znaj.ua Open in urlscan Pro
2606:4700:20::681a:12a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://znaj.ua/
Effective URL:
https://znaj.ua/
Submission: On July 24 via api (July 24th 2022, 2:34:58 am UTC) from GB — Scanned from GB

Summary HTTP 123 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 27 domains to perform 123 HTTP transactions. The main IP is 2606:4700:20::681a:12a, located in United States and belongs to CLOUDFLARENET, US. The main domain is znaj.ua. The Cisco Umbrella rank of the primary domain is 420802.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2022. Valid for: 3 months.

This is the only time znaj.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:20:... 2606:4700:20::681a:12a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3031::ac43:b689	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:2157	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
9	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	84.17.46.54 84.17.46.54	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
7	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	143.204.93.3 143.204.93.3	16509 (AMAZON-02) (AMAZON-02)
1	138.199.37.230 138.199.37.230	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1 4	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	18.195.191.124 18.195.191.124	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:401... 2a00:1450:401b:806::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
123	32

11 2606:4700:20::681a:12a (United States)

ASN13335 (CLOUDFLARENET, US)

znaj.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3031::ac43:b689 (United States)

ASN13335 (CLOUDFLARENET, US)

aixcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.aixcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

s.getstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2157 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.getpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.17.46.54 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-54.cdn77.com

cdn-b.notsy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.93.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-3.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.230 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-230.datapacket.com

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.191.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-191-124.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:401b:806::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159 pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	104 KB
14	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 117 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	272 KB
11	znaj.ua znaj.ua — Cisco Umbrella Rank: 420802	234 KB
9	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 6944	10 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	160 KB
6	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 96	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 372	109 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	4 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 516	5 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 323	43 KB
5	aixcdn.com aixcdn.com — Cisco Umbrella Rank: 397497 c.aixcdn.com — Cisco Umbrella Rank: 495926	12 KB
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	5 KB
4	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2912 adservice.google.co.uk — Cisco Umbrella Rank: 4623	2 KB
3	notsy.io cdn-b.notsy.io — Cisco Umbrella Rank: 76798	174 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	40 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 615	57 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 635	1001 B
2	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 722	417 B
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3747	960 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	71 KB
2	getstat.net s.getstat.net — Cisco Umbrella Rank: 379246	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 424	2 KB
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 84786
1	getpush.net cdn.getpush.net — Cisco Umbrella Rank: 145922	18 KB
0	adtelligent.com Failed ghb.adtelligent.com Failed ghb1.adtelligent.com Failed
123	27

	Domain	Requested by
11	znaj.ua	znaj.ua
9	tpc.googlesyndication.com	3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com tpc.googlesyndication.com znaj.ua
9	a4p.adpartner.pro	znaj.ua cdn-b.notsy.io a4p.adpartner.pro
7	s0.2mdn.net	znaj.ua s0.2mdn.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net znaj.ua
6	pagead2.googlesyndication.com	3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fastlane.rubiconproject.com	cdn-b.notsy.io
5	c.amazon-adsystem.com	cdn-b.notsy.io c.amazon-adsystem.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	1 redirects cdn-b.notsy.io googleads.g.doubleclick.net
4	aixcdn.com	znaj.ua aixcdn.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.co.uk	securepubads.g.doubleclick.net
3	www.google.com	znaj.ua 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
3	cdn-b.notsy.io	aixcdn.com cdn-b.notsy.io
3	www.google-analytics.com	znaj.ua www.google-analytics.com a4p.adpartner.pro
2	fonts.gstatic.com	fonts.googleapis.com
2	static.criteo.net	cdn-b.notsy.io static.criteo.net
2	googleads.g.doubleclick.net	3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com znaj.ua
2	fonts.googleapis.com	3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2	3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	tlx.3lift.com	cdn-b.notsy.io
2	bidder.criteo.com	cdn-b.notsy.io
2	adx.adform.net	cdn-b.notsy.io
2	www.googletagservices.com	aixcdn.com 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
2	s.getstat.net	znaj.ua
1	c.aixcdn.com	znaj.ua
1	cdn.jsdelivr.net	cdn-b.notsy.io
1	ym-tack.b-cdn.net	cdn-b.notsy.io
1	www.google.co.uk	znaj.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.getpush.net	znaj.ua
0	ghb1.adtelligent.com Failed	cdn-b.notsy.io
0	ghb.adtelligent.com Failed	cdn-b.notsy.io
123	36

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
znaj.ua Cloudflare Inc ECC CA-3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
cdn-b.notsy.io R3	`2022-07-10` - `2022-10-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://znaj.ua/
Frame ID: 373AE36A6F2869596E9FB650F90F8FAA
Requests: 86 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Frame ID: BBC0D12A718A48A8719395DE58649BD4
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=24450353003949264&apuid=b24feff7-4924-4152-b82d-1d7724c429f6&session_pageview=1&session_id=1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Frame ID: B48A6078A94E43F98734884FBB7DB190
Requests: 3 HTTP requests in this frame

Frame: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B88B576E1A34A36433D2EE0CFCBBA7DD
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b24feff7-4924-4152-b82d-1d7724c429f6%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Frame ID: 49D6B1ECEF164DC607E2DA90BB328AE7
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b24feff7-4924-4152-b82d-1d7724c429f6%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Frame ID: 3E8DBEDFE36B293C1E026955A5BC9C78
Requests: 1 HTTP requests in this frame

Frame: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 62EB1BBC976E851A640EA142B00D4562
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhip64nOATAB&v=APEucNXu7OtQimSEOJ2FUSTVkzH2aw0YV_S_II6F0EcX-ECrcJ8OAm7N6LPe2emOhMG3GblqJG8Fr500qooU_sLVzxffH9ncfymjfhexbvBM2FDp6Durn7YoiGbcMDX3ETqPvj-od3jZl82aTUiXXIUzs3vGCKFVlZF4fXqtZJU_LTiWB8Si7jI
Frame ID: D530117EA3985878B973011DECAA8680
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTIGYaQIdmNnRFmWQR3QXpJ-SbsUIKbmp1xq17ERoet-7T5Wvbto6sn49Vr8uCJApvBe4iBwWvRZ5lifH2NwVr8GUyJ5YB9FXtssdogr3OkSrATLwQpj3avQk6lSB667PyquAezLriyQsdsAgBrLEbj_GsVw&dbm_d=AKAmf-B53cDbhPyY2nDIG7WbDUkP6bo5xLGf-VTsAA2bMSbdTDM5HJHE0rSOKG3OY4xUQDLT_jCPBLAI3W_A1VfObw4hFDFnunoP6w9zaz9E6j0fqCuwqkRuYV_aOgjf0jukZbtn7FkFfyRQ-FUd5OyWR9MtNqyKs-vnxlEoNIuHM33xeb2cldZuQATGnLirRJuPku90crXpEvref0sBAtCgy0tiS6o_WLfkM1uEC5SYPYDla-UlEGFKY_sqjejjjQCL_fD92x6xdMCp9mrGACAH1X8rwF32G3jdEdjJRdjnveenWMZeHnAFqsZOettSmGFHlSTSLVYQJj40JAknl3xNafS91FOVplCKAPqRwTFst6u8oyVkPHZbFr4GBb2kYLsUGqrge0V4fXq1F2sWDllbNDBEqg4wpA3-MSExd9r304lCigb0trUsl3SIlJTx-qlLnBGJrGqlccbYfwYVE6ysmkRiThx5YHhGIjJ5gqywonHENps9mmwtSpvxQ2KTSzsyswqb5ltTzfDFUB_rMILsFIibNbko_RpmcXwkXUQTUCc6FZfBBjU7lro5JheljqMu7460PEo434TxvI2iZHNqVeFRaRvitik5KNoUFSGUW_FgDKq9EL4ar7u4e-A-xewcHzgydo9RJUSHpg6A_Ilrt51YEUu3W_UrJs09WE71LNrbCT0lRgQ5yT3Amf32_zE1i5D1Xw-BAdcBWgHUhimBg3kmeXPGNXVWBeLDuMTrW4hBEr42XZ1lkbXgTFDZ-An4-v2KKKmKjDNoSPe_QOP8tG_sbV2-JftYKXyRK9buphPpPz4nqHKt2FH36UDNrj4b-5g2XHKzIXs9AsbMUdF_shoiczLN-PFDXgaxBZ6fRrPBDeO4HqME_04iONa5ixq11fJ2Y3efiY-bwZr7vAI7vLlr27FYBSr7vBo0e1rpnQ0V1hs9lgZg9Y6SgIdbG9bNhQgVtLD0KANPtmYAdw93T9DH-38MNGIdfLTPBl7f68uM378YCwkX946wlcCdTx6hScTVyruZCOJHJ65m8GC13Qe4iYC5WaNx5N4Xl0we0XdbbHMnrmtRiVEYG5QlPOOq9eZeyntYfblo6YsTzdnoIQsZpzK2i2unKlR2RyCTR23_1knUAidUnXZ0InonOPSC8-F87EKFeFpTedDBn5XS_5b2W9WOTgW5l0ktRZPYv-SRIKDnE1s6EQsDdVdVng0T9wNFT0fiHXy5uxZMT7YX7bwsMb9jUMmEAQujLS9-W61mmer6Q4vYel2N4P3FVuStbcQJVfOVXN0D6oFm7WW9_mQlT5ABZMUCXgj7VA0GuxEIEm4d-CKKKyCz7nBLazLreYxJGh7pdrcqsnuX_ADL4_Ht_sadzz1qQ_C0izVu8Q8Fwxa5Xc2sUIOzaFVV92gtWn4KEY8hpXW2KymsK1ffefWnqsOlFmf4e7uLe0gGi-AJ4D57yUuOj7CMfF5K9bSEO3zGE5ycg_WtdZvAtqIRAJgZMuatb8U6lzSsOslFneAI6FVFLt8xtJp8099THEh1Zyun9Gn5dMqCR8zIksbaQhZPNnU7dk_1_dVZSJCSppjk31MTfK3Qg4OF8GTnGxrxSiIoXpbPgd5FDVvW5_tplLi2LRgQkQEVhou80t9aZ09T2Tig8BKPtxkxdrVOI_1J_CIyX9b78xMFwPb1-FlMabYKEdwwLKZPU6u773oApzoxP8lMM6-nCwbMJufo208Ull9e04ZbjKDuLZ0gJ6DkcVAo225qkXizovAN_d0qrexE35Jib6WCa_fU13YmX5B3BDfXUwCmXQiNjRmJp0BdDDcesTPaJuySKNjdHOXSTen5cP7GNEUl8TYVDRH-7k1cGkRDxF8s0bGFxCiF89kKIFVcEJ3re3gYxvhNVvRDJuSHXko_Hqj1k9pzJEuebZUasMBvVZTbL7v35-LfD_tbKyl19O4_guEJcAOgAZC17YYeNAcTZZgqOg1S4jQ0h-3_fPWuObSFj36kdQDKFjZSZaoRSp4hGbYJIJAXwfuAo3WPrklnW4Vz-Lax5lAB_0RCm2TrQGe41Ualgwp9ZTscK8jDHdTL8qpewe2qWZgospiAGnEDXWywgSerlucLKjfmYkaWFMrp_sKcbCd1K5HOu90LqZDI4DsKoLtKBa3C3HMdrW0P-6vdG9zJOaaWNx6ep--f0wx5l_xzyU71bUdWh_jnwgZwynYOoAzr8f4_Vwsz0_TPA_kUK7cRMVFA-IasyO3Nogdj8iRlWK6hgTvE8UMkb-IEvVp19h0K024da9xei4i3T7GwL1fU2CoAQdftZ50ziKrpyDSxznAGo86EkiUwQljiEJ8rTC7Z9fuoKCq1w9fHN_L0VJR7GOikGLVXOEb8WHP2w0ycwx0Rm7nXdXskW8JHxV19o_CpWz8NCKfbjeBfurv8nVf4ReK3SKCtM8aZiIaztmllkP03_XjUZ9RQ9nszKg1HFLVwOUfgde1Bf0SVx5dRawmpfjGkfh8gBgSJQggQCkRO5YPGN3edURQ2KFHSUH98IlBl4kd61ePsfmozi-iR45gK-3jTyVHrdt-uPLwoGD2hWOciApB_fVvqVopxhquE8tfPe62ezrcA-T-am16yLs4T9V7aiSHhLQYHwRIwosA3Z7_nyMwthKJmsnTOR4DCR0oGM6JJ2CxqSSUk7lMs4JRd6gzupkzPP3uf4hnyCJUHTABx20M7t4SgqAU1pugyItKV3Vg1jhTPFElsGMlSvm8YA0vxhk8TEZ8iwKoBIYQi8GxmKPGYSlz7AFAwdYlFBAkt78lg3EFPZ5FPxddV7JyHlckjiGZ1tQ32mWXSQnayiU3ik-_wFm6TX_z1kKl2uj0mkY-yizN0PI7UUJaT1aoNap8eEj4k-Xyx6o1AthfntYzovSJQgJwAeUL59pQKLOoPIBFaSiNpnlfZ-MjHdR0IlKNqwUG1riceBxGJIhw8NPo5OW01NzbWPFZgiMjVV-0L3ubVFNJHpd3g0Uqr3WBP0qkIErUc4pwQgnx3IVdHmbOysgt_2Z9ScK4Oli2nv-_holOx7OuRl099XsENGP4fgznBJR2WaF549pJiCSoeFvgH-HU4BrjZm6LZ6numNPRSKBnOO76Vr6N66fN1ln5z1uKof7TLi_o1muJXP8ynKGUbQf1ylHqQ0Rl7NpiwDwS6O7u14OcGK3nINvHk8ISM4PqNM0bani9a8TJQk2OpWew1_3n7mukHF9BNz1FyGjy5z6anmxbCzW7S9iS8-_2-77ZSKSv2dFHxFbhbo6a-WNPwXHSazJKpwHVw75N-ffiX7_cQR7m-IydFSRu_sgXO1us1JRQtbueWjwITjy5um80fm_emXAEziUAM-U4JVlrZQ2O107FhTgVkgmtewvxGVUlExYD2hzj3a0YBdpQ_1el7VgFJfnQRGNmDdpvdnXNUpNa_ucJkhQhK5IWcVBReKBWp9btxok1ePNdY85fwoDaC6n1-fEGfxF6amDsrC-Xmyz5XPS6H8ZO4Hi2PvMes6VWD0HVIals_0dbFL7g3Vtumww9d5HEDGPp3JwlbVPysTn_51NKASSwD_KZ7wsiRozCrJqSM3fNjAGg7i6t2dxbKOgyF1KEF83GuXj0pJriHHGFIl5E07neYj18AUhg0Cu5eiX9abUL9QqfmijxCvKbIGCX56CzK_diCJRd8HCcm4-NBXMUgl2FbqRSjmmwCH9eDQ6HnX0zq9MRYZCP8jHkw7y5HcZiI98cYCAJ3WHha7m-8bwTV1BPbghoiVQGhzl3QZKsXWaElH63O&cid=CAASJ-RoqTV9YRFqrNN9-Xnkh0qa8BX7Yg_bjntviB5OR6TVHOn4t7iSWQ&rfl=2%2Chttps%253A%252F%252Fznaj.ua%252F%240
Frame ID: 49732B0E05A0B002F50CAEC57E705C43
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BCDA3BF42311E3A723E5432C893271C0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247
Frame ID: C5AD71D17BA0F43C395B3CD2F308C593
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://znaj.ua/ HTTP 307
https://znaj.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

123
Requests

90 %
HTTPS

65 %
IPv6

27
Domains

36
Subdomains

32
IPs

8
Countries

1360 kB
Transfer

3840 kB
Size

28
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CBCbBzq_cYu2_FcjlgAfVlaeQBfGSpMVq7b7Wt_QPsJAfEAEgjLXie2C7hoCA0AqgAbnCvJ4DyAEJ4AIAqAMByAMKqgT_AU_QvPlrkzSIRQ0duI7Lph6xFzNBR4ZZ3Sc6Je2pvq-D4Y7xlwtZl9-_iLFLHTmc80pKO3SUCIoCQYTkqfeRH9_QYHRgdQpdpQz50O0n6UtpD5vD8UQUooQFjh7yg8-WY6SjUd3feWFqTtVUm-2xKE3ryiPW358yVVt-kKRi_6qjpFWm-Ji8fwBX5ppld1_uTVUgQdbtCUItdhL8Vh3i29omYWYaxr-ZjYFdG3ZOMnKNqe9zcqNgc9p-2xAjfe48OBdyr7oMKr6Z-lAbm2pn_jW40IQTM8wxAIyt6GUwZa3WVt6I-3oJvyblYZOYzS2YtgzxTI8z6mnovvmmn2szecAEmaPE__0D4AQBoAYugAevvcNhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAsQlhGtgopdFJXYAKA5gLAcgLAYAMAbgMAbgT5APYEwqIFAHQFQH4FgGAFwE&ae=1&num=1&sig=AOD64_3Jk0SrpWHjJG_kSxDbCF63Ess78g&client=ca-pub-8417126197537762&nb=9&adurl=https://discover.selinc.com/l/885633/2022-05-05/6v7sv%3Fcreative%3D602375865325%26keyword%3D%26matchtype%3D%26network%3Dd%26device%3Dc%26gclid%3DEAIaIQobChMI7d7ZzL6Q-QIVyDLgCh3VyglSEAEYASAAEgKh1_D_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CBCbBzq_cYu2_FcjlgAfVlaeQBfGSpMVq7b7Wt_QPsJAfEAEgjLXie2C7hoCA0AqgAbnCvJ4DyAEJ4AIAqAMByAMKqgT_AU_QvPlrkzSIRQ0duI7Lph6xFzNBR4ZZ3Sc6Je2pvq-D4Y7xlwtZl9-_iLFLHTmc80pKO3SUCIoCQYTkqfeRH9_QYHRgdQpdpQz50O0n6UtpD5vD8UQUooQFjh7yg8-WY6SjUd3feWFqTtVUm-2xKE3ryiPW358yVVt-kKRi_6qjpFWm-Ji8fwBX5ppld1_uTVUgQdbtCUItdhL8Vh3i29omYWYaxr-ZjYFdG3ZOMnKNqe9zcqNgc9p-2xAjfe48OBdyr7oMKr6Z-lAbm2pn_jW40IQTM8wxAIyt6GUwZa3WVt6I-3oJvyblYZOYzS2YtgzxTI8z6mnovvmmn2szecAEmaPE__0D4AQBoAYugAevvcNhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAsQlhGtgopdFJXYAKA5gLAcgLAYAMAbgMAbgT5APYEwqIFAHQFQH4FgGAFwE&ae=1&num=1&sig=AOD64_3Jk0SrpWHjJG_kSxDbCF63Ess78g&client=ca-pub-8417126197537762&nb=19&adurl=https://discover.selinc.com/l/885633/2022-05-05/6v7sv%3Fcreative%3D602375865325%26keyword%3D%26matchtype%3D%26network%3Dd%26device%3Dc%26gclid%3DEAIaIQobChMI7d7ZzL6Q-QIVyDLgCh3VyglSEAEYASAAEgKh1_D_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CBCbBzq_cYu2_FcjlgAfVlaeQBfGSpMVq7b7Wt_QPsJAfEAEgjLXie2C7hoCA0AqgAbnCvJ4DyAEJ4AIAqAMByAMKqgT_AU_QvPlrkzSIRQ0duI7Lph6xFzNBR4ZZ3Sc6Je2pvq-D4Y7xlwtZl9-_iLFLHTmc80pKO3SUCIoCQYTkqfeRH9_QYHRgdQpdpQz50O0n6UtpD5vD8UQUooQFjh7yg8-WY6SjUd3feWFqTtVUm-2xKE3ryiPW358yVVt-kKRi_6qjpFWm-Ji8fwBX5ppld1_uTVUgQdbtCUItdhL8Vh3i29omYWYaxr-ZjYFdG3ZOMnKNqe9zcqNgc9p-2xAjfe48OBdyr7oMKr6Z-lAbm2pn_jW40IQTM8wxAIyt6GUwZa3WVt6I-3oJvyblYZOYzS2YtgzxTI8z6mnovvmmn2szecAEmaPE__0D4AQBoAYugAevvcNhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAsQlhGtgopdFJXYAKA5gLAcgLAYAMAbgMAbgT5APYEwqIFAHQFQH4FgGAFwE&ae=1&num=1&sig=AOD64_3Jk0SrpWHjJG_kSxDbCF63Ess78g&client=ca-pub-8417126197537762&nb=0&adurl=https://discover.selinc.com/l/885633/2022-05-05/6v7sv%3Fcreative%3D602375865325%26keyword%3D%26matchtype%3D%26network%3Dd%26device%3Dc%26gclid%3DEAIaIQobChMI7d7ZzL6Q-QIVyDLgCh3VyglSEAEYASAAEgKh1_D_BwE
Title: Wide-Area Distribution Control

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CBCbBzq_cYu2_FcjlgAfVlaeQBfGSpMVq7b7Wt_QPsJAfEAEgjLXie2C7hoCA0AqgAbnCvJ4DyAEJ4AIAqAMByAMKqgT_AU_QvPlrkzSIRQ0duI7Lph6xFzNBR4ZZ3Sc6Je2pvq-D4Y7xlwtZl9-_iLFLHTmc80pKO3SUCIoCQYTkqfeRH9_QYHRgdQpdpQz50O0n6UtpD5vD8UQUooQFjh7yg8-WY6SjUd3feWFqTtVUm-2xKE3ryiPW358yVVt-kKRi_6qjpFWm-Ji8fwBX5ppld1_uTVUgQdbtCUItdhL8Vh3i29omYWYaxr-ZjYFdG3ZOMnKNqe9zcqNgc9p-2xAjfe48OBdyr7oMKr6Z-lAbm2pn_jW40IQTM8wxAIyt6GUwZa3WVt6I-3oJvyblYZOYzS2YtgzxTI8z6mnovvmmn2szecAEmaPE__0D4AQBoAYugAevvcNhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAsQlhGtgopdFJXYAKA5gLAcgLAYAMAbgMAbgT5APYEwqIFAHQFQH4FgGAFwE&ae=1&num=1&sig=AOD64_3Jk0SrpWHjJG_kSxDbCF63Ess78g&client=ca-pub-8417126197537762&nb=8&adurl=https://discover.selinc.com/l/885633/2022-05-05/6v7sv%3Fcreative%3D602375865325%26keyword%3D%26matchtype%3D%26network%3Dd%26device%3Dc%26gclid%3DEAIaIQobChMI7d7ZzL6Q-QIVyDLgCh3VyglSEAEYASAAEgKh1_D_BwE
Title: Open

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=Aa2KcEZBQc8V98r3kL1XrIacignC7Vdg99rU9BFf6VQLQEOSlWnX031u3OujDALDorStKEiMJblQF38rkylfpIFZ-ZoAAZY-3QkA9yQLVIXGxYJO4s7ENUsFJMB4sS9fFSqDLT7byAbtbzk-66C6nEtRNd8nvqT9EeOavGI6oG0W7pHSGaeQATzaeFSlxqqRTwWdmDlePC68u3VZ9Ixp1ERRg4_P1w0x59ok16BAd9D6b8Vl_YBlr0wLEN6PI89iLL2aUKyFkv-qe-Kv3ucrBUsVGWXhB8TQIau3KWZX7IsRxJUhijS_YBUP26hRNXQZGqnUwxrSQraRYquoA14lfVLa9uqxBXC3hUTwZNIyqopcu2Zx_FyQjatuLo4MA1HXd8ZdST3yBq6iXFrHlHj2-aGBwmUHWvj1mNCm9v7Sbar8Ynmp8bgCVVZwYmCnHM7zQ4B1v3uUzOM0looDrxojC-4roFDq7wuw7Afm1OMTalYC38UAX4v1fmWEwdt8AZhbY0mbaf520sZArZ3ejDSWp8NhJroe7zs39AaR72aSHLRJ_S97wLhyGTfs-O56-BiTXtu-ePKF3mLQhebZYNgVD7wAzvnDelybbi6ufGYKywPNbUGO-A9AIlREyqFQVDo93mWnZ1OIvGIWrasl7jMzsxuhnu5NFPXhYjLaXz23o5sZGvtJ2EU-He-RM9xfA3zlQd_0_BXNfc2vTRTZ1Eo4V7waMZo6MJJG7A4xB7xBK7mlAqP3XuwKFVObtgjiHC7j5ZygJIJ98TSvkTzSvH1YSC5BvKzks6Dxr0tKl7z74Z45neakAcUk-NH_arhx-bV1tqpoR_Z2VMFrm7Ar202E0S11cMe_dAgZCd5YNQSJZpGKe_ZYKldH7eU7qy11dyDrt5Zp_lh_ffeRLH-KDg5Az1t2Gv-7DR12uvtdpFR6ttGfmLWKtTbJw6v9w70UPIJmqBlJ8mink8NJSGNYwp9VhUHLShDbXtFi9LfxAOTPXBUarzN2daeOpLhTWTNavw70WorGPszKQMxDEnBOnQ3oONJWUZfV7QvN_87N4D3Zk0IFUTayFVuyqUTbuRnVOLomalG-A33JRprwZ2-ju7zgIArJ9Kd4E-iDiyyQyw8UxwuOlnHwekzOQahgRoZBteSSOyHgspTSx6iHGtHRutrrZd1t4rWkb1wj4gbEEf0fQxAeVFEoqsRk1-4UOpB0wyWafemuw4TZH9q4oCDwWMVcKC3zSaTaHrJ_7iQtlSnSr-sjBY3rhVWdujy7Zd-HlyEMVsKZJPMVj3m15kHNrtW-rH_YOi_mC7_KKoPZ6yToDt3-uS40ZGDA-BzNNX77MCtKSowhUFRmJwpkTMQzBMypWUWl9R7OTMK5D46aXDHCb4wUve-XO1l4UCxAA-DL_eirat14-zv5oiH8FPzo14cbtpgN2QL77iw_mgXz9lNzbVkvwshR4HW3jEmGsq32KkEQ6T6KnO9p_ViKcFlwHjiVhxJ7nq1h-4eu9itBDCEuaZzyLCVBuBO8YSlfvBQK_IBUpy8NhjoJn2oiqkg1Ur_28Y8IF0fPlRhSM_d4r1aKFFvkX8PsS8zH4H3m0jF1uNAzowfk40PBDfNxRkhz6JHTvM-YGJcB2NI2XrWNEQR61rsveULohkIeFneelgjGwDTmo0o0zbTn1Gqacw4Zsj-LBWETHDbB0w

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://znaj.ua/ HTTP 307
https://znaj.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEUsEYA6Ues-raBW7kbki7U&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEUsEYA6Ues-raBW7kbki7U&google_cver=1&C=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtyvzfHCmMuXnK76H7o3uwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIDQ2otvQdhUxL4ZcqECsuc&google_cver=1

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEuWiYixdNugi7zIoEHGQ3A&google_cver=1

Request Chain 81

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxNzM1MTMzMTkwMjQyNTczMQ%3D%3D

123 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
znaj.ua/
Redirect Chain

http://znaj.ua/
https://znaj.ua/

302 KB
60 KB

202ms
67ms

Document
text/html

2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf3b59ede3446e27932b4d706e6e085273bfb224e5d7b25bff79764a4958dfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 403
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: HIT
cf-ray: 72f9425c6c603742-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 02:34:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Sun, 24 Jul 2022 02:20:15 GMT
link
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GPiqQKpV%2FB3XMXR4yFWNOGw62PAbvd510FpMD%2BtLPxlgitvC9QCypttV6ekubFlJIR2v2pNNeWeYbIVZDSmjyxZMAN0kTSHliXzQn28gy4QxaLP2sGXfA0pCZuuuM9tXZx8k2U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache-status: MISS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://znaj.ua/
Non-Authoritative-Reason: HSTS

GET
H2 200 ukraine.png
znaj.ua/img/ 702 B
1 KB 66ms
66ms Image
image/webp 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/img/ukraine.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1460619
cf-polished: origFmt=png, origSize=992
content-disposition: inline; filename="ukraine.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 702
pragma: public
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 09 Mar 2022 13:29:35 GMT
server: cloudflare
etag: "6228abbf-3e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBspjVuQmOUgUHmNPzYevSor1%2B5tzws5gR0uR16TnqAZrZtB8ayy%2FanQ1Ng7rchSYsBllyFvgDA%2FV8UzBKfn5muy5%2BMPZad4QY7HvkdUylrvIagok63cvPepmzzCtuLoM5tW%2Fjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 72f9425cfc883742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 GA8KYqS4V1vAdTCgtmoSDx9uHrADclY4rSJ0Ewqr.jpg
znaj.ua/crops/d5469c/150x100/2/0/2022/07/22/ 4 KB
4 KB 68ms
68ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/d5469c/150x100/2/0/2022/07/22/GA8KYqS4V1vAdTCgtmoSDx9uHrADclY4rSJ0Ewqr.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1317301e54961412ac302126d80f8121564af234624573251ddde5c84c1bb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12903
cf-polished: origSize=4183, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4052
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 22 Jul 2022 16:20:29 GMT
server: cloudflare
etag: "62dace4d-1057"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6HfHGsWMCJMKxcu6%2BibdIaCamLN1qH1Ud0uUGYnOiLy0C2oLmPM1DC%2BgI1WTMn0mHWynJcAZpQPy07ibWPpKja6ka03aZLqbxzKysvvTzoVjicvJZusyArw1CN%2FgSJvN%2FQeCf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72f9425d0c8c3742-MXP
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 app.js Show response
znaj.ua/desktop/js/ 90 KB
26 KB 70ms
70ms Script
application/javascript 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaj.ua/desktop/js/app.js?id=d8b216e72b18bc82b328

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811783
cf-polished: origSize=92589
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 13 Jun 2022 21:17:50 GMT
server: cloudflare
etag: W/"62a7a97e-169ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VL7QyEiDDFmZfSZuYqKcWJqDuEZ3g%2BQOhTIvgRlHcT4vfH3v3ne3cxatnPCR0XjYvt1EeVg6XBJzy5B418vGfMGln0h7Xy29eMwfsKyYha8SiO6F4god4%2BxDd8xcpNbVvacXDRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: max-age=315360000, public
cf-ray: 72f9425d1c953742-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
aixcdn.com/ 23 KB
9 KB 204ms
67ms Script
application/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/client.js?165864

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Apr 2022 16:27:29 GMT
server: cloudflare
etag: W/"62599cf1-5a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3MJSr8sm8eKGr3DNBse8OOG4qGgHX9CLaBKWTCmJuhaPQaOQZXLTgQcR2Jl2vQKB0rL4Lnr5a1xIzAh6xKsDTBshd%2B37pDMHAdNzDBMqdJ9TAb%2FUVqBWJkD87HVHa2eXaSDz1S%2FPIT2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 72f9425dfa7eba89-MXP
expires: Sun, 24 Jul 2022 02:51:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5335
date: Sun, 24 Jul 2022 01:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Jul 2022 03:05:57 GMT

GET
H2 200 client.js Show response
s.getstat.net/cdn/ 16 KB
7 KB 203ms
66ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.getstat.net/cdn/client.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1071
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 15:15:08 GMT
server: cloudflare
etag: W/"6260237c-3e9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nwuoqkKA3rLMCQ4g1FjlJoCbIITPWzWP3z2vedEjUfMDuzRiysXIepOHXjT6Y3hnVlqqftBWNbz4flGbwxKEP6bnaMzOQLOyhuT65gGutJN4y9qBHJ9IjoTZcU99GHGbpPvlm6hOK7R7mB3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 72f9425dfa6983a8-MXP
cf-bgj: minify

GET
H2 200 client.js Show response
cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/ 58 KB
18 KB 221ms
84ms Script
application/javascript 2606:4700:3030::6815:2157
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/client.js
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 24 Jul 2022 01:04:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrF3EsdkqPoEEkUcNFtt6c%2B8YPUCbtW8%2FRGpZmv4fZfxZU369UQUckrS%2FkpFWgYzBCHSMLJhx77ilScYr4%2FE6r2FuXDVbhPi0pLkh2Z%2FNgw0iIOzmkuAWYzvNwnBekSi1%2B9kWilLPx%2BGsrMBSlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: max-age=14400, public
cf-ray: 72f9425e0ca60f72-MXP
cf-bgj: minify

GET
H3 200 pbL1rBmACeorCGyqjwWCOuLkJWxewqf2MdeiqQVY.png
znaj.ua/crops/1411f5/150x100/2/0/2022/07/22/ 5 KB
6 KB 191ms
190ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/1411f5/150x100/2/0/2022/07/22/pbL1rBmACeorCGyqjwWCOuLkJWxewqf2MdeiqQVY.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57725bb6019bbb3e735b2af15574b85cae1fb6b7ad5e66203cce5b50ccd0df2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5634, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5517
last-modified: Fri, 22 Jul 2022 15:41:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6CE4ADgh8u1lg5soUzq6ZhqJvnTDGqaA92Y8wDHxnmzwFfFZFgITYFKAslytIMQYe1Qii%2Bec6dGQz%2BudsYtGASIOMUyfvZztQKsLrWwrKip1duW3eRaktGNpmfzfq6QcdlZ4Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 72f9425e1e8283b8-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 gWZUwriv115fM0GwJjsms9jP09qFCIvcHU0D0elw.png
znaj.ua/crops/e1a8ed/150x100/2/0/2022/01/26/ 4 KB
5 KB 191ms
190ms Image
image/png 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/e1a8ed/150x100/2/0/2022/01/26/gWZUwriv115fM0GwJjsms9jP09qFCIvcHU0D0elw.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c05bae5d9703a8d1491c705793492fb890fc87c19874a4d5e93c001734208a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22593
cf-polished: origSize=4544, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4386
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 26 Jan 2022 11:01:26 GMT
server: cloudflare
etag: "61f12a06-11c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEmIPJijrBn%2FGc0DS3UXJYZXMqrIu06iRcfDhbROZ9JyLURhzBxZLc1i%2FpjuproRPt%2BcYwy7dJ7U6wakh25AhArUAAxIRs7STtxp3UleWk1Hbb6CcSG8GhqDS7AmCLEHALr9Hyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72f9425e1e8383b8-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 msA5DUI0Gcf51T8hDkAWphz3skLHWEkTqWsNl3Xp.jpg
znaj.ua/crops/16240c/150x100/2/0/2022/07/22/ 4 KB
5 KB 68ms
67ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/16240c/150x100/2/0/2022/07/22/msA5DUI0Gcf51T8hDkAWphz3skLHWEkTqWsNl3Xp.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5853f3128578e87eded297ddb80a8531841f9e317decff2b6c3716902f440d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22588
cf-polished: origSize=4463, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4319
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 22 Jul 2022 17:13:59 GMT
server: cloudflare
etag: "62dadad7-116f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRIUEyK0gJGtO54vfA%2BKhf0icS6BGzzqBIodcBM7Y%2BDmbF5y3rOPwRgN%2BDQjB9OTF%2BzhbHzfZ7lNkzmQ6vD5hybH92cSsadPg80rdXsLXXtP2c%2FnH40a%2BIYy%2FrLeh7RKQcf0XY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72f9425e1e8483b8-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 a6iMo7SwjsIk1derIrLPxGfBdp1VDiYIp4ep22iB.jpg
znaj.ua/crops/90011f/150x100/2/0/2022/07/22/ 6 KB
7 KB 68ms
67ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/90011f/150x100/2/0/2022/07/22/a6iMo7SwjsIk1derIrLPxGfBdp1VDiYIp4ep22iB.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75db6eb2a94fc79b3233218d0f4d0edb09629ce57e41efd7bd23103b64485042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17617
cf-polished: origSize=6178, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6081
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 22 Jul 2022 14:17:36 GMT
server: cloudflare
etag: "62dab180-1822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyqdkCHxPzy98Sli0SmsEP6n3BnI6ccSLN8k9fBBdzlAHECdtgukuYxh4Q1s%2FQyx4ayQ4TSNWcY%2FNDZ4TSadPyCjDNi5smWUP5joFntaUFmRAv4e8Us7GjsVpwhYqIE6HGbM9x4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72f9425e1e8583b8-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 NXkbVLgMYYSoUcVdFG6QNUSffjEHapczGSRpw48k.png
znaj.ua/crops/f99445/150x100/2/0/2022/07/22/ 5 KB
6 KB 191ms
190ms Image
image/png 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/f99445/150x100/2/0/2022/07/22/NXkbVLgMYYSoUcVdFG6QNUSffjEHapczGSRpw48k.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d712fb4a81d9f7f4b22b512f96d90b1366d9b6fb9f45b86d9d09e6a0fc106d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14154
cf-polished: origSize=5350, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5207
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 22 Jul 2022 13:25:28 GMT
server: cloudflare
etag: "62daa548-14e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdWk%2BYa8xIHN6gg07TEjT0LQvLWUw%2BjeK%2FZrZikpLU20T9X64y%2BXhjVlw3PmWyARyI3yXRq6GdIXiai5JT%2F2wBWuKfOg0czZiT6oKb36Nxe01TCz3qhcPbnOAlYcZ0Z9H8MGHnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72f9425e1e8683b8-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 LzgTrl4FIRPsXVSy2SActm2kTA7iBgOvfqigbTou.jpeg
znaj.ua/crops/ae0c4a/735x400/2/0/2021/12/25/ 75 KB
75 KB 128ms
127ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/ae0c4a/735x400/2/0/2021/12/25/LzgTrl4FIRPsXVSy2SActm2kTA7iBgOvfqigbTou.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d294bffe32a33a515a30028cc45bf37380be444eed1e1262da14840d60415d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=76573, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76354
last-modified: Sun, 24 Jul 2022 02:08:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiE20JWi7snXXINquvuNTXYn8YqNXLFBoktNdzUqBpOJO5LRxCu4Jr046fYGS1mzTpdvmymZ52A5kk7D7zwtDDhcqQbIngPNnrhMCuK5Ld1euF5l%2BDOwokfPpw4ekZWyR%2Bql6rU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 72f9425e1e8783b8-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 DTVluyWqF38G0VuEoquJngva64GdpKGONfRRnauw.jpg
znaj.ua/crops/82079b/735x400/2/0/2022/07/23/ 38 KB
39 KB 250ms
249ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/82079b/735x400/2/0/2022/07/23/DTVluyWqF38G0VuEoquJngva64GdpKGONfRRnauw.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d473f5fa2ef918c368f7f661a07561dcff825df20a37c9b9c63e50c2819305e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=39631, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39194
last-modified: Sat, 23 Jul 2022 20:35:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zt5V7D%2BHI0eeJA2G1vk9f6z%2F%2BuBT8UL08OZ3OzlX4IgjRyMfm1fwA2EgOLR%2BxhTpDX7lSH0CNq2QM%2B4UOIovOPyh8Garj1eHYdvuLMMlukM6uehRkiSaQcudZ3OJX8GqApEgHjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 72f9425e1e8883b8-MXP
cf-bgj: imgq:100,h2pri

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 130ms
47ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2026776659&t=pageview&_s=1&dl=https%3A%2F%2Fznaj.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B2%D1%96%D0%B6%D1%96%20%D1%82%D0%B0%20%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83.%20Znaj.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=327438550&gjid=1270458945&cid=1377415786.1658630092&tid=UA-108263001-1&_gid=13144544.1658630092&_r=1&_slc=1&z=2064757003

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pv
s.getstat.net/ 42 B
787 B 189ms
123ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.getstat.net/pv?u=https%3A%2F%2Fznaj.ua%2F&d=znaj.ua&s=&t=&l=uk&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=1&r=0.22284118273517373

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNQne24Mj32AgeU5YK8%2FSSghnsjwTKbmAml09NPnA07IuYU%2F%2FqU1k0hVNpbV80zImus8f1alct55WMn60Sq2qJeCmhXmvpylLlKQtUGxmyKptBl2rA%2FASkh8uJhzz34sUmE923H%2BDFfljfVg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store
cf-ray: 72f9425eda9c0f6a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H3 200 121 Show response
aixcdn.com/p/ 257 B
791 B 135ms
70ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/121

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165864

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7b7dc029aadf4c26e5ad370b70c77c812936e206519fb854123588c074da9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55500
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 23 Jul 2022 10:32:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbSyJEC9zSxqwy0jRRRIiCoJTn1G6%2BxXS%2FdSCWxMIxgR5dzqAiB3O2wCX8uwAVgz8h89Qc0Zn4MKjfOP9bmmubrmxVuush3DtKQ3GY9I0iyfo6jes%2FNJQQrMA%2F13uIF%2BpMDMr4O2lgN6"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 72f9425eedc659ef-MXP

GET
H3 200 97 Show response
aixcdn.com/p/ 23 B
667 B 132ms
67ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/97

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165864

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55500
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 23 Jul 2022 10:32:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=un07G0WiR1B4jRUsqy2PtG1Z0XQSOlEFxTdgdhjUsmv1Rm4tsP8PH%2BIW7ycIdfq3Z82waWDb5u5jcAc37CeNYXp62ecXV5Q46CVqOgp1UILfQMrV4q4zFkyhzyObxetPP8rz57l4XXeg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 72f9425eedc559ef-MXP

GET
H3 200 194 Show response
aixcdn.com/p/ 2 KB
2 KB 135ms
71ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/194

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165864

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55500
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 23 Jul 2022 10:32:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17zeuFwmnRyvWGWOZPFniYTUIbUtV%2FPZ2D6PUsc6%2BjKt2e7o3fTIJ%2FR6pcPjA15oElfBvax%2FzxoxP2VYde%2FU6mtqnbLy%2FnZc1ZeYtRCT2ZkeVT6u5bkhhYlO3qJSzGyRA5Hg3cv28RMh"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 72f9425eedc859ef-MXP

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
439 B 107ms
36ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-108263001-1&cid=1377415786.1658630092&jid=327438550&gjid=1270458945&_gid=13144544.1658630092&_u=IEBAAEAAAAAAAC~&z=1728595326

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Jul 2022 02:34:52 GMT
content-type: text/plain
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 branding Show response
a4p.adpartner.pro/ 11 KB
3 KB 269ms
143ms Script
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=1582&0.4102752448918381
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: d46ceb2bde60881fb19d81ed006513a18f1fa2428fe60af86e50e308a13f298f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 137ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165864

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2be93b047e245a0d15f81797b7b461a63199f1bb61d6b796d4cdb28f3ab6c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28359
x-xss-protection: 0
server: sffe
etag: "1282 / 989 of 1000 / last-modified: 1658527520"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Jul 2022 02:34:52 GMT

GET
H2 200 ym.js Show response
cdn-b.notsy.io/zna/ 336 KB
106 KB 136ms
34ms Script
application/javascript 84.17.46.54
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/zna/ym.js
Requested by: Host: aixcdn.com
URL: https://aixcdn.com/client.js?165864
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-54.cdn77.com
Software: BunnyCDN-AMS-883 /
Resource Hash: 3f292e02c435915c87ca4f6a33db85fed4654194fc029b0bc766ad2c5cf40e09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 250
cdn-storageserver: DE-51
cdn-cachedat: 07/22/2022 15:20:36
cdn-pullzone: 139012
server: BunnyCDN-AMS-883
last-modified: Fri, 22 Jul 2022 15:20:07 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62dac027-540c1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: d360c44c84682df0a0b61dae1c102a23
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 142ms
52ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=1377415786.1658630092&jid=327438550&_u=IEBAAEAAAAAAAC~&z=1368226554

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 142ms
51ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=1377415786.1658630092&jid=327438550&_u=IEBAAEAAAAAAAC~&z=1368226554

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022071901.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
129 KB 137ms
41ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 20:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131527
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Jul 2023 20:09:39 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 297 B
778 B 147ms
51ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=znaj.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
expires: Sun, 24 Jul 2022 02:34:52 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 192ms
48ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Jul 2022 02:00:34 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront), 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:40 GMT
server: AmazonS3
age: 2060
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1, FRA50-C1
content-encoding: gzip
x-amz-cf-id: KF4Zwpq-RmZsb6VHqyOTZBiu04kcTLzAWpdDB3Ms9lyA_KJ73jj47Q==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 251ms
150ms Ping
text/html 138.199.37.230
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?ZNA;desktop;;main_page_desktop;c667db|522ed8
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-230.datapacket.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn-b.notsy.io/video/ 206 KB
67 KB 35ms
35ms Script
application/javascript 84.17.46.54
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/video/video.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-54.cdn77.com
Software: BunnyCDN-AMS-883 /
Resource Hash: 4fb131c323dedec316e7389799897b88c14abc1f8b062532fce3efd4fe5ae775

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 224
cdn-storageserver: DE-199
cdn-cachedat: 07/23/2022 14:30:23
cdn-pullzone: 139012
server: BunnyCDN-AMS-883
last-modified: Sat, 23 Jul 2022 14:29:58 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62dc05e6-3375d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: f3e4956566be4fa48ac38a8e8bb5c81a
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 148ms
54ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220724

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a2e2cb7ae2e11569666e279178f8e3905dda858808c90cd3eb4b16fc6e852d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41639
x-jsd-version: 1.0.1409
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19133-FRA, cache-iad-kiad7000172-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66b-8OsgrU43P2ppj48VEX8z0ycIywo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByuE8PDaTTzi8AicEDBTd%2BRuy8J%2FAXP7SIUCrs2DAJZbXamsl3Omb1%2F0rGmKr04bm398f04BA8RupwquedqE6HQ8n9jtC0KLPD5Ny6ZT9H6lvL9H6ZUAjS7qL1bb3bxqLO0NsC5a08UMITlnw8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 72f942618e0ccc56-ZRH
access-control-expose-headers: *

GET
H2 200 / Show response
adx.adform.net/adx/ 20 B
482 B 193ms
89ms XHR
application/json 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEzNDAxNTMmdHJhbnNhY3Rpb25JZD0wYjNhNDBkNy0yNzU1LTQyYmItODc1Ni0yYTVlYjRkZmY3YzMmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTUmdHJhbnNhY3Rpb25JZD1hNGRlZTQyNy02OTAzLTRhYmUtOGVjOC0xOTA4ZDBiOTE0MmMmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTcmdHJhbnNhY3Rpb25JZD0yZmZhZTcyOC01ODYyLTRiYTEtODYyOS0zYWYwMzE0ODAxMjgmcmN1cj1FVVI%3D&bWlkPTEzNDAxNjImdHJhbnNhY3Rpb25JZD0wNDEzOWRkMS1iY2ZkLTRkMzItOTlmOS02NTRjM2VlOWI1OGYmcmN1cj1FVVI%3D&pt=gross&stid=663e52f9-20bb-4979-9783-05b21b2d0c4b&fd=1

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://znaj.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 493 B
1 KB 251ms
160ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7815d78af3d8a10a14050313cbbcabfe382427dc40673eef4beb7cd869d3303c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8f91ad00-c580-4134-bea2-a5ec9fe30526
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 493
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 343ms
102ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309706&size_id=16&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=0b3a40d7-2755-42bb-8756-2a5eb4dff7c3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6899951701182678
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a334919b750ee03e0f707fb7ceca9cb21ccedd24de6d96576c3bfd7e558f7991

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 415ms
115ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309708&size_id=16&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=a4dee427-6903-4abe-8ec8-1908d0b9142c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8480434298270951
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b07146dab8bd2fd1dd8afac76a63a30ee1b7c90f8a968678efdf62dad114aa51

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 437ms
137ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309710&size_id=16&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=2ffae728-5862-4ba1-8629-3af031480128&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.051217126031573246
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 63950b1d6ddca519998fe9e7a753713be9dd0048fbfe6c8bb3e15049f48e3197

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 423ms
117ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309716&size_id=10&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=04139dd1-bcfd-4d32-99f9-654c3ee9b58f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7384069455103615
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4ca425f05467897494883fa80e34874b7aa9dd4eb4c88f47fda1a4de108dfb28

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
209 B 187ms
34ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=69777822619

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
501 B 212ms
85ms XHR
application/json 18.195.191.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fznaj.ua%2F&tmax=1000

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.191.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-191-124.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
content-type: application/json; charset=utf-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST /
ghb.adtelligent.com/v2/auction/ 0
0

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
402 B 161ms
161ms XHR
application/json 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8220,8221,8222,8223&sizes=336x280|600x280,336x280|600x280,336x280|600x280,300x600&referer=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: bf5e7a5c3b937b1ed43aa150cf14f489f2a091b658340a6d86fe8d660f62b1ca

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://znaj.ua
date: Sun, 24 Jul 2022 02:34:53 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

GET
H2 200 branding.min.js Show response
a4p.adpartner.pro/apstc/ 13 KB
3 KB 60ms
59ms Script
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.4102752448918381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
cache-control: no-store no-transform
last-modified: Tue, 15 Mar 2022 16:47:24 GMT
server: nginx
content-encoding: br
etag: W/"6230c31c-35bf"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame BBC0 0
0 932ms
931ms Document
text/plain 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.4102752448918381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Sun, 24 Jul 2022 02:34:53 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/branding/ Frame B48A 5 KB
2 KB 59ms
58ms Document
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=24450353003949264&apuid=b24feff7-4924-4152-b82d-1d7724c429f6&session_pageview=1&session_id=1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.4102752448918381
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 25d5577c3c071c3b72856378e4f603cd369ad308f244a8be167975ad157f5406

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 24 Jul 2022 02:34:52 GMT
server: nginx

GET
H2 200 geolocation.json Show response
cdn-b.notsy.io/ 3 B
647 B 105ms
35ms Fetch
text/plain 84.17.46.54
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/geolocation.json
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/video/video.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-54.cdn77.com
Software: BunnyCDN-AMS-883 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
cdn-edgestorageid: 879
cdn-fileserver: 309
cdn-storageserver: DE-167
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cdn-cachedat: 07/01/2022 20:10:34
cdn-pullzone: 139012
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-ym-country: GB
content-length: 3
server: BunnyCDN-AMS-883
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "622b54c3-3"
content-type: text/plain
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 70421908d792d6473f3765a513423e3c
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B48A 49 KB
20 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=24450353003949264&apuid=b24feff7-4924-4152-b82d-1d7724c429f6&session_pageview=1&session_id=1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5336
date: Sun, 24 Jul 2022 01:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Jul 2022 03:05:57 GMT

POST
H2 200 branding Show response
a4p.adpartner.pro/ Frame B48A 772 B
448 B 65ms
65ms XHR
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=1582&session_id=1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=24450353003949264&apuid=b24feff7-4924-4152-b82d-1d7724c429f6&session_pageview=1&session_id=1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 3e6eb089aade1932a634c0b0e2aff1b3993ea1775de672aa8914f47e1a5ffba1

Request headers

Referer: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=24450353003949264&apuid=b24feff7-4924-4152-b82d-1d7724c429f6&session_pageview=1&session_id=1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 141ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 144ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 337ms
255ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1146306705698415&correlator=4056192786064737&eid=42531607&output=ldjh&gdfp_req=1&vrg=2022071901&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_WEB_INTERSTITIAL&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3438404882&sfv=1-0-38&fsbs=1&ecs=20220724&ists=1&fas=8&fsapi=false&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1658630093148&lmt=1658629215&dlt=1658630092270&idt=852&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1377415786.1658630092&ga_sid=1658630093&ga_hid=2026776659&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

272bd67020a535e1e2c05b326b38cfebacbf57fb006623a7007af4ee0af55980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13928
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B88B 6 KB
4 KB 188ms
47ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:34:53 GMT
expires: Mon, 24 Jul 2023 02:34:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022071901.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 120ms
40ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022071901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

0a653ffd2c19e83076a5c640e1b7bed9aeac7c84d8252ecda126db9f3229847f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 14:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13564
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Jul 2023 14:27:52 GMT

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 49D6 0
139 B 59ms
59ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b24feff7-4924-4152-b82d-1d7724c429f6%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Sun, 24 Jul 2022 02:34:53 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 3E8D 0
139 B 59ms
59ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b24feff7-4924-4152-b82d-1d7724c429f6%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Sun, 24 Jul 2022 02:34:53 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
297 B 136ms
135ms XHR
text/plain 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fznaj.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:52 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://znaj.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 0bXSJIvv5S-x9c8YPu6MLiuI0jTxmbrrLJeGC3VG8KiQb-YVhRViPw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
486 B 80ms
79ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fznaj.ua%2F&pid=dWlVKU4Ak0X69&cb=0&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22ZNA_ITA%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336%22%7D%2C%7B%22sd%22%3A%22ZNA_ITA_1%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336_1%22%7D%2C%7B%22sd%22%3A%22ZNA_ITA_2%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336_2%22%7D%2C%7B%22sd%22%3A%22ZNA_SBR%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_SBR_300c%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: RSFMXR6CQQZ3AWN2ZHQR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: o959OUJaellb0n1PQIBYzC1r1RvJDsVWN9fSrrpiB2dw3KsqzIokjw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
486 B 80ms
79ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fznaj.ua%2F&pid=dWlVKU4Ak0X69&cb=1&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22ZNA_ATC%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ATC_970%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: K10MJRGFBYTS3Z7Y4F91
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: mPFzRxezFeYca3GCtb8Clxbck5fTBAYMFCsdE7VrA46NWpPFH2xyew==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 124ms
41ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 7475
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
date: Sun, 24 Jul 2022 01:51:50 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TpV0UxT4rRRD-UqsQApukQHZ6JjEcXivjmlpKaGOklc5v9C18OtjOg==

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
478 B 99ms
98ms XHR
application/json 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEzNDAxNTEmdHJhbnNhY3Rpb25JZD02ODFhNThlYy0yYjNmLTQyOTQtODRhMS1lMTM5MmZiNjZmZTMmcmN1cj1FVVI%3D&pt=gross&stid=89ed3ebb-ca60-4a71-ad49-edd79d1d2031&fd=1

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://znaj.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 120ms
119ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b3a3d13739ca28267ff2cfa3e7f5be4f7bb99c9ee31fdbfb23d20023b72db37e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7649d63b-28bf-499a-8329-81e98adfd399
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
708 B 94ms
93ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309704&size_id=2&alt_size_ids=55&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=681a58ec-2b3f-4294-84a1-e1392fb66fe3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8389300093522292
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 73b7a0b5f72cd348760f1732bca95115c24a429575e00f5deaef864cc7fb5bf2

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
208 B 34ms
33ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=13481299333

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
500 B 75ms
75ms XHR
application/json 18.195.191.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fznaj.ua%2F&tmax=1000

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.191.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-191-124.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
accept-ch: sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST /
ghb1.adtelligent.com/v2/auction/ 0
0

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
402 B 159ms
158ms XHR
application/json 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8217&sizes=970x90|728x90&referer=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 673033a3d7a066df2524428005858351717bb096ffcc3236fea0c79c5ec73f74

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://znaj.ua
date: Sun, 24 Jul 2022 02:34:53 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

GET
H3 200 container.html Show response
3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 62EB 6 KB
3 KB 123ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:34:53 GMT
expires: Mon, 24 Jul 2023 02:34:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
c.aixcdn.com/ 42 B
399 B 89ms
81ms Image
image/gif 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aixcdn.com/?2120&3224&4137&4166&r=8992

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCWt3k6Bj8PJ6dI44jeQkgYpU0ixll3Igoc%2BZcjBKzKmf8yIy9nWReKvMvWU1IPWE6MuS6X1m05QMmZxc0XQzC%2BW8KkR1CS%2FY3XTKxRk78piqc4%2Fy0YPZ4bQqkUJe2YYyU5H4L0A4xZFdGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 72f94264cd4cba89-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 css2
fonts.googleapis.com/ Frame 62EB 4 KB
1 KB 140ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 01:22:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 02:34:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 02:34:53 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D530 624 B
976 B 141ms
51ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhip64nOATAB&v=APEucNXu7OtQimSEOJ2FUSTVkzH2aw0YV_S_II6F0EcX-ECrcJ8OAm7N6LPe2emOhMG3GblqJG8Fr500qooU_sLVzxffH9ncfymjfhexbvBM2FDp6Durn7YoiGbcMDX3ETqPvj-od3jZl82aTUiXXIUzs3vGCKFVlZF4fXqtZJU_LTiWB8Si7jI

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:34:53 GMT
expires: Sun, 24 Jul 2022 02:34:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4973 90 KB
36 KB 194ms
105ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTIGYaQIdmNnRFmWQR3QXpJ-SbsUIKbmp1xq17ERoet-7T5Wvbto6sn49Vr8uCJApvBe4iBwWvRZ5lifH2NwVr8GUyJ5YB9FXtssdogr3OkSrATLwQpj3avQk6lSB667PyquAezLriyQsdsAgBrLEbj_GsVw&dbm_d=AKAmf-B53cDbhPyY2nDIG7WbDUkP6bo5xLGf-VTsAA2bMSbdTDM5HJHE0rSOKG3OY4xUQDLT_jCPBLAI3W_A1VfObw4hFDFnunoP6w9zaz9E6j0fqCuwqkRuYV_aOgjf0jukZbtn7FkFfyRQ-FUd5OyWR9MtNqyKs-vnxlEoNIuHM33xeb2cldZuQATGnLirRJuPku90crXpEvref0sBAtCgy0tiS6o_WLfkM1uEC5SYPYDla-UlEGFKY_sqjejjjQCL_fD92x6xdMCp9mrGACAH1X8rwF32G3jdEdjJRdjnveenWMZeHnAFqsZOettSmGFHlSTSLVYQJj40JAknl3xNafS91FOVplCKAPqRwTFst6u8oyVkPHZbFr4GBb2kYLsUGqrge0V4fXq1F2sWDllbNDBEqg4wpA3-MSExd9r304lCigb0trUsl3SIlJTx-qlLnBGJrGqlccbYfwYVE6ysmkRiThx5YHhGIjJ5gqywonHENps9mmwtSpvxQ2KTSzsyswqb5ltTzfDFUB_rMILsFIibNbko_RpmcXwkXUQTUCc6FZfBBjU7lro5JheljqMu7460PEo434TxvI2iZHNqVeFRaRvitik5KNoUFSGUW_FgDKq9EL4ar7u4e-A-xewcHzgydo9RJUSHpg6A_Ilrt51YEUu3W_UrJs09WE71LNrbCT0lRgQ5yT3Amf32_zE1i5D1Xw-BAdcBWgHUhimBg3kmeXPGNXVWBeLDuMTrW4hBEr42XZ1lkbXgTFDZ-An4-v2KKKmKjDNoSPe_QOP8tG_sbV2-JftYKXyRK9buphPpPz4nqHKt2FH36UDNrj4b-5g2XHKzIXs9AsbMUdF_shoiczLN-PFDXgaxBZ6fRrPBDeO4HqME_04iONa5ixq11fJ2Y3efiY-bwZr7vAI7vLlr27FYBSr7vBo0e1rpnQ0V1hs9lgZg9Y6SgIdbG9bNhQgVtLD0KANPtmYAdw93T9DH-38MNGIdfLTPBl7f68uM378YCwkX946wlcCdTx6hScTVyruZCOJHJ65m8GC13Qe4iYC5WaNx5N4Xl0we0XdbbHMnrmtRiVEYG5QlPOOq9eZeyntYfblo6YsTzdnoIQsZpzK2i2unKlR2RyCTR23_1knUAidUnXZ0InonOPSC8-F87EKFeFpTedDBn5XS_5b2W9WOTgW5l0ktRZPYv-SRIKDnE1s6EQsDdVdVng0T9wNFT0fiHXy5uxZMT7YX7bwsMb9jUMmEAQujLS9-W61mmer6Q4vYel2N4P3FVuStbcQJVfOVXN0D6oFm7WW9_mQlT5ABZMUCXgj7VA0GuxEIEm4d-CKKKyCz7nBLazLreYxJGh7pdrcqsnuX_ADL4_Ht_sadzz1qQ_C0izVu8Q8Fwxa5Xc2sUIOzaFVV92gtWn4KEY8hpXW2KymsK1ffefWnqsOlFmf4e7uLe0gGi-AJ4D57yUuOj7CMfF5K9bSEO3zGE5ycg_WtdZvAtqIRAJgZMuatb8U6lzSsOslFneAI6FVFLt8xtJp8099THEh1Zyun9Gn5dMqCR8zIksbaQhZPNnU7dk_1_dVZSJCSppjk31MTfK3Qg4OF8GTnGxrxSiIoXpbPgd5FDVvW5_tplLi2LRgQkQEVhou80t9aZ09T2Tig8BKPtxkxdrVOI_1J_CIyX9b78xMFwPb1-FlMabYKEdwwLKZPU6u773oApzoxP8lMM6-nCwbMJufo208Ull9e04ZbjKDuLZ0gJ6DkcVAo225qkXizovAN_d0qrexE35Jib6WCa_fU13YmX5B3BDfXUwCmXQiNjRmJp0BdDDcesTPaJuySKNjdHOXSTen5cP7GNEUl8TYVDRH-7k1cGkRDxF8s0bGFxCiF89kKIFVcEJ3re3gYxvhNVvRDJuSHXko_Hqj1k9pzJEuebZUasMBvVZTbL7v35-LfD_tbKyl19O4_guEJcAOgAZC17YYeNAcTZZgqOg1S4jQ0h-3_fPWuObSFj36kdQDKFjZSZaoRSp4hGbYJIJAXwfuAo3WPrklnW4Vz-Lax5lAB_0RCm2TrQGe41Ualgwp9ZTscK8jDHdTL8qpewe2qWZgospiAGnEDXWywgSerlucLKjfmYkaWFMrp_sKcbCd1K5HOu90LqZDI4DsKoLtKBa3C3HMdrW0P-6vdG9zJOaaWNx6ep--f0wx5l_xzyU71bUdWh_jnwgZwynYOoAzr8f4_Vwsz0_TPA_kUK7cRMVFA-IasyO3Nogdj8iRlWK6hgTvE8UMkb-IEvVp19h0K024da9xei4i3T7GwL1fU2CoAQdftZ50ziKrpyDSxznAGo86EkiUwQljiEJ8rTC7Z9fuoKCq1w9fHN_L0VJR7GOikGLVXOEb8WHP2w0ycwx0Rm7nXdXskW8JHxV19o_CpWz8NCKfbjeBfurv8nVf4ReK3SKCtM8aZiIaztmllkP03_XjUZ9RQ9nszKg1HFLVwOUfgde1Bf0SVx5dRawmpfjGkfh8gBgSJQggQCkRO5YPGN3edURQ2KFHSUH98IlBl4kd61ePsfmozi-iR45gK-3jTyVHrdt-uPLwoGD2hWOciApB_fVvqVopxhquE8tfPe62ezrcA-T-am16yLs4T9V7aiSHhLQYHwRIwosA3Z7_nyMwthKJmsnTOR4DCR0oGM6JJ2CxqSSUk7lMs4JRd6gzupkzPP3uf4hnyCJUHTABx20M7t4SgqAU1pugyItKV3Vg1jhTPFElsGMlSvm8YA0vxhk8TEZ8iwKoBIYQi8GxmKPGYSlz7AFAwdYlFBAkt78lg3EFPZ5FPxddV7JyHlckjiGZ1tQ32mWXSQnayiU3ik-_wFm6TX_z1kKl2uj0mkY-yizN0PI7UUJaT1aoNap8eEj4k-Xyx6o1AthfntYzovSJQgJwAeUL59pQKLOoPIBFaSiNpnlfZ-MjHdR0IlKNqwUG1riceBxGJIhw8NPo5OW01NzbWPFZgiMjVV-0L3ubVFNJHpd3g0Uqr3WBP0qkIErUc4pwQgnx3IVdHmbOysgt_2Z9ScK4Oli2nv-_holOx7OuRl099XsENGP4fgznBJR2WaF549pJiCSoeFvgH-HU4BrjZm6LZ6numNPRSKBnOO76Vr6N66fN1ln5z1uKof7TLi_o1muJXP8ynKGUbQf1ylHqQ0Rl7NpiwDwS6O7u14OcGK3nINvHk8ISM4PqNM0bani9a8TJQk2OpWew1_3n7mukHF9BNz1FyGjy5z6anmxbCzW7S9iS8-_2-77ZSKSv2dFHxFbhbo6a-WNPwXHSazJKpwHVw75N-ffiX7_cQR7m-IydFSRu_sgXO1us1JRQtbueWjwITjy5um80fm_emXAEziUAM-U4JVlrZQ2O107FhTgVkgmtewvxGVUlExYD2hzj3a0YBdpQ_1el7VgFJfnQRGNmDdpvdnXNUpNa_ucJkhQhK5IWcVBReKBWp9btxok1ePNdY85fwoDaC6n1-fEGfxF6amDsrC-Xmyz5XPS6H8ZO4Hi2PvMes6VWD0HVIals_0dbFL7g3Vtumww9d5HEDGPp3JwlbVPysTn_51NKASSwD_KZ7wsiRozCrJqSM3fNjAGg7i6t2dxbKOgyF1KEF83GuXj0pJriHHGFIl5E07neYj18AUhg0Cu5eiX9abUL9QqfmijxCvKbIGCX56CzK_diCJRd8HCcm4-NBXMUgl2FbqRSjmmwCH9eDQ6HnX0zq9MRYZCP8jHkw7y5HcZiI98cYCAJ3WHha7m-8bwTV1BPbghoiVQGhzl3QZKsXWaElH63O&cid=CAASJ-RoqTV9YRFqrNN9-Xnkh0qa8BX7Yg_bjntviB5OR6TVHOn4t7iSWQ&rfl=2%2Chttps%253A%252F%252Fznaj.ua%252F%240

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c281fa4f1bb70a9358ffb91cb098a861ea7776c76dbc2b557ee84f5d8cbd063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 4973 3 KB
1 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 02:16:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4973 138 KB
42 KB 136ms
55ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 02:34:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 4973 17 KB
7 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 02:22:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4973 0
0 137ms
49ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8OqndVwyfSs170bNa8dneNvcDS-qANpOR3rZyaip0syLBPKirrUBnbDd6761TJhkcctdZ4m75xrOcaRujX_MAp7TD4g
Requested by: Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4973 42 B
494 B 165ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8sywn5fHeSkQfwzqVw3_epPyZHNKM1hTdLOuxJW66SJM2gKVygh3MVWC90XzSNqbYV4LMWzWkM7-QQwhyusXi_EWIyfaC8E0mitirPEd9wa_kswk

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 62EB 19 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 01:15:14 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D530
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEUsEYA6Ues-raBW7kbki7U&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEUsEYA6Ues-raBW7kbki7U&google_cver=1&C=1

43 B
946 B

79ms
70ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEUsEYA6Ues-raBW7kbki7U&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhip64nOATAB&v=APEucNXu7OtQimSEOJ2FUSTVkzH2aw0YV_S_II6F0EcX-ECrcJ8OAm7N6LPe2emOhMG3GblqJG8Fr500qooU_sLVzxffH9ncfymjfhexbvBM2FDp6Durn7YoiGbcMDX3ETqPvj-od3jZl82aTUiXXIUzs3vGCKFVlZF4fXqtZJU_LTiWB8Si7jI
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72f94267bd577499-LHR
pragma: no-cache
date: Sun, 24 Jul 2022 02:34:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8IyPOixwKe3vgY5yRP3a%2B2yb3NB1llavE5Z97khiA0oRGNzOk0Em1P0r%2FmbFr4LFUWnnldfDnz7tZxfZZrI8Ql2Udb9RQH%2FbwqnqWXiNjKMTtndPcwusO7yIJGJkpzuQKamhqTWeMfPbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUWvzSBQRlnvIscHMIOp3SOwfuy8uOEgM9%2FTxP7FgHUDYT13PHe8FR8pbLjt%2BFV%2FslN6ZPLACikRUlFWdz8e5v4sI%2BpAqTYwMMBh8368uZNh%2Fr67S0D8y8lsQmSZyeQGdOW%2FTDzeJGcVLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEEUsEYA6Ues-raBW7kbki7U&google_cver=1&C=1
cache-control: no-cache
cf-ray: 72f9426749bb750d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D530
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtyvzfHCmMuXnK76H7o3uwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIDQ2otvQdhUxL4ZcqECsuc&google_cver=1

43 B
914 B

70ms
69ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIDQ2otvQdhUxL4ZcqECsuc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhip64nOATAB&v=APEucNXu7OtQimSEOJ2FUSTVkzH2aw0YV_S_II6F0EcX-ECrcJ8OAm7N6LPe2emOhMG3GblqJG8Fr500qooU_sLVzxffH9ncfymjfhexbvBM2FDp6Durn7YoiGbcMDX3ETqPvj-od3jZl82aTUiXXIUzs3vGCKFVlZF4fXqtZJU_LTiWB8Si7jI
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72f942690e8d7499-LHR
pragma: no-cache
date: Sun, 24 Jul 2022 02:34:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tEX2RK%2FDh6QLJx%2FvoGxOiJlhQaw2T%2F3fYDf0P6tbYXjVwHySCRVAQKmnfFNdFpILDayNpWLMBUQ5wc27q%2BK6P8MHsLqArrnvcdh5EFgtkSWGwomjNvOgtPv5G%2F%2FKl2uuKD4IzsMUSfnzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIDQ2otvQdhUxL4ZcqECsuc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D530
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEuWiYixdNugi7zIoEHGQ3A&google_cver=1

43 B
1020 B

42ms
42ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEuWiYixdNugi7zIoEHGQ3A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhip64nOATAB&v=APEucNXu7OtQimSEOJ2FUSTVkzH2aw0YV_S_II6F0EcX-ECrcJ8OAm7N6LPe2emOhMG3GblqJG8Fr500qooU_sLVzxffH9ncfymjfhexbvBM2FDp6Durn7YoiGbcMDX3ETqPvj-od3jZl82aTUiXXIUzs3vGCKFVlZF4fXqtZJU_LTiWB8Si7jI

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ac9bfcda-7e43-4d89-a404-ee027a9ac4b0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEuWiYixdNugi7zIoEHGQ3A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D530
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxNzM1MTMzMTkwMjQyNTczMQ%3D%3D

170 B
243 B

105ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxNzM1MTMzMTkwMjQyNTczMQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:34:53 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 45776547-ec3e-4cdc-bcf7-cfeb3f6c31eb
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxNzM1MTMzMTkwMjQyNTczMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 4973 170 KB
59 KB 210ms
55ms Script
text/javascript 2a00:1450:401b:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:401b:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
Origin: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 19:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Jul 2022 19:46:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 4973 8 KB
3 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTIGYaQIdmNnRFmWQR3QXpJ-SbsUIKbmp1xq17ERoet-7T5Wvbto6sn49Vr8uCJApvBe4iBwWvRZ5lifH2NwVr8GUyJ5YB9FXtssdogr3OkSrATLwQpj3avQk6lSB667PyquAezLriyQsdsAgBrLEbj_GsVw&dbm_d=AKAmf-B53cDbhPyY2nDIG7WbDUkP6bo5xLGf-VTsAA2bMSbdTDM5HJHE0rSOKG3OY4xUQDLT_jCPBLAI3W_A1VfObw4hFDFnunoP6w9zaz9E6j0fqCuwqkRuYV_aOgjf0jukZbtn7FkFfyRQ-FUd5OyWR9MtNqyKs-vnxlEoNIuHM33xeb2cldZuQATGnLirRJuPku90crXpEvref0sBAtCgy0tiS6o_WLfkM1uEC5SYPYDla-UlEGFKY_sqjejjjQCL_fD92x6xdMCp9mrGACAH1X8rwF32G3jdEdjJRdjnveenWMZeHnAFqsZOettSmGFHlSTSLVYQJj40JAknl3xNafS91FOVplCKAPqRwTFst6u8oyVkPHZbFr4GBb2kYLsUGqrge0V4fXq1F2sWDllbNDBEqg4wpA3-MSExd9r304lCigb0trUsl3SIlJTx-qlLnBGJrGqlccbYfwYVE6ysmkRiThx5YHhGIjJ5gqywonHENps9mmwtSpvxQ2KTSzsyswqb5ltTzfDFUB_rMILsFIibNbko_RpmcXwkXUQTUCc6FZfBBjU7lro5JheljqMu7460PEo434TxvI2iZHNqVeFRaRvitik5KNoUFSGUW_FgDKq9EL4ar7u4e-A-xewcHzgydo9RJUSHpg6A_Ilrt51YEUu3W_UrJs09WE71LNrbCT0lRgQ5yT3Amf32_zE1i5D1Xw-BAdcBWgHUhimBg3kmeXPGNXVWBeLDuMTrW4hBEr42XZ1lkbXgTFDZ-An4-v2KKKmKjDNoSPe_QOP8tG_sbV2-JftYKXyRK9buphPpPz4nqHKt2FH36UDNrj4b-5g2XHKzIXs9AsbMUdF_shoiczLN-PFDXgaxBZ6fRrPBDeO4HqME_04iONa5ixq11fJ2Y3efiY-bwZr7vAI7vLlr27FYBSr7vBo0e1rpnQ0V1hs9lgZg9Y6SgIdbG9bNhQgVtLD0KANPtmYAdw93T9DH-38MNGIdfLTPBl7f68uM378YCwkX946wlcCdTx6hScTVyruZCOJHJ65m8GC13Qe4iYC5WaNx5N4Xl0we0XdbbHMnrmtRiVEYG5QlPOOq9eZeyntYfblo6YsTzdnoIQsZpzK2i2unKlR2RyCTR23_1knUAidUnXZ0InonOPSC8-F87EKFeFpTedDBn5XS_5b2W9WOTgW5l0ktRZPYv-SRIKDnE1s6EQsDdVdVng0T9wNFT0fiHXy5uxZMT7YX7bwsMb9jUMmEAQujLS9-W61mmer6Q4vYel2N4P3FVuStbcQJVfOVXN0D6oFm7WW9_mQlT5ABZMUCXgj7VA0GuxEIEm4d-CKKKyCz7nBLazLreYxJGh7pdrcqsnuX_ADL4_Ht_sadzz1qQ_C0izVu8Q8Fwxa5Xc2sUIOzaFVV92gtWn4KEY8hpXW2KymsK1ffefWnqsOlFmf4e7uLe0gGi-AJ4D57yUuOj7CMfF5K9bSEO3zGE5ycg_WtdZvAtqIRAJgZMuatb8U6lzSsOslFneAI6FVFLt8xtJp8099THEh1Zyun9Gn5dMqCR8zIksbaQhZPNnU7dk_1_dVZSJCSppjk31MTfK3Qg4OF8GTnGxrxSiIoXpbPgd5FDVvW5_tplLi2LRgQkQEVhou80t9aZ09T2Tig8BKPtxkxdrVOI_1J_CIyX9b78xMFwPb1-FlMabYKEdwwLKZPU6u773oApzoxP8lMM6-nCwbMJufo208Ull9e04ZbjKDuLZ0gJ6DkcVAo225qkXizovAN_d0qrexE35Jib6WCa_fU13YmX5B3BDfXUwCmXQiNjRmJp0BdDDcesTPaJuySKNjdHOXSTen5cP7GNEUl8TYVDRH-7k1cGkRDxF8s0bGFxCiF89kKIFVcEJ3re3gYxvhNVvRDJuSHXko_Hqj1k9pzJEuebZUasMBvVZTbL7v35-LfD_tbKyl19O4_guEJcAOgAZC17YYeNAcTZZgqOg1S4jQ0h-3_fPWuObSFj36kdQDKFjZSZaoRSp4hGbYJIJAXwfuAo3WPrklnW4Vz-Lax5lAB_0RCm2TrQGe41Ualgwp9ZTscK8jDHdTL8qpewe2qWZgospiAGnEDXWywgSerlucLKjfmYkaWFMrp_sKcbCd1K5HOu90LqZDI4DsKoLtKBa3C3HMdrW0P-6vdG9zJOaaWNx6ep--f0wx5l_xzyU71bUdWh_jnwgZwynYOoAzr8f4_Vwsz0_TPA_kUK7cRMVFA-IasyO3Nogdj8iRlWK6hgTvE8UMkb-IEvVp19h0K024da9xei4i3T7GwL1fU2CoAQdftZ50ziKrpyDSxznAGo86EkiUwQljiEJ8rTC7Z9fuoKCq1w9fHN_L0VJR7GOikGLVXOEb8WHP2w0ycwx0Rm7nXdXskW8JHxV19o_CpWz8NCKfbjeBfurv8nVf4ReK3SKCtM8aZiIaztmllkP03_XjUZ9RQ9nszKg1HFLVwOUfgde1Bf0SVx5dRawmpfjGkfh8gBgSJQggQCkRO5YPGN3edURQ2KFHSUH98IlBl4kd61ePsfmozi-iR45gK-3jTyVHrdt-uPLwoGD2hWOciApB_fVvqVopxhquE8tfPe62ezrcA-T-am16yLs4T9V7aiSHhLQYHwRIwosA3Z7_nyMwthKJmsnTOR4DCR0oGM6JJ2CxqSSUk7lMs4JRd6gzupkzPP3uf4hnyCJUHTABx20M7t4SgqAU1pugyItKV3Vg1jhTPFElsGMlSvm8YA0vxhk8TEZ8iwKoBIYQi8GxmKPGYSlz7AFAwdYlFBAkt78lg3EFPZ5FPxddV7JyHlckjiGZ1tQ32mWXSQnayiU3ik-_wFm6TX_z1kKl2uj0mkY-yizN0PI7UUJaT1aoNap8eEj4k-Xyx6o1AthfntYzovSJQgJwAeUL59pQKLOoPIBFaSiNpnlfZ-MjHdR0IlKNqwUG1riceBxGJIhw8NPo5OW01NzbWPFZgiMjVV-0L3ubVFNJHpd3g0Uqr3WBP0qkIErUc4pwQgnx3IVdHmbOysgt_2Z9ScK4Oli2nv-_holOx7OuRl099XsENGP4fgznBJR2WaF549pJiCSoeFvgH-HU4BrjZm6LZ6numNPRSKBnOO76Vr6N66fN1ln5z1uKof7TLi_o1muJXP8ynKGUbQf1ylHqQ0Rl7NpiwDwS6O7u14OcGK3nINvHk8ISM4PqNM0bani9a8TJQk2OpWew1_3n7mukHF9BNz1FyGjy5z6anmxbCzW7S9iS8-_2-77ZSKSv2dFHxFbhbo6a-WNPwXHSazJKpwHVw75N-ffiX7_cQR7m-IydFSRu_sgXO1us1JRQtbueWjwITjy5um80fm_emXAEziUAM-U4JVlrZQ2O107FhTgVkgmtewvxGVUlExYD2hzj3a0YBdpQ_1el7VgFJfnQRGNmDdpvdnXNUpNa_ucJkhQhK5IWcVBReKBWp9btxok1ePNdY85fwoDaC6n1-fEGfxF6amDsrC-Xmyz5XPS6H8ZO4Hi2PvMes6VWD0HVIals_0dbFL7g3Vtumww9d5HEDGPp3JwlbVPysTn_51NKASSwD_KZ7wsiRozCrJqSM3fNjAGg7i6t2dxbKOgyF1KEF83GuXj0pJriHHGFIl5E07neYj18AUhg0Cu5eiX9abUL9QqfmijxCvKbIGCX56CzK_diCJRd8HCcm4-NBXMUgl2FbqRSjmmwCH9eDQ6HnX0zq9MRYZCP8jHkw7y5HcZiI98cYCAJ3WHha7m-8bwTV1BPbghoiVQGhzl3QZKsXWaElH63O&cid=CAASJ-RoqTV9YRFqrNN9-Xnkh0qa8BX7Yg_bjntviB5OR6TVHOn4t7iSWQ&rfl=2%2Chttps%253A%252F%252Fznaj.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 02:02:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 4973 27 KB
10 KB 119ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0
server: cafe
etag: 4815257668744283084
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 01:53:41 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 133ms
51ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 314 KB
65 KB 382ms
382ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1146306705698415&correlator=4050451167249802&eid=42531607&output=ldjh&gdfp_req=1&vrg=2022071901&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_ITA_336%2CZNA_ITA_336_1%2CZNA_ITA_336_2%2CZNA_SBR_300c&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C336x280%7C600x280%2C320x50%7C336x280%7C600x280%2C320x50%7C336x280%7C600x280%2C300x600&fluid=height%2Cheight%2Cheight%2C0&ifi=2&adks=1604177946%2C1670658071%2C2070129014%2C3542710887&sfv=1-0-38&fsbs=1%2C1%2C1%2C1&ecs=20220724&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D36a9831153c6f3c3-22451683d9cd006c%3AT%3D1658630093%3AS%3DALNI_MZOGFcBygBvRfNBC1iEjLlSOUt5nQ&abxe=1&dt=1658630093947&lmt=1658629215&dlt=1658630092270&idt=852&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=1377415786.1658630092&ga_sid=1658630093&ga_hid=2026776659&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5138c1c39bb5a98ef91127693e57bc21ebeaa4522e372bafc2bb5c4012bfb144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66794
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 164ms
56ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Jul 2022 02:34:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4973 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 16:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 16:10:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BCDA 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 259007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 02:38:07 GMT
expires: Fri, 21 Jul 2023 02:38:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame BCDA 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 19:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 19:55:57 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 161ms
54ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Jul 2022 02:34:54 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 16 KB
4 KB 186ms
75ms Document
text/html 2a00:1450:401b:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401b:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5b0d192ee3b3cde3ce23571af9b2a7731f406f50f651a8963e6de0bc6ec97df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3824
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:34:54 GMT
expires: Mon, 24 Jul 2023 02:34:54 GMT
last-modified: Fri, 24 Jun 2022 10:52:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 288ms
288ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1146306705698415&correlator=1363712268102663&eid=42531607&output=ldjh&gdfp_req=1&vrg=2022071901&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_ATC_970&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&fluid=height&ifi=6&adks=2184955199&sfv=1-0-38&fsbs=1&ecs=20220724&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D36a9831153c6f3c3-22451683d9cd006c%3AT%3D1658630093%3AS%3DALNI_MZOGFcBygBvRfNBC1iEjLlSOUt5nQ&abxe=1&dt=1658630094291&lmt=1658629215&dlt=1658630092270&idt=852&adxs=315&adys=147&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1377415786.1658630092&ga_sid=1658630093&ga_hid=2026776659&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

10f04b823fd651817d0ace140e509ce8a5842150c62d4c46d30752ef815fbe89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12488
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCDA 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BM3CTza_cYtv3LqLBx_APu72X8AkAAAAAOAHgBAI&bg=!LC-lL2vNAAacadVKvGk7ACkAdvg8WhIPhhaQijjzI_ldzteNJWu2GSCDX8w-Dwp0WLtcAbutWq0ZyAIAAABLUgAAAAJoAQeZAyMuwPeiVWPt6xJ26KkjFU0zEL8Xgund-4ELs04QKbp-_o6c4rytiyNbCZ1E9v3CS8ft6ubNb_r9_7AlCr_vd4qyewpOy2nNfvkh1qU03KjfgP4Dbf6OUua6CFVEWHGF-_IulQlaPEGq_FeXj7XDbsDg_5om7OOps0eVnX4ICf0DaRG_IhwklEewLhMLwDlD5p9GkJAAVvueOjm7X2LEf_LuIdcMCdr84dUKt8VhpSOKhU6ZVbHo8pSwSI_-eDavY1QQcXGKpzqzmPh9tRAunhV0M9NBB-1acXx0Jnj3NaEisKszy3GGkaNlmaQzf1bHwp3FG7Cu2IgFKuJgw3Za8ih7VY4mQ6odtP7qR5Tjf_t902QVYk0krR8q2lOCgP6Pk0pyC2SU7vbYGPkTXkEFNr9EJ4IUHFxntpAdKVXWkUaOUYlRAnpte9WGsD-mTafS1Mgs0s7f_OrwkiysV1FaA_amqAXH1eKUn09FBxWIcAal7vNFf4UF3ayFJkTr-4F2cg5jIElt_qdj9kBD9D6pf_xkuWvvuBG7m31x15GYlnwhcRrdSAEZ6HKIqa_RqHNhfHbbM_sFgyQUjVhfHj0MeFAvS2Sn5mMfax7H8QwMBcN_r7tl00HYpbKEjO9Y6lhYqhfICZZRg6cBu18yqicKn5S-TPI-f0Qv1UEre-qnZGVZiZhH1CzZJ1SxFPI8eOd_-_XNKKerdPGzTc6lWqxHnY81wl46OmpHkHHUj_-KPP_Y0ej-R8c43-WgMP9VPbpcnqa89Y288cL-tj1BQINfX9OLYdc_K6aawqNeVUFjnJpE5J_XRi-o0CC-ZP6GuJT_6m5KQiGRfRBYa4gCwRTR1EYDRgvIi-b2LjyB2RtSd6gsTpgsqyQE0t3KlXrPgpzeijVS4j1xgmprmbKGyYjJuFmI8ilSVD9UYTm3s9hE8cR1umgKZDRExZ_G8ySsbVkmvCKocAHGPD7Du5dolVQsGX8JWNw8ZrL3lAHeDAiYVfvoK4z9qGSjzNUY2JfpkpH9b58Dj2QVQ5YkVnOIwykpwlokbi2HkdPTrd8IsKMbuiNN3pBi0A

Requested by

Host: 3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
URL: https://3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 5 KB
2 KB 56ms
55ms Stylesheet
text/css 2a00:1450:401b:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401b:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab2aaa5ac5a63a5570f2cc7787732912e4fd0ed7d1119e759a30808eb0997fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 10:52:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Jul 2023 12:34:11 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 8 KB
1 KB 58ms
57ms Stylesheet
text/css 2a00:1450:401b:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401b:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4828c6ad4efd634304cec498cff429b284b6e5c8b0e46b2b3a97c5dc5357cf3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1295
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 10:52:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Jul 2023 12:34:11 GMT

GET
H3 200 jquery-3.6.0.min.js Show response
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 87 KB
30 KB 80ms
79ms Script
application/x-javascript 2a00:1450:401b:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/jquery-3.6.0.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401b:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31027
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 10:52:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Jul 2023 12:34:11 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C5AD 118 KB
40 KB 57ms
56ms Script
text/javascript 2a00:1450:401b:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401b:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 17:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Jul 2022 17:02:34 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C5AD 57 KB
23 KB 133ms
132ms Script
text/javascript 2a00:1450:401b:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401b:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/index.html?e=69&leftOffset=0&topOffset=0&c=CgVkOBX0iI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Jul 2022 02:34:54 GMT

GET clouds.png
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 0
0

GET clouds2.png
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 0
0

GET splittext.min.js
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 0
0

GET adlibUtils-v3.js
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 0
0

GET animation.js
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 0
0

GET weather.js
s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/ Frame C5AD 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207071723000/ 220 KB
61 KB 143ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 315084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61513
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a40ea3ab2445e497"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ 14 KB
5 KB 211ms
109ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 315084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5205
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ecf6d7700179f984"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ 94 KB
28 KB 218ms
116ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 315084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28819
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ca8eecb6dce4cd9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ 5 KB
2 KB 232ms
131ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 315084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1910
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4aeabff663ac872e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ 40 KB
13 KB 233ms
132ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 315084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 11:03:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "10eeb975567515a5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 11:03:30 GMT

GET
H3 200 css
fonts.googleapis.com/ 4 KB
621 B 135ms
51ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 01:35:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 02:34:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 02:34:54 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ 3 KB
3 KB 42ms
41ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:22:05 GMT
x-content-type-options: nosniff
server: cafe
age: 65569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Sun, 24 Jul 2022 08:22:05 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ 344 B
368 B 40ms
40ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 17:34:18 GMT
x-content-type-options: nosniff
server: cafe
age: 32436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 24 Jul 2022 17:34:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 49ms
48ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiTD-GYOy_xbA1U3ff4NzaVRDz6OCrrWnfBjZIME4vHU4KShkuD3vjfv7F-T--xMYMfbsKqeTOPyr5nSUOcTHYp-qPvw
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 85ms
85ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZTTyzq_cYu2_FcjlgAfVlaeQBfGSpMVq7b7Wt_QPsJAfEAEgjLXie2C7hoCA0AqgAbnCvJ4DyAEJ4AIAqAMByAMKqgT8AU_QvPlrkzSIRQ0duI7Lph6xFzNBR4ZZ3Sc6Je2pvq-D4Y7xlwtZl9-_iLFLHTmc80pKO3SUCIoCQYTkqfeRH9_QYHRgdQpdpQz50O0n6UtpD5vD8UQUooQFjh7yg8-WY6SjUd3feWFqTtVUm-2xKE3ryiPW358yVVt-kKRi_6qjpFWm-Ji8fwBX5ppld1_uTVUgQdbtCUItdhL8Vh3i29omYWYaxr-ZjYFdG3ZOMnKNqe9zcqNgc9p-2xAjfe48OBdyr7oMKr6Z-lAbm2pn_jW40IQTM8wxQo6NeobmidE8uvhNZFrNCLTQSZq21ZZHMSw18RQkxnEJTA3adcAEmaPE__0D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6-9w2GoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCHuRPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbgT5APYEwqIFAHQFQGAFwGyFx4KHAgAEhRwdWItODQxNzEyNjE5NzUzNzc2MhiLgnQ&sigh=Eu6ASaQ3Tug&uach_m=[UACH]&template_id=484
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/15094107461311083876/ 24 KB
24 KB 78ms
78ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15094107461311083876/6592766407814317453

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cce3503fa6b18b44db146754c0ab6212cd6a7ea7fdadc060d5de670b16bc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:34:54 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24537
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 19:38:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Jul 2023 02:34:54 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13239003163086097109/ 2 KB
2 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13239003163086097109/downsize_200k_v1?w=100&h=100

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7e860e0ba31e067b2bd5b503434a84fb7d501e6f9c0aec09ab12a51efd3d923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 07:11:57 GMT
x-content-type-options: nosniff
age: 501777
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2089
x-xss-protection: 0
last-modified: Mon, 29 Apr 2019 17:22:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Jul 2023 07:11:57 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8ef415d265ca5fe180b055d3bb10be4f38b28092f5673d6b62a888e4ddfbd0f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://znaj.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 323405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 08:44:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 139ms
52ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://znaj.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 239583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 08:01:51 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 83ms
82ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAHaAcM_dTtFfyKii8lbP0SQgHLFHOVYzxhe5RT963-ea8YrLB8HUsEzWNqATQaCXMTPsnpzzbpO1Ox0AI2YXl8szVU2j7PioYZ6w9iP-IBJQ6NYPzenruUjKOkFF42XWVcWuaWf0sC-4a8JY1Oc0yMvjH3pz51l7BwUrobzM&sai=AMfl-YSaIn1_68rkakKFGOGfJtaImVYPb3_Vjw8j_G7vDsqJbw-ssr1EWBI5_5wObBRHxQoW37KhWX_0o8I5Tgv4APk7KHDBa9TUtxCokbBLYD_u89WJP1oXH5RYbSQ&sig=Cg0ArKJSzAZs2C8MkMc2EAE&cid=CAASF-RoqtBZRHE9AIe3-wM99M6iwzQKbbnF&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=2804&tls=3804&g=100&h=100&tt=3804&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2184955199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:34:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghb.adtelligent.com
URL: https://ghb.adtelligent.com/v2/auction/

Domain: ghb1.adtelligent.com
URL: https://ghb1.adtelligent.com/v2/auction/

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/clouds.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/clouds2.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/splittext.min.js

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/adlibUtils-v3.js

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/animation.js

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4365170200954273792/300x250-Spring2022/weather.js

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.znaj.ua/	1970-01-20 22:15:02	Name: _ga Value: GA1.2.1377415786.1658630092
.znaj.ua/	1970-01-20 04:45:16	Name: _gid Value: GA1.2.13144544.1658630092
.znaj.ua/	1970-01-20 04:43:50	Name: _gat Value: 1
.znaj.ua/	1970-01-20 04:43:50	Name: _gs_lp Value: 2a0c975e
.znaj.ua/	1970-01-20 04:43:50	Name: _gs_d Value: 1
.znaj.ua/	1970-01-20 04:43:50	Name: _gs_sd Value: 1
.znaj.ua/	1970-01-20 04:43:50	Name: _gs_s Value:
.znaj.ua/	1970-01-20 13:22:14	Name: _gs_ul Value: 62dcafcd
.znaj.ua/	1970-01-20 04:43:50	Name: _gs_ss Value:
.s.getstat.net/	1970-01-20 04:43:50	Name: _gs_si Value: 4283afda3b17bdd3
.s.getstat.net/	1970-01-20 13:29:26	Name: _gs_ui Value: 8aea953b-b0c4-4609-b0a4-1b34f4cf8155
znaj.ua/	1970-01-20 04:43:51	Name: session_id Value: 1578a4cd-1d1a-4909-a6c6-d5fdbcb6a58d
znaj.ua/	1970-01-20 04:43:51	Name: session_pageview Value: 1658630093.1
znaj.ua/	1970-01-20 05:27:02	Name: site_visited Value: 1658716493.1
znaj.ua/	1970-01-21 08:30:30	Name: lapuid Value: b24feff7-4924-4152-b82d-1d7724c429f6
a4p.adpartner.pro/	1970-01-21 08:30:30	Name: apudmg Value: 1
a4p.adpartner.pro/	1970-01-20 06:10:14	Name: apuid Value: 7cc7936b-19f6-4121-b80f-fe35351a2664
.adnxs.com/	1970-01-20 06:53:26	Name: uuid2 Value: 4617351331902425731
.rubiconproject.com/	1970-01-20 13:29:26	Name: khaos Value: L5YPJ6QH-1T-BY8D
.rubiconproject.com/	1970-01-20 13:29:26	Name: audit Value: 1\|hLZGFuTafB0Snx+K+aCIyVqbBgMWySGKoH1GQZR6kujhvg77JRs8Aherd52kps+0BJvlmHBlywrMboWaW1ii7d5dJOqv/cml
.adnxs.com/	1970-01-20 06:53:26	Name: icu Value: ChgInql9EAoYAiACKAIwzd_ylgY4AkACSAIQzd_ylgYYAQ..
.doubleclick.net/	1970-01-20 14:05:26	Name: IDE Value: AHWqTUmFPrXpxqmIL_GtqeUuM84EfEKCAsoRKYQ_nuTcTAzZT4xYcqPrheN0y2Q7MjM
.adnxs.com/	1970-01-20 06:53:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Qx6sE@!]tbPl1M>e)ZlrFUfJ+tGXxoXFrA9$EovWfFrU^'U#Vm6PS8b!YZTV`X?Npg3If)y3KL9D3I?+NldWIC
.casalemedia.com/	1970-01-20 06:53:26	Name: CMPS Value: 4459
.casalemedia.com/	1970-01-20 13:29:26	Name: CMID Value: YtyvzfHCmMuXnK76H7o3uwAA
.casalemedia.com/	1970-01-20 06:53:26	Name: CMPRO Value: 4391
.casalemedia.com/	1970-01-20 06:53:26	Name: CMTS Value: 4548
.znaj.ua/	1970-01-20 14:05:26	Name: __gads Value: ID=36a9831153c6f3c3:T=1658630093:S=ALNI_MZwE2z6W6YEZz9bQOqYhPHIwZaVIw

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://cdn-b.notsy.io/ Message: Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://cdn-b.notsy.io/ Message: Refused to frame 'https://eb2.3lift.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://cdn-b.notsy.io/ Message: Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://cdn-b.notsy.io/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://cdn-b.notsy.io/ Message: Refused to frame 'https://eb2.3lift.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3135033f958cd9fc34ee0ccab3f51f17.safeframe.googlesyndication.com
a4p.adpartner.pro
adservice.google.co.uk
adservice.google.com
adx.adform.net
aixcdn.com
bidder.criteo.com
c.aixcdn.com
c.amazon-adsystem.com
cdn-b.notsy.io
cdn.ampproject.org
cdn.getpush.net
cdn.jsdelivr.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s.getstat.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tlx.3lift.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
ym-tack.b-cdn.net
znaj.ua
ghb.adtelligent.com
ghb1.adtelligent.com
s0.2mdn.net
104.18.19.126
138.199.37.230
142.250.185.66
143.204.93.3
172.217.16.194
178.250.2.131
18.195.191.124
2602:803:c004:200::140
2606:4700:20::681a:12a
2606:4700:3030::6815:2157
2606:4700:3031::ac43:b689
2606:4700::6810:5614
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9a
2a00:1450:401b:806::2006
2a02:2638::3
2a06:98c1:3121::3
37.157.2.236
37.252.172.250
54.38.197.123
84.17.46.54
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a2e2cb7ae2e11569666e279178f8e3905dda858808c90cd3eb4b16fc6e852d8
0a653ffd2c19e83076a5c640e1b7bed9aeac7c84d8252ecda126db9f3229847f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10f04b823fd651817d0ace140e509ce8a5842150c62d4c46d30752ef815fbe89
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1c281fa4f1bb70a9358ffb91cb098a861ea7776c76dbc2b557ee84f5d8cbd063
1d473f5fa2ef918c368f7f661a07561dcff825df20a37c9b9c63e50c2819305e
25d5577c3c071c3b72856378e4f603cd369ad308f244a8be167975ad157f5406
272bd67020a535e1e2c05b326b38cfebacbf57fb006623a7007af4ee0af55980
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71
3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937
3e6eb089aade1932a634c0b0e2aff1b3993ea1775de672aa8914f47e1a5ffba1
3f292e02c435915c87ca4f6a33db85fed4654194fc029b0bc766ad2c5cf40e09
4828c6ad4efd634304cec498cff429b284b6e5c8b0e46b2b3a97c5dc5357cf3d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca425f05467897494883fa80e34874b7aa9dd4eb4c88f47fda1a4de108dfb28
4fb131c323dedec316e7389799897b88c14abc1f8b062532fce3efd4fe5ae775
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5138c1c39bb5a98ef91127693e57bc21ebeaa4522e372bafc2bb5c4012bfb144
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc
57725bb6019bbb3e735b2af15574b85cae1fb6b7ad5e66203cce5b50ccd0df2c
5853f3128578e87eded297ddb80a8531841f9e317decff2b6c3716902f440d8c
5cce3503fa6b18b44db146754c0ab6212cd6a7ea7fdadc060d5de670b16bc261
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
63950b1d6ddca519998fe9e7a753713be9dd0048fbfe6c8bb3e15049f48e3197
673033a3d7a066df2524428005858351717bb096ffcc3236fea0c79c5ec73f74
73b7a0b5f72cd348760f1732bca95115c24a429575e00f5deaef864cc7fb5bf2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75db6eb2a94fc79b3233218d0f4d0edb09629ce57e41efd7bd23103b64485042
7815d78af3d8a10a14050313cbbcabfe382427dc40673eef4beb7cd869d3303c
7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a334919b750ee03e0f707fb7ceca9cb21ccedd24de6d96576c3bfd7e558f7991
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b0d192ee3b3cde3ce23571af9b2a7731f406f50f651a8963e6de0bc6ec97df
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e860e0ba31e067b2bd5b503434a84fb7d501e6f9c0aec09ab12a51efd3d923
a9c05bae5d9703a8d1491c705793492fb890fc87c19874a4d5e93c001734208a
aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97
ab2aaa5ac5a63a5570f2cc7787732912e4fd0ed7d1119e759a30808eb0997fde
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b07146dab8bd2fd1dd8afac76a63a30ee1b7c90f8a968678efdf62dad114aa51
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2be93b047e245a0d15f81797b7b461a63199f1bb61d6b796d4cdb28f3ab6c4f
b3a3d13739ca28267ff2cfa3e7f5be4f7bb99c9ee31fdbfb23d20023b72db37e
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979
bf3b59ede3446e27932b4d706e6e085273bfb224e5d7b25bff79764a4958dfb4
bf5e7a5c3b937b1ed43aa150cf14f489f2a091b658340a6d86fe8d660f62b1ca
c1317301e54961412ac302126d80f8121564af234624573251ddde5c84c1bb8a
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a
cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb
d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
d294bffe32a33a515a30028cc45bf37380be444eed1e1262da14840d60415d85
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
d46ceb2bde60881fb19d81ed006513a18f1fa2428fe60af86e50e308a13f298f
db7b7dc029aadf4c26e5ad370b70c77c812936e206519fb854123588c074da9e
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8ef415d265ca5fe180b055d3bb10be4f38b28092f5673d6b62a888e4ddfbd0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf
f4d712fb4a81d9f7f4b22b512f96d90b1366d9b6fb9f45b86d9d09e6a0fc106d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

znaj.ua Open in urlscan Pro 2606:4700:20::681a:12a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

90 %HTTPS

65 %IPv6

27 Domains

36 Subdomains

32 IPs

8 Countries

1360 kBTransfer

3840 kBSize

28 Cookies

5 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

znaj.ua Open in urlscan Pro
2606:4700:20::681a:12a Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

90 %
HTTPS

65 %
IPv6

27
Domains

36
Subdomains

32
IPs

8
Countries

1360 kB
Transfer

3840 kB
Size

28
Cookies

123 HTTP transactions
3 data transactions