030226&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Fri, 07 May 2021 17:01:59 GMT
YJVyf-_UWjBt44T5X1vkigAABI8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 867E 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YJVyf-_UWjBt44T5X1vkigAABI8AAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame 867E 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=a8032093996d09fc&uid=YJVyf.-UWjBt44T5X1vkigAA%261167
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da8032093996d09fc%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:51 GMT
server
openresty
content-type
image/gif
cc.js
tags.crwdcntrl.net/c/15238/ Frame 93CA 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 03:30:15 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
48698
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
yLQVz5mw9frJMTrhKeOAsq75rA-vArywA28cGDMO8GBvCWLPvqnN6A==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 0265 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 07 May 2021 17:01:51 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 06 May 2026 17:01:51 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame E63B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cdd014114065001bf4da53701b0b96433b187f9fb4a7805feaf3961c8db836b

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
content-type
text/html
set-cookie
__cfduid=d916150cdfd537e0513b089d4a3de4f661620406912; expires=Sun, 06-Jun-21 17:01:52 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=640dedc7-b394-4ad8-90d1-c15f59cbcbdb; expires=Thu, 27 May 2021 17:01:52 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
09e9605c440000d6ed2f988000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XSowaQQfEictL6HMJwWUWOJwhYp3Iu5w21IqU9LfaxSQYaOEu3Un%2FuTrhWpwHG12%2B%2B4gSsgR5w%2B5IQdtuXDvXeISvJ8KFlP8uaydRssOHShCElnUNziHPrIQbUzoXW4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
64bc03406c7bd6ed-FRA
content-encoding
br
Cookie set csync
sync.console.adtarget.com.tr/ Frame D4A3 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AA2%2fWPd7q6ouhac5
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
a307080=ZUjnGuhb60XpKcW40cNF; a306709=av-86170d6b-31c9-4386-8852-7063e50efc7a; vmuid=8270b2b249784832; a322988=ab1efff72a291718
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Fri, 07 May 2021 17:01:51 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=8270b2b249784832; expires=Thu, 08 Jul 2021 17:01:52 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=AA2/WPd7q6ouhac5; expires=Thu, 08 Jul 2021 17:01:52 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
GS.d
js.cookieless-data.com/ Frame 0265 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1620406912085
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.113 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-113.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
container.html
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E5CB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 07 May 2021 17:01:48 GMT
expires
Sat, 07 May 2022 17:01:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
4
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame E5CB 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27619
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:21:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:21:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E5CB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27619
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:21:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:21:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E5CB 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28403
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E5CB 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-animation-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ba3fcf2a5e67b5bf76a69b4477a159798475238362271ceddbc3346c2960199
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
22590
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16299
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 10:45:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"efc5cf622831f5b6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 10:45:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E5CB 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28403
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E5CB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28403
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 09:08:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:08:29 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E5CB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 06:08:30 GMT
x-content-type-options
nosniff
server
cafe
age
39202
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Sat, 08 May 2021 06:08:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E5CB 		344 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
27363
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 08 May 2021 09:25:49 GMT
l
www.google.com/ads/measurement/ Frame E5CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_Sj26TzpTaRkkBmQh_7itr3zcTFuOjQgyF88975cd46_t1ggE9uHFQYNGKKB_iOPP6CfN
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame E5CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0mBaf3KVYNWGBYqh7_UPvoCxoA2fmtqQYs-e46jHDfup9MrCARABIJWn_A1gqbC-gMwBoAGSyI_BAcgBCakC1EBYS1dAtD7gAgCoAwHIAwiqBN0BT9C_rHr9NNJOHmgkaQ5bURvSJVksQZUZFQovTXH3y3VDsbqJDzR2iGDuoSP5x-I9g6G1PVLaSH2orYf8tP2hlUEqQq5yA_PIjokQyW6vLu1u9F7WtoCS2VD7GGky2_t4hjqeBpFkxJcyppdNJGJ2ADMRVXWEdtRthUVyg6XE0xP1XB4DSvszEWALO1OsIG6HEi2KpeygdSWe5aKCMMtW8zzS8K4cnaxWlxn3OWTIy-KFd8JeQoSDo-d2W0Gu9JoOr-H5eowC3RtIi3TSNYKgvQ3a4VV_6G4JRto8c87ABImQo6HKA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfWt_C-AqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC7pQLSCAkIgOGAUBABGB2ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNzMwMjAzNjA4ODc2OTQxNw&sigh=jLUtB5sdPNE&template_id=419
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7bc5486382ff0060ff07b7d121ffe8c5.jpg
tpc.googlesyndication.com/sadbundle/9092363164496737556/media/ Frame E5CB 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9092363164496737556/media/7bc5486382ff0060ff07b7d121ffe8c5.jpg
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06cb3f12defc16c3c5c0094b3eee766a45d17ddc65354f0f9c0a191309e03cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 09:37:11 GMT
x-content-type-options
nosniff
age
26681
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36159
x-xss-protection
0
last-modified
Fri, 02 Apr 2021 08:15:02 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:37:11 GMT
75b71a1c2c336fdd067f2993750f4303.svg
tpc.googlesyndication.com/sadbundle/9092363164496737556/media/ Frame E5CB 		2 KB
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9092363164496737556/media/75b71a1c2c336fdd067f2993750f4303.svg
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a4c88d1c9fe38412795324eded51aaf7ffb6c44dd20f2c3bcedb53a3122a58f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 09:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
906
x-xss-protection
0
last-modified
Fri, 02 Apr 2021 08:15:02 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:51:10 GMT
900542bbeae94b3665755f116e97085c.png
tpc.googlesyndication.com/sadbundle/9092363164496737556/media/ Frame E5CB 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9092363164496737556/media/900542bbeae94b3665755f116e97085c.png
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65d608879d766fdc2b635b14153c0f79d66c4ba315e0ea1c6c9a387000e87995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 09:37:11 GMT
x-content-type-options
nosniff
age
26681
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6108
x-xss-protection
0
last-modified
Fri, 02 Apr 2021 08:15:02 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:37:11 GMT
2e3bfc9c6714f273f68472653b81d4da.svg
tpc.googlesyndication.com/sadbundle/9092363164496737556/media/ Frame E5CB 		337 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9092363164496737556/media/2e3bfc9c6714f273f68472653b81d4da.svg
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2330a3e88155283de5164940fb6bd9a001b94f96b462e74994e1ce8e1ef7f123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 12:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16231
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
last-modified
Fri, 02 Apr 2021 08:15:02 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 12:31:21 GMT
f49c17165f78694b774ff839ea5889b9.svg
tpc.googlesyndication.com/sadbundle/9092363164496737556/media/ Frame E5CB 		28 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9092363164496737556/media/f49c17165f78694b774ff839ea5889b9.svg
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30ad0a692b8828400d8b772707828b6ae34c9b5354004c5ce55110b98ed57ead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 09:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4471
x-xss-protection
0
last-modified
Fri, 02 Apr 2021 08:15:02 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 09:51:10 GMT
4fca51f147dac9ec217d07ed236f7759.svg
tpc.googlesyndication.com/sadbundle/9092363164496737556/media/ Frame E5CB 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9092363164496737556/media/4fca51f147dac9ec217d07ed236f7759.svg
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbc415be072336dbad915fa2c4794b9d0fb68638f340d0b3e8e381c1447229b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 12:46:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15328
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1138
x-xss-protection
0
last-modified
Fri, 02 Apr 2021 08:15:02 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 12:46:24 GMT
7faef64e3b9b81a95d2f5226d15a1b85.svg
tpc.googlesyndication.com/sadbundle/9092363164496737556/media/ Frame E5CB 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9092363164496737556/media/7faef64e3b9b81a95d2f5226d15a1b85.svg
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4eb0d6f0624ed0b476e329ff7a2be7b1da1b8619baa00cd3b5e096dfc6ce362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 06:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1507
x-xss-protection
0
last-modified
Fri, 02 Apr 2021 08:15:02 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 06:33:34 GMT
b7a9e5f7f8109df5d9ef7789dff59c9b.svg
tpc.googlesyndication.com/sadbundle/9092363164496737556/media/ Frame E5CB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9092363164496737556/media/b7a9e5f7f8109df5d9ef7789dff59c9b.svg
Requested by
Host: c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
URL: https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d94c49ad6b72b2ea6d559361d8ab084feec737850b593fd6ebbe524bd00677f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 09:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1055
x-xss-protection
0
last-modified
Fri, 02 Apr 2021 08:15:02 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 May 2022 09:38:33 GMT
truncated
/ Frame E5CB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d59af59301912a4ebb7e089c2f1847b0dfb35db0c2702404e5d6486649c66ec

Request headers

Referer
https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
setuid
sync.quantumdex.io/ Frame E63B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7489267687012257549
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7489267687012257549
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZeqQvWLUq9ePqqh8WS9exeG5cG1IpPp3KnzBsDQpibeB49W%2F6uQ4EwkWBrztBpnI5y1Grjk8or5AFzZGKc2%2BUyHjphjQ2KimYkg7lWjt4F2dbOfc71KQVY%2BrH6CTmkA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64bc0342e94dd6ed-FRA
content-length
43
cf-request-id
09e9605dcd0000d6ed42289000000001

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:52 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.112:80
AN-X-Request-Uuid
3e51bd24-3676-4b62-9396-75a1c3cdd513
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7489267687012257549
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E63B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b5c514fd-558d-517f-9c14-68c5fc811a45
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b5c514fd-558d-517f-9c14-68c5fc811a45
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UBnkSHZrtvVo%2Fo0qpBcJ5tepr%2FyU5WTx78sywNUCk5ldOgAeXBhMrWSgnWXU5NcTo5A0PaVQJbJAD4r0GPjARh9t4LMsMlY8zGkFngyxgkdoz%2Fot4%2B1JVZ%2BfFqiVSb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64bc0343aaf3d6ed-FRA
content-length
43
cf-request-id
09e9605e4c0000d6edd7b71000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b5c514fd-558d-517f-9c14-68c5fc811a45
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
us
sync.go.sonobi.com/ Frame E63B 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame E63B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7489267687012257549
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7489267687012257549
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QOoQAH5%2F65nswu4Gq%2F8c%2BU1F8zDnGbohqnge6HaOa2h8%2BRtRQ1grJatXx1cZvrIzm7YkwCaDVb2%2FA8KBh%2F54h1vdnU1JwnggObWe1mg7NKJoZPXD7aYuzKsr0uAy4s0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64bc0342685cd6ed-FRA
content-length
43
cf-request-id
09e9605d7f0000d6eded87d000000001

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:52 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid
9c4cff5a-17c9-470d-992a-95748971b28e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7489267687012257549
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E63B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DbY_mW5E2uH11bNYJsixDLe5Cm1aWjG9CqRcf7U-~A
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DbY_mW5E2uH11bNYJsixDLe5Cm1aWjG9CqRcf7U-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2PzJKCjT2srvMB5Sgj2v5D4TU6UgkSFegIIh8rL5GB6aPRZXQODyR1wtulSBGwPI%2B93mmDB%2BS159N%2FjVWIO%2FgCpQAcoB%2FF7dr%2Ff8oHn5K2eQ%2FwseqTweoXa%2B5SD0aE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64bc0344ee26d6ed-FRA
content-length
43
cf-request-id
09e9605f140000d6ed10962000000001

Redirect headers

Date
Fri, 07 May 2021 17:01:52 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DbY_mW5E2uH11bNYJsixDLe5Cm1aWjG9CqRcf7U-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame E63B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=7489267687012257549
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=7489267687012257549
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WUYru4KLo55dMSTOl8t%2BS8XVXLw5e0FO8aRqmGywd4dPzCra%2Fvg2RgIYOl1gGnzDxtsDlUKbo1NIyL7JlscjxUNCozDll%2FmtZkUGy7YilnFRx8cH8%2FwR1Oy704UZ9M0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64bc03425843d6ed-FRA
content-length
43
cf-request-id
09e9605d7b0000d6ed449e1000000001

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:52 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid
8e0764ce-4402-441f-876b-016607551038
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=7489267687012257549
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
sync.e-planning.net/ Frame E63B 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=640dedc7-b394-4ad8-90d1-c15f59cbcbdb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 2C3F 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e010da907df451a924fe9bc1fc68afcb0e04e4d0f6c01a06e58058d1590001d5

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YJVyf.-UWjBt44T5X1vkigAA; CMPS=5235; CMPRO=1167; CMST=YJVyf2CVcn8A; CMRUM3=e66095727f27600&2d6095727f05a0&f16095727f05a0&396095727f05a0&696095727f05a0&276095727f0b40&dd6095727f27600&496095727f05a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|4|3|130|190|64|239|90
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1527
Expires
Fri, 07 May 2021 17:01:52 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 07 May 2021 17:01:52 GMT
Connection
keep-alive
Set-Cookie
CMID=YJVyf.-UWjBt44T5X1vkigAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 07 May 2022 17:01:52 GMT CMPS=5235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 05 Aug 2021 17:01:52 GMT CMPRO=1167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 05 Aug 2021 17:01:52 GMT CMRUM3=2e6095728005a0&696095727f05a0&be6095728005a0&8260957280a8c0&046095728005a0&2d6095727f05a0&e66095727f27600&5a6095728005a0&496095727f05a00&dd6095727f27600&276095727f0b40&396095727f05a0&f16095727f05a0&406095728005a0&ef6095728005a00&036095728005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 07 May 2022 17:01:52 GMT CMST=YJVyf2CVcoAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 08 May 2021 17:01:52 GMT
/
onetag-sys.com/usync/ Frame 01EE 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame D2AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-110.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

server
nginx/1.16.1
date
Fri, 07 May 2021 17:01:52 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
Cookie set uc.html
sync.go.sonobi.com/ Frame 0C5C 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 07 May 2021 17:01:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YJVyg; path=/; domain=.go.sonobi.com
userconnect
ih.adscale.de/ Frame ECAE 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1620406912515&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame 2B38 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
43630870968c4664481693f78d7a1cb6a2642182193218af94f9050c0eb493ef

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=4392baca47fb4affacf2308e0146099c; cct=1620406911439
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.adscale.de/

Response headers

date
Fri, 07 May 2021 17:01:52 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2792
set-cookie
tu=4#3639145234#48~~450113~450113~1#101~~450113~450113~1#38~~450113~450113~1#39~~450113~450113~1#40~~450113~450113~1#42~~450113~450113~1#108~~450113~450113~1#63~~450113~450113~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1620406912579; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
match.js
js.adscale.de/ Frame 2B38 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wLpT08_wLXVkyJ1J8XFuEEwEpe2lwEj_
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
0CJGEPQ2ZKSDZJTR
ETag
"b75124846aec28a28b7a3441813682d5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Fri, 07 May 2021 17:01:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1700
x-amz-id-2
rTeXxEVlmwvubu+6mFW79yFbR/gN1X2gq0lQgaMPHQj754I0ueECxgXGlb1NT3Jw/38xunNd2r8=
img
ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/ Frame 2B38
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=4392baca47fb4affacf2308e0146099c&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636b0f5e5bf57%2F1620406912579%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?tpid=101&tpuid=BBID-01-02951209132642341-16281144
49 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?tpid=101&tpuid=BBID-01-02951209132642341-16281144
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:53 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 07 May 2021 17:01:53 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?tpid=101&tpuid=BBID-01-02951209132642341-16281144
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
getuid
secure.adnxs.com/ Frame 2C3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 2C3F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3490688419953741391
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3490688419953741391
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 07 May 2021 17:01:55 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3490688419953741391
pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 2C3F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=63956095-7282-4f00-bac8-0ce49ee5978f&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=63956095-7282-4f00-bac8-0ce49ee5978f&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 07 May 2021 17:01:55 GMT

Redirect headers

Date
Fri, 07 May 2021 17:03:22 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=63956095-7282-4f00-bac8-0ce49ee5978f&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 07 May 2021 17:03:21 GMT
crum
dsum-sec.casalemedia.com/ Frame 2C3F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADFRU7BKuUAACxbtLQ56Q&expiration=1621616514&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADFRU7BKuUAACxbtLQ56Q&expiration=1621616514&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 07 May 2021 17:01:55 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADFRU7BKuUAACxbtLQ56Q&expiration=1621616514&gdpr=1
Date
Fri, 07 May 2021 17:01:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
getuid
ib.adnxs.com/ Frame 2C3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 2C3F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622998912
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622998912
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 07 May 2021 17:01:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:52 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622998912
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
user-registering
ads.stickyadstv.com/ Frame 2C3F 		43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YJVyf.-UWjBt44T5X1vkigAA%261167
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:54 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1620406913929059-370
Expires
Fri, 07 May 2021 17:01:54 GMT
crum
dsum-sec.casalemedia.com/ Frame 2C3F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B108B9E8306549F4AACE44F67D0671A1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B108B9E8306549F4AACE44F67D0671A1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 07 May 2021 17:01:55 GMT

Redirect headers

date
Fri, 07 May 2021 17:01:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B108B9E8306549F4AACE44F67D0671A1&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 06 May 2021 17:01:54 GMT
setuid
sync.quantumdex.io/ Frame 2C3F 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YJVyf-_UWjBt44T5X1vkigAABI8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:53 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G9%2FbvQj08E9TV8kTafQ11AQUezlcfxNcZyBaJnn6grudiT74UMgOAueY3krGrTijOkMpTHGD2%2FeGethbSpvG%2F%2B5TyokI3JAAHhE0d9il1PxDAAlIx5Is8Gese1rvInY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64bc03461856d6ed-FRA
content-length
43
cf-request-id
09e9605fcc0000d6edee8ae000000001
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 2B38
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=979987311b6c612e6f638d9da...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YJVyf.-UWjBt44T5X1vkigAA%261167
49 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YJVyf.-UWjBt44T5X1vkigAA%261167
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:53 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 07 May 2021 17:01:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YJVyf.-UWjBt44T5X1vkigAA%261167
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Fri, 07 May 2021 17:01:53 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 2B38
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=883e39b703a5596a74cfd20...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=7fb56095-7283-4c00-b34e-18d7a08f7f2c&gdpr=0&gdpr_consent=
49 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=7fb56095-7283-4c00-b34e-18d7a08f7f2c&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 07 May 2021 17:03:22 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=7fb56095-7283-4c00-b34e-18d7a08f7f2c&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 07 May 2021 17:03:21 GMT
img
ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/ Frame 2B38
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=2899283fba1f4e2d55b7178fa7d81e7dff0c0c604fc6432b7912430534cb29e6&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb86b636...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=2899283fba1f4e2d55b7178fa7d81e7dff0c0c604fc6432b7912430534cb29e6&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541fb8...
  • https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?tpid=42&gdpr=0&tpuid=5657684807464352183
49 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?tpid=42&gdpr=0&tpuid=5657684807464352183
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:54 GMT
server
nginx
location
https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?tpid=42&gdpr=0&tpuid=5657684807464352183
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 2B38
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=92cebd63-0932-45f0-aa3c-06e4ae2d643e
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=92cebd63-0932-45f0-aa3c-06e4ae2d643e
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Fri, 07 May 2021 17:01:54 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=92cebd63-0932-45f0-aa3c-06e4ae2d643e
cache-control
no-cache
server-processing-duration-in-ticks
2212
content-type
text/html; charset=utf-8
content-length
237
expires
Fri, 07 May 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 2B38
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=664c8e91d45faae8e2a8ee5b...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=7fb56095-7283-4c00-b34e-18d7a08f7f2c&gdpr=0&gdpr_consent=
49 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=7fb56095-7283-4c00-b34e-18d7a08f7f2c&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 07 May 2021 17:03:22 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=7fb56095-7283-4c00-b34e-18d7a08f7f2c&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 07 May 2021 17:03:21 GMT
img
ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/ Frame 2B38
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=6b40b995411b7f814242fdf0a09086d2417b867311f85f3e7140c79d3db97011&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd...
  • https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?uid=6b40b995411b7f814242fdf0a09086d2417b867311f85f3e7140c79d3db97011&tpid=38&gdpr=0&tpuid=CAESEG0q22CQme7eytgZG7RIANU...
49 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?uid=6b40b995411b7f814242fdf0a09086d2417b867311f85f3e7140c79d3db97011&tpid=38&gdpr=0&tpuid=CAESEG0q22CQme7eytgZG7RIANU&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/img?uid=6b40b995411b7f814242fdf0a09086d2417b867311f85f3e7140c79d3db97011&tpid=38&gdpr=0&tpuid=CAESEG0q22CQme7eytgZG7RIANU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/ Frame 2B38
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=33e0545088ee180434728fc7e879d5a59bfc7de6137cae9e0a92f53adf7f2e01&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=33e0545088ee180434728fc7e879d5a59bfc7de6137cae9e0a92f53adf7f2e01&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2fd2dc9a2a6541...
  • https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/js?tpid=48&tpuid=7c0854810f9f91ae0184a47e9c552f8a
44 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/js?tpid=48&tpuid=7c0854810f9f91ae0184a47e9c552f8a
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1071a764c15fa1421d2cb24256179fd996dddf556f8f1e68aab5ce1916ab1db9

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:01:56 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Location
https://ih.adscale.de/sium/2fd2dc9a2a6541fb86b636b0f5e5bf57/1620406912579/0/js?tpid=48&tpuid=7c0854810f9f91ae0184a47e9c552f8a
Date
Fri, 07 May 2021 17:01:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
147
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sium
ih.adscale.de/ Frame 2B38 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Fri, 07 May 2021 17:01:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
ptrack
a.audrte.com/ Frame 93CA 		368 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.216.34.99&p=M1353665098&artime=2021-05-07T17:01:59.850Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5b26c6e65289ee17dcc4dfe0ffc3fd8739e50cc7167130e97b61c3d228e38b3d

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:01:59 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 60A7
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7fb3ccae9d8055491701c2a99af8ea57a74f5407d307b2fb0a8ae1a8ade619ac

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 07 May 2021 17:01:59 GMT
content-type
text/html;charset=UTF-8
content-length
1180
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.20.70
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 01-Feb-2022 17:02:00 GMT;SameSite=None;Secure _cc_id=57d36bdcfb717f8aced51c8b2eaef252;Path=/;Domain=crwdcntrl.net;Expires=Tue, 01-Feb-2022 17:02:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQMDVPMTZLSklOSzI3NE%2BzSExOTTE1TLZIMkpNTE0zMjViAIKEqUXtP%2F%2F%2F%2F88P4kAAAN4SD8c%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 01-Feb-2022 17:02:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBImFrUDqSgAAAYCAHv";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 01-Feb-2022 17:02:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Fri, 07 May 2021 17:01:59 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.7.67
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
tpid=19364020546312801192109103201837077591
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 60A7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=57d36bdcfb717f8aced51c8b2eaef252&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=19364020546312801192109103201837077591
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=19364020546312801192109103201837077591
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.250
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-1-v005-09a2fb8ee.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5Dtr1lAySS8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=19364020546312801192109103201837077591
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tpid=YJVyiAAAywM4cwAC&_test=YJVyiAAAywM4cwAC
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 60A7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YJVyiAAAywM4cwAC
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YJVyiAAAywM4cwAC&_test=YJVyiAAAywM4cwAC
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YJVyiAAAywM4cwAC&_test=YJVyiAAAywM4cwAC
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.106
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620406920.171172,VS0,VE0
x-served-by
cache-hhn4071-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YJVyiAAAywM4cwAC&_test=YJVyiAAAywM4cwAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tpid=no-consent
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 60A7
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.48
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:01:59 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
generic
match.adsrvr.org/track/cmf/ Frame 60A7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.186.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=2483718234057654791
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 60A7
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/57d36bdcfb717f8aced51c8b2eaef252/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2483718234057654791
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2483718234057654791
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.159
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2483718234057654791
pragma
no-cache
date
Fri, 07 May 2021 17:01:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 60A7
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=57d36bdcfb717f8aced51c8b2eaef252&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=57d36bdcfb717f8aced51c8b2eaef252&gdpr=1&gdpr_consent=
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOpFc4Gyb_j3tZfJZkB-0Xe18OZETAL2tB6zbYqA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/8/2.gif?puid=2483718234057654791&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=6eec9edaaa834332089f7cdd48afd40a&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOpFc4Gyb_j3tZfJZkB-0Xe18...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTdkMzZiZGNmYjcxN2Y4YWNlZDUxYzhiMmVhZWYyNTI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOpFc4Gyb_j3tZfJZkB-0Xe18OZETAL2tB6zbYqA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTdkMzZiZGNmYjcxN2Y4YWNlZDUxYzhiMmVhZWYyNTI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOpFc4Gyb_j3tZfJZkB-0Xe18OZETAL2tB6zbYqA
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=741394592/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTdkMzZiZGNmYjcxN2Y4YWNlZDUxYzhiMmVhZWYyNTI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOpFc4Gyb_j3tZfJZkB-0Xe18OZETAL2tB6zbYqA
cache-control
no-cache
x-server
10.45.6.250
content-length
0
expires
0
pixel
ps.eyeota.net/ Frame 93CA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:02:00 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 93CA
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=9140366141743119460
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESEEd43jU5Xa9hS2H3ZEWEppM&google_cver=1
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=dimRJXro5gCR2C5TSVOxeK5Ew&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:02:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 07 May 2021 17:02:01 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 93CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent=&google_tc=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent=&google_gid=CAESEEd43jU5Xa9hS2H3ZEWEppM&google_cver=1
  • https://a.audrte.com/p
68 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 May 2021 17:02:00 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 07 May 2021 17:02:00 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
537eca585352b434202b8687ab8285fb89fdab9a6e48320578f7419c6be5f47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 17:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 7284 		0
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.ukr.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.ukr.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1629
date
Fri, 07 May 2021 17:02:01 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 07 May 2021 17:02:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0F7F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 07 May 2021 15:54:27 GMT
expires
Sat, 07 May 2022 15:54:27 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4054
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js
pagead2.googlesyndication.com/bg/ Frame 0F7F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 10:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
23908
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 07 May 2022 10:23:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=3831021979484789&bg=!-vml-b3NAAYP3QOmD907ACkAdvg8WvVP2uqpGxIec6gJ-IY8gehxNbqfIJJI-3lJEq3Z8pdHhrpHcQIAAAFLUgAAAA5oAQcKAFBtwGJWR9nI-JnTSDkiDRbUpp47zfECmEJ4cEw9WfsTuoCm2UX9IQ0aK7g4b1bJFm7r2zAtWehCftm43Q9bUudpnDlKX6tI6_Wfn0jaiVG435kCK-72JUFdWsy5q47dtMGlhDctvA7xPRs4nuhxMZuLdScEsLqRpdA9gX0xz9Z1xP-i0BYALaP-8i8QPB6TNU3MY5hQAMPtxifmyGjXUtc5PRzSIjSIFlgO5BUAQsfq4X6h9vQsCuvDPq-ga7ilJ62Fz6rpvz-oAFoGHyQIUVgII9PTme7mpHIw2cK9HH_cb-yLCB19s4LIOEyU9-Q69Aa9Iy-Ga_ctXuRy31jOt-hiyNoQFq7k5APr-H6KCKz4gQ_BAyBrVOiOS07tg_I1UPcyAZingQNFz01KfUxHjPZyPb0r3giqyomiaXt10UjGxrZlmkzjzaeW6H4IvPBapl3E8-Vw_ZA02GC4Vpi6NjRGtOW9Deg0myUiJUSBOOihRNG-pPC1bWq_S6jRoRmFDE-WeDjiCDgf3hbGKDlTSEj8lMkwAfff0c3CGSqOmwn6sqwncrxNZmsfY8JfQSMLsRQu3NOPGBN0qhBUqfMNs_pH7oY8lm1SKPnU9vD1eVAjI_jh35dZRM2eJZKHh30-3zmIrv7anMn8Dwh_xU1ofv-tg3rcHL8HNaQeT55-n6O-SwojfKWQTDAyuXrPEuMtZX6TMn6V3bKxLCt7uM-djgCt0_Z2zX_ZYOZ0F4M2nqaKspUOZO_xmwvSnaijqIMt7P-382nCdfmeAKOGBm5WLU_iY2t-BIYTO4YKrIJO-9C06CIgb1MChUCR8ArBTPWZDEuF_EJ8WkHr5I1etB9uNw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 17:02:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=Ij9a6nwvUFk2Y21oSll3UCtoK25LRlk5bmZYREF4S01pUUk0Z1ZUU05NVnR1SGJiR1ByTTB0enhsR0o5aEw2RG5UMU5kV2piSE0zbzhXRndJRGRtNVpYcFVFeWRRM3lBeUtrRmhHblhmNUZCeWx0RE9CMGViOG96RVdabXh4QkFveVNrR1hxaGRXSjdyUCszUWZhbEpvanV0WjdhS1QzbEtvd2JjZmp6dURoeFpMUnZhakNML0tJSnRRTXNxTzJsbTM0WWVNcmMraFpDR1hZRUZWTWd2STVWeTQyS1JzMThaWVBxUzZsSlRTSm90Q2o4PXw&cppv=2
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/adjson?t=prebid

Verdicts & Comments Add Verdict or Comment

316 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer undefined| src undefined| dst object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| is_desktop function| GetCookie function| SetCookie function| DeleteCookie function| getCookieVal function| LocalCache function| ajaxCash function| $ function| jQuery function| _ object| ifvisible function| MailWidget object| Core object| Bookmarks string| zakl_domain string| zakl_domain_back boolean| zakl_css boolean| brandsActiv string| fschema object| chc string| magicHash object| LoginErrors string| fr_text_nonew string| fr_text_new1 string| fr_text_new2 object| globalCommercialData undefined| adUkrNet number| adEcbrStart number| adEcbrDone undefined| rootLeft undefined| rootRight undefined| rootFuel object| ant string| basesearchurl function| isElementInView function| checkElementViewability function| fixSidebar function| setReload_branding function| ellipsizeTextBox object| portalCache object| App object| Lazyload object| Synchronization function| checkAttr object| Services object| Currency object| Fuel function| onCaptcaConfirm function| SHA1 function| transliterate function| ToPlural object| User object| News object| Holydays object| Clicks number| bc_a string| bc_g function| parse_20 object| arrForScrollRefresh function| setReload_300x250 function| onGeoData object| DateFormat object| Columns function| getBase64 function| aGo function| ecbrStart function| collectCommercialData function| go_search object| gaplugins object| gaGlobal object| gaData function| timeDiff function| zakl_addClass function| zakl_removeClass function| zakl_toggleClass function| zakl_ifClass function| zakl_setDisplay function| zakl_setDisplayById function| zakl_clearSelects function| zakl_restoreSelects function| zakl_setMask function| zakl_removeMask function| zakl_GetCookie function| zakl_SetCookie function| updateCookiesTime function| zakl_DeleteCookie function| zakl_getPageSize function| zakl_$ function| zakl_isEmpty function| zakl_displayMyBookmarks function| zakl_HideBookMarks function| slidePanel function| zakl_DontHideBook function| zakl_treeControl function| zakl_checkBook function| setSubFolderData function| zakl_OpenEditFolder function| zakl_OpenFolder function| zakl_ShowFolders function| zakl_HideFolders function| zakl_DontHideFolders function| zakl_HideFoldersNow function| zakl_showContextMenu function| zakl_HideContextMenu function| zakl_displayFolderMenu function| zakl_displayItemMenu function| zakl_getMousePos function| zakl_windowAddFolder function| zakl_windowAddFolderToImport function| zakl_closeWindowAddFolder function| zakl_windowWizzard function| zakl_closeWizzard function| zakl_wizzardLogin function| zakl_GetItemById function| zakl_WindowEditBookmark function| zakl_WindowEditFolder function| zakl_closeWindowEditFolder function| zakl_closeWindowEditBook function| createImportIframe function| checkItemsForExport function| zakl_setShadow function| zakl_removeShadow function| zakl_windowModalSubMenu function| zakl_windowModal function| zakl_windowSubModal function| zakl_CloseModal function| closeAddBook function| zakl_SelectFolder function| zakl_AddFolder function| zakl_AddFolderFromImport function| zakl_EditFolder function| zakl_AddBookmark function| zakl_EditBookmark function| StdRefreshTree function| StdRefreshTreeAddBook function| StdRefreshTreeAfterAddFolder function| StdRefreshTreeAfterAddFolderFromImport function| zakl_ReportStatus function| zakl_CloseStatus function| zakl_MakeAGetString function| zakl_AddToQuery function| zakl_UpdateFoldersQ function| zakl_UpdateBooksQ function| zakl_UpdateChilds function| zakl_UpdateSelectedItems function| BackAfterDelete function| getParentIdByElementId function| zakl_isUrl function| ReturnTreeBody function| ImportResults function| zakl_saveDataAddBook function| zakl_window_top function| zakl_escapeAjaxParam function| zakl_display function| zakl_loadingStart function| zakl_loadingStop function| zakl_getTitleForURL function| zakl_RefreshTitle function| zakl_clearTitleValue function| zakl_movemouse function| zakl_resetHash function| zakl_selectmouse function| zakl_attachZakl function| loginFocus function| moreRefreshTree undefined| zakl_cmodal undefined| zakl_csubmodal boolean| zakl_returnAddBook boolean| zakl_logged number| zakl_globalTreeId number| zakl_globalTreeSelectedId boolean| zakl_TEST_LOGIN boolean| zakl_DEBUG_ENABLED boolean| zakl_selectPreviousDir number| zakl_pageMinWidth string| zakl_domain_ajax string| zakl_importDoc number| zakl_loadDelay number| zakl_loadDelayAttached boolean| isIE6 string| zakl_homeDir boolean| goto_step object| zakl_BrowserDetect object| zakl_browser undefined| zint undefined| booktime boolean| zakl_importFolder undefined| zakl_response boolean| zakl_autoopen number| zakl_parentEl object| zakl_treeItems object| zakl_tree undefined| hfolders boolean| isImportWizzard undefined| zakl_currentEditItemData string| gsubmodal boolean| isOrganizeWindow number| cfolder undefined| zakl_hmirror string| selectedf string| selectedb string| zakl_addBookHttp string| zakl_addBookSiteName string| zakl_addBookHttpWizzard string| zakl_addBookSiteNameWizzard boolean| zakl_displayModal boolean| nn6 boolean| zakl_isdrag undefined| zakl_x undefined| zakl_y undefined| zakl_tx undefined| zakl_ty undefined| zakl_dobj boolean| zakl_attached string| zakl_html string| zakl_html_main string| zakl_backURL object| googletag object| vmpbjs object| vpb object| __advShowDeferred object| useragent object| topSlot undefined| topSlot2 object| topSlot3 object| topSlot4 object| topSlot5 object| brandSlot function| gosmart object| widget function| __reCaptchaLoad function| setIframeHeightCO function| handleDocHeightMsg undefined| bgURL1280 undefined| bgURL1366 undefined| bgURL1600 undefined| back_color_1280 undefined| back_color_1366 undefined| back_color_1600 boolean| brand_exist string| brand_href number| crash function| brandsActivion function| brandsParameters function| setbrandsActivion string| a object| d object| n string| fr number| tz object| s function| vmpbjsChunk object| _pbjsGlobals number| wd number| size function| go object| regionsList object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| Criteo object| ampInaboxIframes object| ampInaboxPendingMessages object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDVPMTZLSklOSzI3NE%2BzSExOTTE1TLZIMkpNTE0zMjViAIKEqUXtP%2F%2F%2F%2F88P4kAAAN4SD8c%3D"
.crwdcntrl.net/ Name: _cc_id
Value: 57d36bdcfb717f8aced51c8b2eaef252
.zeotap.com/ Name: zc
Value: cc174997-8c89-4f31-4dae-3421b45e7ab3
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: 396095728727601871878969852030226
.adform.net/ Name: uid
Value: 9140366141743119460
.casalemedia.com/ Name: CMST
Value: YJVyh2CVcocA
.casalemedia.com/ Name: CMPRO
Value: 1168
.casalemedia.com/ Name: CMID
Value: YJVyh3OC5BfRUXlxj8Yi6wAA
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBImFrUDqSgAAAYCAHv"
.casalemedia.com/ Name: CMPS
Value: 5235
.adform.net/ Name: C
Value: 1

12 Console Messages

Source Level URL
Text
console-api log URL: https://www.ukr.net/dat/covid19.html(Line 456)
Message:
reload covid widget
console-api warning URL: https://player.adtelligent.com/prebidlink/450113/hb_300016_4947.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api error URL: https://player.adtelligent.com/prebidlink/450113/wrapper_hb_300016_4947.js(Line 1)
Message:
localStorage unavailable
console-api error URL: https://go.rcvlink.com/ifr/5ysrIfrF92(Line 31)
Message:
!responseText
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
console-api info URL: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent=|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=dimRJXro5gCR2C5TSVOxeK5Ew&gdpr=0&gdpr_consent="}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.ukr.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.at
adservice.google.com
adtelligent-d.openx.net
ap.lijit.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
c5bc72522f5a6601a7aecd9b30be34d1.safeframe.googlesyndication.com
cdn.admatic.com.tr
cdn.ampproject.org
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
counter.ukr.net
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.adroll.com
d.turn.com
dis.criteo.com
dm.hybrid.ai
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
kinoafisha.ua
loadeu.exelator.com
m.mixadvert.com
mail.ukr.net
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pinformer.sinoptik.ua
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.sitescout.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
ps.eyeota.net
recreativ.ru
rtb.adxpremium.services
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.trafmag.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trafmag.com
trc.taboola.com
u-ams02.e-planning.net
ukr.net
um.simpli.fi
ups.analytics.yahoo.com
upst.fwdcdn.com
usermatch.krxd.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ukr.net
zakladki.ukr.net
ads.betweendigital.com
mug.criteo.com
104.111.230.142
104.111.237.88
104.19.132.78
136.243.84.74
142.250.186.98
146.0.227.110
147.135.189.55
151.1.205.165
151.101.114.49
154.57.158.50
159.253.128.188
162.55.6.212
168.119.149.178
172.217.23.98
178.162.133.149
178.250.0.163
178.250.2.131
178.250.2.146
18.156.0.31
18.184.216.10
18.213.190.7
185.184.8.30
185.29.135.226
185.33.220.243
185.64.190.78
193.0.160.129
193.200.65.2
193.200.65.5
195.214.195.101
199.232.137.44
2.18.233.180
2.18.233.201
2.18.234.21
2.18.234.233
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
212.129.3.113
212.42.75.249
212.42.75.253
212.42.76.151
212.42.76.247
212.42.76.248
212.42.76.252
212.42.83.135
212.82.100.182
213.174.135.1
213.19.147.45
213.19.162.31
23.111.200.117
23.45.99.241
23.79.143.124
2606:4700:10::6816:1857
2606:4700:20::ac43:47f1
2606:4700::6810:bf3
2606:4700:e0::ac40:6308
2a00:1288:110:c305::8000
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:16::1370
2a05:d018:24:b001:d120:1359:acbb:2de6
2a0c:5c81:5139::2
2a0c:5c81:5142::2
34.251.60.147
34.98.67.61
35.201.81.244
35.227.248.159
35.227.252.103
35.244.159.8
37.157.4.25
37.157.4.39
37.18.16.21
37.187.205.228
37.252.172.38
46.249.52.248
5.178.65.246
5.178.65.253
51.89.42.86
51.89.9.251
52.17.166.60
52.207.141.143
52.209.246.140
52.29.148.200
52.30.186.230
52.4.128.233
52.49.95.65
52.58.248.2
52.95.124.165
54.171.173.220
54.194.226.253
54.239.17.112
54.76.71.14
54.78.254.47
62.113.194.12
62.149.0.72
62.209.227.210
65.9.73.74
66.155.71.149
67.202.110.34
69.173.144.165
72.251.249.14
85.114.159.118
88.214.206.142
89.163.159.101
012e173cca96df83725d136b320b235225e828bb7880668850b31e59a9b400d1
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
061769e5c7eb97935122a0492b7b2365f8a8538ec018a37e31e030f2192750ab
06b0f91f690a5ddc096187307c63af0de19dc9d61cc95ef686e283c843895bb9
06cb3f12defc16c3c5c0094b3eee766a45d17ddc65354f0f9c0a191309e03cf6
0a4337bbb05d97beaf2e79783b87fa0664934dabcde6f1ad7e8fca68cdf80da8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4e666747e655eb5a107a8f584414c58778a2c15f68224ea85c2dd5a18c642b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1071a764c15fa1421d2cb24256179fd996dddf556f8f1e68aab5ce1916ab1db9
112efee847ec73b08202dd1feab69e2ef0b699493f690d1bf73999a4688ea2d0
1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe
14b6e5af3d417a68ef517da9b376b77cb4e936a389bf6ba12d09c5062a7ddc10
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1933fba4e48cb8a5c2bb3f00001ae384db8b01e478a78a95379ea1ec30c99e76
1b82fb755d98e24c6828fff4691e8dd4611834965a3ec877a86aa1ea9b8e04a5
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1cdd014114065001bf4da53701b0b96433b187f9fb4a7805feaf3961c8db836b
1cf1b274af54292786b5383117ec1e53b345ed96417eeb7f1fd8bf7a734a12af
1d94c49ad6b72b2ea6d559361d8ab084feec737850b593fd6ebbe524bd00677f
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
204e1b8a2c0bb2871f855f71449cc8583223e23ffbde1336124de86ea098227d
21049f88264482b3e3309312b4926f05516dc6c6afff9ee61f6d0502afbe5e55
210874cb09f5427f1273e8c36b66f44094ad29147d171047ebeb4b86e60a69aa
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
2330a3e88155283de5164940fb6bd9a001b94f96b462e74994e1ce8e1ef7f123
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
25bea63677a26c0b2a3806d5c92105e079d08245a90a38cd96a5f2127aa98d91
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d755bf5e913048783ea51c777d7fcfeb453a65001b14e2055d7766c28ebae73
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3043a4d72590c635f4e960acaaaa9efdf16e9cbcc09e094cca3febcdcac50e11
30ad0a692b8828400d8b772707828b6ae34c9b5354004c5ce55110b98ed57ead
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
370ff21700e5f8afc85e261782db8535a7e9cf14cc0ee3e0a7c660f54824ac73
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37f2dbc90d822e7585cce9a912592535f1db376a98183a40d848332ad0c4add5
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42304d0806cf56e633de2b19510357a3c5186b40c8a45c3df7f5a0d56ca6d877
43630870968c4664481693f78d7a1cb6a2642182193218af94f9050c0eb493ef
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4d6d050db8e69a4a77a8ca3a33d0aba6353adfe7845908e5fec574a70d11a0e2
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
50d540b4f96b6389e66dd1948c361771c4318434c30a0cb44bd78adbe18198ba
537eca585352b434202b8687ab8285fb89fdab9a6e48320578f7419c6be5f47d
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b467ad09838d40ad9e94d23053b3a922dbae537c2e0c14737d8fd8a46c7258
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5b26c6e65289ee17dcc4dfe0ffc3fd8739e50cc7167130e97b61c3d228e38b3d
5ba3fcf2a5e67b5bf76a69b4477a159798475238362271ceddbc3346c2960199
5d59af59301912a4ebb7e089c2f1847b0dfb35db0c2702404e5d6486649c66ec
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
5f652b9a17a6a168daf915972b1bb2e83d3e3cc7eaa26681ce387df6ca8ef2a5
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
62bc4892f7d4c292e1c9214dc9dd6249e321ca7dd2f9072e34ed528d610d9868
63e01ca1171b0a0e622a6334a52f2a60b7f7704f22a1414724f41f9ecf850003
65d608879d766fdc2b635b14153c0f79d66c4ba315e0ea1c6c9a387000e87995
66a5db2e20a6f14d40174b032664733e3943faa630064a2946cb6507fd70ee2f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6f1f67251dece15753e1426a0fd018abd1adb4b2082be2673aae3dfd128f5ba6
71b3f54f4dc58c5d0f7f4290c3ae4d2b5215e32ec75551bf6c39e7a8233c2db9
725d247cc26901d5fc768a9cc09b03eb894191efb8c65aa44e9e5ee0b8d667df
74d37244c485ffb4aae014445940410b185642be72cb7fb48320c33fd727234b
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7a4c88d1c9fe38412795324eded51aaf7ffb6c44dd20f2c3bcedb53a3122a58f
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
7f75e79ec3f481ce050adc9b0e9fbc75ba3e8e70cdd02613b96477f4e1ccde77
7fb3ccae9d8055491701c2a99af8ea57a74f5407d307b2fb0a8ae1a8ade619ac
82d23b3593bf116bbdf9ed035dc7d872ce07abd042873dcfdd929a222b21c271
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
83860ee17d1e1cdbf26eeb3d0fd3a99f253fc29e6ef7db46eefe7c1694f361ed
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8546ab535fa1c034eecb9a770e59e8945a9601332cf3028f99c87ef90cdbcfe9
861bca9472dfbcf9c1cb4acd328ecf74e8a0de07733797d406036193094cd543
87a40b3ba8c8cb07b1925708839047c50c9856ea6436d6a6f96ef8f58ceda07d
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
995d2dd48525a7b6fd830019a455421673589d4416fc4db82b0e15b25ebf6ba9
99b9032823f180b65dba44d14bf732e1d45e2c19def27eae2cb7dca265326bb2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
a90ffbca12ae717107114c6bfd60566dadea0ec018e6d119d6f5bdcbc59934f3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac4b7b9a919fcab065a32b9e35b2d59465ac03424302dab7af233afcbecaac4c
adaa158ec139ae9c555f128090d318f0f6caeed7c414253f21dd2b9825e15b81
af0cb902656b4fde470988b5fafcfb29703d1e18469371fca027bbcb6fbd7724
b08f507be9178208cdb6c60463bb0a2355ee7bd9943fc6efbe357d87ed0f2676
b0d1773329fd06a6227f7c4e293033955edafed790fa0a95ed3faf0d7124dcf7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b6a9b7bdb011c5071c5682b80db3506f9dcd2a752cc3987cd4465e4ba957759a
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5c9440e0c068464b0d4a9624d83ec881a8eb483ecac3b07271189912d465b9
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
bc29649276d038c4454e400915c4f773eb0d1a56677a3bbf1b7c006ab24120f4
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bea9c62b3e121ebfc2ee63d22420a826bbab63bf4fdcd1a4417d84fd5f1ad282
bed6014f85f8406ced900a73577f543d59a87c08445683049d905ae86e06bab1
bfc9fbc4575f67c1903d4ff0b0d8889b7a66b72676dd61cec9abec0019a2fe50
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
c4eb0d6f0624ed0b476e329ff7a2be7b1da1b8619baa00cd3b5e096dfc6ce362
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6e062ccfb4e7bf2e4020e000a457da3cee98015550fb029221d9797d9e19858
c717bf0b5d1abece05f3e596b32701f9088e5abc3b7a520042c0e3a4abd37884
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cc64d30d612c9dcfe85fa11d8bed257b26ff7c67d5f4c2733d2c14f1931f31b2
cf4f8ce4e9d310e448f37a9868c601fe20a9a8b2bf098bce26c59881f92c5a08
d06d258502b8bf61cdaf7beda903d52974a9aa26c6f742e541bd9d8562e7bfda
d1420214e9808122ed6792d44b2cf16a172d276b43af742ab145bf2002fea7d9
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
dbc415be072336dbad915fa2c4794b9d0fb68638f340d0b3e8e381c1447229b2
dcf7cc2f869a2218d32ed5b92ed7921bad28a75f316bc6cc74073001290361ae
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de624a0a9b0ce2f2a5a44c44f80210ed7c42095f089a6109d0b29d6eecc2b074
decadc5d5fe655be2daca83854753ec0caaf6e2d74baf22fc735a8c44d13458f
df0ba2f35e514755d9fda81095a07b859367e1d74d71b8272728362c32ebe43c
dfb04c0b4d4916fa6f29d6cc090ac0e73c34f6b037633f95fee0806ffbf6e1f5
e010da907df451a924fe9bc1fc68afcb0e04e4d0f6c01a06e58058d1590001d5
e080787f4971a57e3bb64457d835fee43aebc5f94430fc6e665335f6250e73fb
e0e7efa7d565a728c07c8e12459db57fcd76ab3e9e3dc7335f54316555dbfcf4
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e3408a0f7e32c51d022c797b79122c93e173b450de5db03c825dbdc4eb95f516
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e477b7907777d214554bb831d287bc1dd18248c0c7b18c52bc018c3a32ac497f
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3352012cfa03559709cc1820c6ef16f21c2a556cca03750e0c7201ba7b8e307
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fc9fb6f8acbad1909173bfcad58ee0d5ff8f6c742f70d96a25cc00ee23936838