znaj.ua Open in urlscan Pro
2606:4700:20::681a:12a Public Scan

URL: https://invite.viber.com/?g2=AQBHp854yy0BjknLCovlazGCqvAmipQtzJqWDxlaZXNq4%2FMp3TOY868DzX9xyWLg

URL: https://flipboard.com/@ZnajUA?from=share

URL: https://www.pinterest.com/znajznaj/

URL: https://war.znaj.ua/
Title: Війна

URL: https://grosi.znaj.ua/
Title: Гроші

URL: https://life.znaj.ua/
Title: Життя

URL: https://kyiv.znaj.ua/
Title: Київ

URL: https://kharkiv.znaj.ua/
Title: Харків

URL: https://www.youtube.com/channel/UCwgXH0dz8d8SiYeMLg9WtIw?sub_confirmation=1
Title: Анекдоти

URL: https://war.znaj.ua/429661-ukrajinka-vidpustila-cholovika-gasiti-pozhezhu-i-vtratila-nazavzhdi-cherez-putina-kolega-karpachova-dala-cinnu-poradu-2-3-godini
Title: Українка відпустила чоловіка гасити пожежу і втратила назавжди через путіна, колега Карпачова дала цінну пораду: "2-3 години"

URL: https://sport.znaj.ua/429710-yegor-krutogolov-z-dizel-studio-nagadav-yak-smachno-pahnut-litom-shashliki-prigodi-na-vidpochinku
Title: Єгор Крутоголов з "Дізель Студіо" нагадав, як смачно пахнуть літом шашлики: "Пригоди на відпочинку"

URL: https://sport.znaj.ua/429676-sergiy-zhadan-pokazav-ukrajinskih-gerojiv-yaki-zhenut-nechist-nazad-do-rosiji-ce-nasha-zemlya
Title: Сергій Жадан показав українських героїв, які женуть нечисть назад до росії: "Це наша земля"

URL: https://sport.znaj.ua/429678-hristina-gornyak-poskarzhilasya-na-postiyniy-stres-i-bezsillya-emociyna-yama
Title: Христина Горняк поскаржилася на постійний стрес і безсилля: "Емоційна яма"

URL: https://sport.znaj.ua/429758-donka-polyakovoji-masha-vidala-simeynu-tayemnicyu-olya-jiji-vihovuvala-zhorstko-b-ye-vichno-po-klavishah-nosom
Title: Донька Полякової Маша видала сімейну таємницю - Оля її виховувала жорстко: "Б'є вічно по клавішах носом"

URL: https://grosi.znaj.ua/429790-golovne-za-19-chervnya-surzhik-boris-dzhonsona-rozruha-alini-grosu-rodinni-zv-yazki-klichka-z-marchenkom-i-znizhennya-cin-na-azs
Title: Головне за 19 червня: суржик Борис Джонсона, розруха Аліни Гросу, родинні зв'язки Кличка з Марченко і зниження цін на АЗС

URL: https://sport.znaj.ua/429660-poki-viyna-ruynuye-ukrajinu-odesitka-regina-todorenko-zaynyata-pisyami-shche-y-kartinki-pokazala
Title: Поки війна руйнує Україну одеситка Регіна Тодоренко зайнята пісями: ще й картинки показала

URL: https://sport.znaj.ua/429680-olena-kristina-lebid-v-centrifuzi-anna-zhizha-v-krimu-a-aleks-yakutov-na-nezakonniy-ribolovli-zirki-rozkrili-priyemni-sekreti
Title: Олена-Крістіна Лебідь в "центрифузі", Анна Жижа в Криму, а Алекс Якутов на незаконній риболовлі - зірки розкрили приємні секрети

URL: https://grosi.znaj.ua/429721-yak-spriynyali-makron-i-sholc-volodimira-zelenskogo-u-futbolci-na-zustrichi-z-yevropeyskimi-liderami
Title: Як сприйняли Макрон і Шольц Володимира Зеленського у футболці на зустрічі з європейськими лідерами

URL: https://sport.znaj.ua/429724-irina-bilik-podililasya-bolem-zhinki-yaka-divom-vizhila-ta-vryatuvalasya-z-mariupolya-z-malenkimi-donechkami
Title: Ірина Білик поділилася болем жінки, яка дивом вижила та врятувалася з Маріуполя з маленькими донечками

URL: https://sport.znaj.ua/429681-nataliya-mogilevska-zadumalasya-pro-seryozni-zmini-v-zhitti-vid-usogo-perezhitogo
Title: Наталія Могилевська задумалася про серйозні зміни в житті: "Від усього пережитого"

URL: https://sport.znaj.ua/429673-katya-nikitina-z-zhinochogo-kvartalu-vdyagnula-viyskovu-formu-azh-murahi-po-shkiri
Title: 05:35 сьогодні, 05:35 Катя Нікітіна з "Жіночого кварталу" вдягнула військову форму: "Аж мурахи по шкірі"

URL: https://sport.znaj.ua/429688-olena-kristina-lebed-rozpovila-svoji-mriji-pislya-novini-pro-tayru-chekayu-na-ofigenniy-ranok
Title: 23:05 вчора, 23:05 Олена-Крістіна Лебедь розповіла свої мрії, після новини про Тайру: "Чекаю на офігенний ранок"

URL: https://sport.znaj.ua/429674-oleksandr-pedan-ogoliv-tors-i-rozpoviv-pro-velikiy-vnesok-u-maybutnye-ya-mriyu
Title: 22:35 вчора, 22:35 Олександр Педан оголив торс і розповів про великий внесок у майбутнє: "Я мрію..."

URL: https://sport.znaj.ua/429734-zirka-shou-maska-dasha-tregubova-pokazala-kolir-nastroyu-i-pirnula-u-nizhniy-buket-pivoniy-charivna-princesa
Title: 21:55 вчора, 21:55 Зірка шоу "Маска" Даша Трегубова показала колір настрою і пірнула у ніжний букет півоній: "Чарівна принцеса"

URL: https://sport.znaj.ua/429733-daniel-salem-pokazav-yak-nabirayetsya-sil-pered-boyovim-zavdannyam-peretvoryuyetsya-na-halka
Title: 21:45 вчора, 21:45 Даніель Салем показав, як набирається сил перед бойовим завданням: "Перетворюється на халка"

URL: https://sport.znaj.ua/429752-katya-nikitina-z-zhinochogo-kvartalu-porinula-v-ditinstvo-pryamo-na-kasi-v-supermarketi-pam-yatayete
Title: 21:35 вчора, 21:35 Катя Нікітіна з "Жіночого кварталу" поринула в дитинство прямо на касі в супермаркеті: "Пам'ятаєте?"

URL: https://war.znaj.ua/429751-rizhut-veni-abi-ne-voyuvati-rosiyski-okupanti-kalichat-sebe-shchob-ne-jihati-v-ukrajinu
Title: 21:25 вчора, 21:25 Ріжуть вени аби не воювати: російські окупанти калічать себе, щоб не їхати в Україну

URL: https://sport.znaj.ua/429749-alyona-alyona-ta-jerry-heil-vtilili-ves-bil-ukrajinciv-chomu
Title: 21:15 вчора, 21:15 Alyona Alyona та Jerry Heil втілили весь біль українців: "Чому?"

URL: https://war.znaj.ua/429750-biyci-zsu-pohvalilisya-miccyu-novogo-ozbroyennya-takih-feyerverkiv-rosiyski-okupanti-shche-ne-bachili
Title: 21:05 вчора, 21:05 Бійці ЗСУ похвалилися міццю нового озброєння: таких "феєрверків" російські окупанти ще не бачили

URL: https://sport.znaj.ua/429759-maksim-galkin-pokazav-podoroslishavshih-bliznyat-i-pomolodilu-allu-pugachovu-sim-ya-ce-sila
Title: 20:55 вчора, 20:55 Максим Галкін показав подорослішавших близнят і помолоділу Аллу Пугачову: "Сім'я - це сила!"

URL: https://sport.znaj.ua/429739-vova-dantes-pokazav-yak-rozslablyayetsya-v-suto-cholovichiy-kompaniji-garyache-cherez-cih-hlopciv
Title: 20:35 вчора, 20:35 Вова Дантес показав, як розслабляється в суто чоловічій компанії: "Гаряче через цих хлопців"

URL: https://sport.znaj.ua/429740-kazka-pokazala-irlandcyam-kolori-svobodi-poven-zal-zhovto-sinogo-ce-ne-prosto-pidtrimka
Title: 20:25 вчора, 20:25 KAZKA показала ірландцям кольори свободи, повен зал жовто-синього: "Це не просто підтримка"

URL: https://sport.znaj.ua/429718-alla-pugachova-syaye-shanuvalniki-podililisya-radisnoyu-podiyeyu-u-zirkoviy-rodini
Title: 20:15 вчора, 20:15 Алла Пугачова сяє: шанувальники поділилися радісною подією у зірковій родині

URL: https://sport.znaj.ua/429689-maks-chmerkovskiy-pokazav-chim-vidriznyayetsya-druzhina-peta-vid-peremozhnici-holostyaka-shulginoji-dosi-ne-mozhe-zrozumiti
Title: 20:05 вчора, 20:05 Макс Чмерковський показав, чим відрізняється дружина Пета від переможниці "Холостяка" Шульгіної: "Досі не може зрозуміти"

URL: https://sport.znaj.ua/429675-tonya-matviyenko-rozpovila-pro-osobliviy-vistup-ukrajinska-pisnya-tvorit-diva
Title: 19:55 вчора, 19:55 Тоня Матвієнко розповіла про особливий виступ: "Українська пісня творить дива"

URL: https://sport.znaj.ua/429738-muzichna-oborona-golosu-krajini-rozradila-shikarnim-vikonannyam-vidomih-trekiv-chasiv-viyni-koshtovniy-skarb
Title: 19:25 вчора, 19:25 Музична оборона "Голосу країни" розрадила шикарним виконанням відомих треків часів війни: "Коштовний скарб"

URL: https://sport.znaj.ua/429789-sim-yu-tarasa-cimbalyuka-z-kriposnoji-vrazila-drama-pov-yazana-z-viynoyu-viprobuvannya-dlya-vsih
Title: 19:15 вчора, 19:15 Сім'ю Тараса Цимбалюка з "Кріпосної" вразила драма, пов'язана з війною: "Випробування для всіх"

URL: https://sport.znaj.ua/429686-anastasiya-volochkova-pokazala-yadrenu-zelenu-raskoryaku-virishila-zdivuvati-novogo-cholovika-bahnula-pislya-zyomki
Title: 18:50 вчора, 18:50 Анастасія Волочкова показала ядрену зелену розкоряку, вирішила здивувати нового чоловіка: "Бахнула після зйомки"

URL: https://grosi.znaj.ua/429723-profesiyni-psihologi-pro-povernennya-zvichnogo-zhittya-vazhlivi-nastanovi-dlya-vidnovlennya-emociynogo-balansu
Title: 18:05 вчора, 18:05 Професійні психологи про повернення звичного життя: важливі настанови для відновлення емоційного балансу

URL: https://sport.znaj.ua/429672-zirka-mastershef-ektor-himenes-bravo-rozpoviv-yak-ukrajina-stala-yomu-ridnoyu-domivkoyu-nemov-prijihav-do-rodichiv
Title: 17:35 вчора, 17:35 Зірка "МастерШеф" Ектор Хіменес-Браво розповів, як Україна стала йому рідною домівкою: "Немов приїхав до родичів"

URL: https://grosi.znaj.ua/429784-borisu-dzhonsonu-58-yak-prem-yer-stvoriv-anglo-ukrajinskiy-surzhik-i-shcho-za-pisnya-zvuchatime-na-pohoronah-druga-zelenskogo
Title: 17:20 вчора, 17:20 Борису Джонсону 58: як прем'єр створив англо-український суржик і що за пісня звучатиме на похоронах друга Зеленського

URL: https://sport.znaj.ua/429670-veducha-programi-vse-bude-dobre-nadiya-matvyeyeva-rozchulila-nizhnim-simeynim-foto-z-ditinstva
Title: 17:05 вчора, 17:05 Ведуча програми "Все буде добре" Надія Матвєєва розчулила ніжним сімейним фото з дитинства

URL: https://war.znaj.ua/429657-pes-patron-rozchuliv-ukrajinciv-nespodivanoyu-poradoyu-yaku-slid-vzyati-na-ozbroyennya
Title: 16:50 вчора, 16:50 Пес Патрон розчулив українців несподіваною порадою, яку слід "взяти на озброєння"

URL: https://grosi.znaj.ua/429781-volodimir-klichko-ta-oksana-marchenko-stali-kumami-u-malyatka-z-yavivsya-angel-ohoronec-a-hto-batki
Title: 16:35 вчора, 16:35 Володимир Кличко та Оксана Марченко стали кумами: у малятка з'явився ангел-охоронець, а хто батьки

URL: https://grosi.znaj.ua/429656-horosha-novina-dlya-avtovlasnikiv-na-ukrajinskih-azs-stav-deshevshati-gaz
Title: 16:20 вчора, 16:20 Хороша новина для автовласників: на українських АЗС став дешевшати газ

URL: https://sport.znaj.ua/429663-ukrajinka-z-p-yatma-sobakami-zhive-v-avstriji-u-vidni-u-buryatki-finalistka-shou-holostyak-ramina-eshakzay-prigolomshila-svoyeyu-istoriyeyu
Title: 16:05 вчора, 16:05 "Українка з п'ятьма собаками живе зараз в Австрії у Відні у бурятки": фіналістка шоу "Холостяк" Раміна Есхакзай приголомшила своєю історією

URL: https://sport.znaj.ua/429662-andriy-byednyakov-pokazav-ridnu-vulichku-v-mariupoli-i-ne-strimav-emociy-teper-tam-mogili
Title: 15:50 вчора, 15:50 Андрій Бєдняков показав рідну вуличку в Маріуполі і не стримав емоцій: "Тепер там могили"

URL: https://war.znaj.ua/429664-sbu-zneshkodila-nebezpechne-ugrupovannya-pidkontrolne-rosiyskim-specsluzhbam-maskuvalisya-pid-dobrovolciv
Title: 15:35 вчора, 15:35 СБУ знешкодила небезпечне угруповання, підконтрольне російським спецслужбам: маскувалися під добровольців

URL: https://sport.znaj.ua/429655-oleksandr-pedan-i-kostya-tremboveckiy-prinizili-seleznova-i-kobina-na-poli-zaradi-zsu-mi-yshli-pishki
Title: 15:20 вчора, 15:20 Олександр Педан і Костя Трембовецький принизили Селезньова і Кобіна на полі заради ЗСУ: "Ми йшли пішки"

URL: https://life.znaj.ua/429774-genadiy-druzenko-privitav-koleg-z-dnem-medika
Title: вчора, 13:15 Генадій Друзенко привітав колег з Днем медика вчора, 13:15

URL: https://life.znaj.ua/429753-yuriy-ribchinskiy-poyasniv-chomu-ne-mozhna-viddati-chaykovskogo-yak-i-teritoriyu
Title: Юрій Рибчинський пояснив, чому не можна віддати Чайковського: "Як і територію" 18 червня 2022, 20:52

URL: https://life.znaj.ua/429717-mikola-tomenko-chi-stane-ukrajinska-svyatinya-mezhigir-ya-parkom-yanukovicha
Title: Микола Томенко: "Чи стане українська святиня - «Межигір‘я» парком Януковича?" 18 червня 2022, 14:17

URL: https://life.znaj.ua/429684-derzhfinmonitoring-na-zasidanni-fatf-domigsya-suttyevogo-obmezhennya-chlenstva-rf
Title: Держфінмоніторинг на засіданні FATF домігся суттєвого обмеження членства рф 18 червня 2022, 09:10

URL: https://life.znaj.ua/429668-kapitan-nacgvardiji-petro-kuzik-rozpoviv-chogo-narazi-ne-vistachaye-ukrajinskim-viyskovim
Title: Капітан Нацгвардії Петро Кузик розповів, чого наразі не вистачає українським військовим 18 червня 2022, 05:45

URL: https://life.znaj.ua/429667-sociolog-yevgen-golovaha-rozpoviv-komu-sogodni-naybilshe-doviryayut-ukrajinci
Title: Соціолог Євген Головаха розповів, кому сьогодні найбільше довіряють українці 18 червня 2022, 05:15

URL: https://breaking.znaj.ua/
Title: Важливе

URL: https://breaking.znaj.ua/410757-astrolog-vlad-ross-zayaviv-shcho-nazarbayev-maye-vsi-shansi-piti-z-zhittya
Title: 7 грудня 2021, 16:17 Астролог Влад Росс заявив, що Назарбаєв має всі шанси піти з життя 7 грудня 2021, 16:17

URL: https://breaking.znaj.ua/410763-monastirskiy-vodiy-vantazhivki-porushiv-pravil-dorozhnogo-ruhu-shcho-prizvelo-do-smertelnoji-avariji-pid-chernigivom
Title: Монастирський: Водій вантажівки порушив правил дорожнього руху, що призвело до смертельної аварії під Чернігівом 7 грудня 2021, 15:59

URL: https://breaking.znaj.ua/410577-pristrit-ce-vpliv-na-lyudinu-i-na-jiji-dva-nizhni-centri-tarolog-anastasiya-kazachok
Title: Пристріт – це вплив на людину і на її два нижні центри, - таролог Анастасія Казачок 6 грудня 2021, 14:17

URL: https://breaking.znaj.ua/410311-viluchili-ponad-10-kg-duri-na-poltavshchini-vikrili-bandu-narkodileriv
Title: Вилучили понад 10 кг "дурі": на Полтавщині викрили банду наркодилерів 3 грудня 2021, 16:41

URL: https://breaking.znaj.ua/410260-4-grudnya-bude-sonyachne-zatemnennya-u-znaku-zodiaku-strilec-numerolog-nonna-musalyan
Title: 4 грудня буде сонячне затемнення у знаку зодіаку Стрілець, - нумеролог Нонна Мусалян 3 грудня 2021, 14:07

URL: https://breaking.znaj.ua/410151-mvs-posilyuye-bezpeku-na-vodnih-shlyahah-yevropi
Title: МВС посилює безпеку на водних шляхах Європи 2 грудня 2021, 15:52

URL: https://kyiv.znaj.ua/427542-svyata-dzhavelina-zalishilasya-bez-nimba-pislya-rukoprikladstva-mikoli-azarova-andriy-andreyev-pokazav-naslidki
Title: 26 травня 2022, 15:27 Свята Джавеліна залишилася без німба після "рукоприкладства" Миколи Азарова: Андрій Андреєв показав наслідки 26 травня 2022, 15:27

URL: https://kyiv.znaj.ua/427462-u-kiyevi-cherez-obrazheni-pochuttya-cerkovnikiv-mozhut-zafarbuvati-noviy-mural-svyata-dzhavelina-podrobici-incidentu
Title: У Києві через "ображені почуття" церковників можуть зафарбувати новий мурал "Свята Джавеліна" - подробиці інциденту 25 травня 2022, 21:04

URL: https://kyiv.znaj.ua/427316-aleya-muraliv-popovnilasya-zobrazhennyam-svyatoji-dzhavelini-andriy-andreyev-povidomiv-pro-zavershennya-robit
Title: "Алея муралів" поповнилася зображенням Святої Джавеліни: Андрій Андреєв повідомив про завершення робіт 24 травня 2022, 18:10

URL: https://kyiv.znaj.ua/426920-budinki-ukrajinciv-prikrasyat-osoblivimi-malyunkami-andriy-andryeyev-stvorit-aleyu-muraliv
Title: Будинки українців прикрасять особливими малюнками: Андрій Андрєєв анонсував "Алею муралів" 20 травня 2022, 10:17

URL: https://kyiv.znaj.ua/426443-u-kiyevi-zminilisya-pravila-projizdu-v-gromadskomu-transporti-yak-pracyuvatime-elektronna-oplata-z-16-travnya
Title: У Києві змінилися правила проїзду в громадському транспорті: як працюватиме електронна оплата з 16 травня 16 травня 2022, 14:05

URL: https://kyiv.znaj.ua/425848-derusifikaciya-metro-u-kiyevi-za-yaki-nazvi-stanciy-progolosuvali-ukrajinci
Title: Дерусифікація метро у Києві: за які назви станцій проголосували українці 10 травня 2022, 19:50

URL: https://sport.znaj.ua/
Title: Показати більше

URL: https://sport.znaj.ua/417207-ninishni-ukrajinski-shkolyari-mayut-bilshe-mozhlivostey-stati-zirkami-sportu-v-maybutnomu-vladislav-vashchuk
Title: Нинішні українські школярі мають більше можливостей стати зірками спорту в майбутньому, - Владислав Ващук 1 лютого 2022, 11:17

URL: https://sport.znaj.ua/407083-absolyutna-ikona-ogolena-superzirka-britni-spirs-zasvitila-svoji-yamki
Title: "Абсолютна ікона": оголена суперзірка Брітні Спірс засвітила свої "ямки" 10 листопада 2021, 02:00

URL: https://sport.znaj.ua/406576-jiji-umbrella-vipala-legendarna-spivachka-rihanna-u-vidvertomu-vbranni-vivalila-svoji-prinadi
Title: Її "Umbrella" випала: легендарна співачка Rihanna у відвертому вбранні вивалила свої "принади" 5 листопада 2021, 15:40

URL: https://sport.znaj.ua/405045-cholovik-vipadkovo-zastrelenoji-alekom-boldujinom-operatora-ukrajinki-galini-gatchins-zvernuvsya-do-svitu-mi-namagayemosya
Title: Чоловік випадково застреленої Алеком Болдуїном оператора-українки Галини Гатчінс звернувся до світу: "Ми намагаємося..." 25 жовтня 2021, 05:45

URL: https://sport.znaj.ua/407087-vidtvorennya-smerti-merlin-monro-legendarna-madonna-v-zuhvalomu-vbranni-oskandalilasya-na-ves-svit
Title: "Відтворення смерті Мерлін Монро": легендарна Мадонна в зухвалому вбранні оскандалилася на весь світ 9 листопада 2021, 23:00

URL: https://news.google.com/publications/CAAqJAgKIh5DQklTRUFnTWFnd0tDbnB1WVdvdWRXRXZjblVvQUFQAQ?hl=ru&gl=RU&ceid=RU%3Aru

URL: https://apps.apple.com/ua/app/znaj-ua/id1473938906?l=uk

URL: https://play.google.com/store/apps/details?id=com.znaj.znaj&hl=uk

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://znaj.ua/ HTTP 307
https://znaj.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://gaua.hit.gemius.pl/_1655692671299/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Xq_KEOGccdAD0iMPa4NeTooJX52epR4ug9OMOqu60ZL.c7GCWEWz42hZClnhIyd2CH1zaAyPJaTYu9N.7VVMLgMkWzK1/HW.8soE1fZ736/&ltime=213&fpdata=OHHQxN_F6IPfjoxMkFicSaGbdQUrLodFzzEYPhW_IEj..7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1655692671299/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Xq_KEOGccdAD0iMPa4NeTooJX52epR4ug9OMOqu60ZL.c7GCWEWz42hZClnhIyd2CH1zaAyPJaTYu9N.7VVMLgMkWzK1/HW.8soE1fZ736/&ltime=213&fpdata=OHHQxN_F6IPfjoxMkFicSaGbdQUrLodFzzEYPhW_IEj..7&fpcap=

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1&C=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq-dgevhSuQWzqasaA8d6AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOy9cPOXLFxRFf7fMgUtnjI&google_cver=1

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM1NDgxOTczNzU5ODY0NTk1OQ%3D%3D

Request Chain 91

https://fw.adsafeprotected.com/rfw/bgd/1004046/63413776/xbbe/creative/adj?p=APEucNXTmEbiYNPJp28_5AdC_wWOVSNTKK0r5s1mwXZFZzBcDhoFoz4&d=CnkAoCZ_4NdeKdRBrkvTJoHgadaTAUWYjS0obtwI5smOtEASufJaI_Pggvigs83RLkmboYC9rQvc0F-_ewraVGcEO3OaFZBGDMgPa1KTLZXJU2HSN6oB6FTyf6zbneAAOcW305WR2tIL8Ji8-yQuCMqev5elSLNyivXIEtkTAKAmf-BFDTyTBtyfMybBYXQjceuWUJqYnxr82SJkzLyw6fXjoaRz3fk-q4J8LW429-bpf46cF9kD3AwwjFIpFusoNelDBxRHXY89M_nz96Sh1D6sEc9GtgD8AC6c9bL6WuIvcnYVsb--Qan4NMyI_UwbGec5yxWpWN8lhnYhD9UpAv5C9XaCEfhZHDGA-h3M6Z9yzEPoMiF7gLyP1I46TuQpIziRJYGDy8kiIswF276MEpJQTRS5OQy7hqKL5-Jgdnk5bJzcLQVUw9GGX1y37Sg8xbP4bgMz_zbOGxfWc_FYUaX0QKVTFKQ9Pp53ukKnmZ-46NrxQKOnoKHrJVWoBQAF7MWcVVNZZDvAz_jIwZpLvK6vNaMtox03Nuy13wwWHS09uxeVeGdIMi8Hz7SksKDQ1YpNUIk6U9uNJXOq2rU7TqGE26FGJPoPImfXYgyaYDkd1t688ztxzHbgo9hheryi1IvyEAgK720TxLZauj_gb41hE2ZUMfsKaQjiLhEhGf78huPHUvXzPt17fbJs4pUankaVczE9-c68sSuLrNfR4zRQ-x9RXFHy0n_P3moA_Y-59cIWL7daPz51HqaVsZU1ZLraH0cpSjo8cTJuZEo4rQMTDIUF67dkNXtRQZNSHyk5FKYOIVbtY2uQhl816XuYxgpnr5zofEBri3Jxnp8vqOPyc23laTxd7NkG9fAdcrBCUGe9VSVddR0A_30i6WAX0vvDXwidcZpsjqfLWxAVMN9I3xZDj63EF3sVopbHQU1fcCv7VnT2Z7QEISEV5N3qlLy8Ze67MkFJ4J_RELZFy4VB89tXg1s77GGbTpFTnbRoBn3n7VaTCnTPwmUhNkgP2YtAOO-UlzVe22r0iKFeeYN17mid6smfE8AQRvUbp5Av7NM8uhM0QLc12Qw6f8synbL7vrDqvpRyx0Tgpp474pPmE46Q3F8mDEP_r2IasMsfw-lSIf_P7TBl6ioMgJ4ItGMu-Z_f6zEVJSykuta8b5noQ87ZyoXErXqSPiGgyOyKW9i4pG2HcFqKCylSVEZjwflygTNO_BihYvJQ3YAmDTOlD_OzBDatjMNiiyleveDB7nsEyXR_FWPTpKsv6X5RkeYJgupqll4loxzlEHGYp9tJSgGZ_BsmO-XOtwwGuGzqfOcI4X88XcoXTxqfTRfT18zASTTH2-xQ6OnJFy8WMggAHfoQ86KKfSeMBZXRg_HWyiB_1XJMK8nDAXvDWbfJrUf6PC5NvxVFMzUgDrwNzPPMvlyPiRcODxj3PpFm4kV0dYdFbuEyFwgOKMXX7NbBmP9dzu7df0zm5J9f6kT7_HpYBbmiWmQ9L8yja9igNh2S3IyrAwxe_8ImpOdrWnMFF3aiBJPZFvVD8DG2729Decpq70j2b0K7oR83RdO6L9CP06J_uvH3Ssb-5PJFmZloY2uq_NcH_CB7gZHzFu5bbTQp6CBz7k4SDwrUUdN-JakEpTvEccOkTHuozs0CfoTa7HEQ0wDSWhBw-oMBapUeu0AL5jC0bXi_demfX3_5Ccih-fEMhA1CPqJGNnR4so1x4voEKjnUbZ-BHKO0sSs9b6xQwM6D6ZmC67OHXCwrA5Q3EmAOXqxtqLR_U-Nr3D3vvXmkd7s2JhrVUN43tkdpZtJwTwSMs50wR6SnY7aa5_yGpST26vw5ihfDNGRybi1u7X9oa-Ccj9raVVFSL5ZC5rQ4FgL7x21_qR894m_cIC6yyUNnouXjHUXJWlXa_NZJpjCT8IQDWio2xZv9du4BxBXS4TPdxVRo9dF7v4eArW2ftc52IWp0iRxD0HuDRY-_D33ZBNRF8-Lm9gL_JscekOqF0L2TTLAKACPc1e4KiIfEjFW5UWB6JOWz3yGYkEH4IDkZGiIG63wDTtaSYMWb4ZM11EB4pS58vQDOK7Id3QMO19E7RbMXuBuUfHyGTgxGX4fF0a6LwXicWWNODqjp6h7u84n70ORd6d4969IK5KfDU4lwsEGBnrXAHtIAPPJqjCA3KC9qGDTtpons0h9hBE5HVnyM3_OAcq-6d9XpqvAdgHYfrMyi0WV91FIPDhsNXzy-zegbhnfMymOkoEZnucIOhrF7IiB3osksBbbjz10kiNp6XZtSCuw5UHOa-AvLqj9xf3B3UdU9BuBL1y2QAxTAFDxo7M6VQGe46ju7QX7vX-D57RpbAFtY_ijiJBhzbh3cupExktMs-cSTaePXKMzwiG_lGq5xyKAZSHtoga9vjq9gpwY_7qnpHTPk3PPpaWY3KaKb908pSsZVbSBaeiVCd3_ntlDOYySsBv5BrkTk35YYGiQsza-j1c9OKjvVA16df4Vpj7PkxZaRPfHh4YOZCpLxt3OZi1QKR3eSzntiU76R2h8Ow64QvRoy0FvCinN5X-yUE7qi80e6gyqsOmsCQh9PwpdSI_gsE4in9qzQOWJndBc46ECV3DFW8VL0pHVlLFk8M8CNkDuUoGtyMwnogyqbEaNPo29byVStrJgPQ3jxgw9KLF6P-NORvNzoC2f1RTpkG62q1W-EkuZZpUVMIPmgQ48jZghnspoEA9Dr05yUvaK4eoF2petw3oc5khGgxFfLTyc5fqPwb_8eKdCa4pfti6RsfjDcEOxIGXbP8iluaHdwdSIqk19Coyu0NdEb14w9aFzu_Rqrgq1M1bSwCgeZkcDRVjsU_-Gvy_B5fuTh4p3OBy9ovh4RCVh2dcSed70vZjISS6PM2yZ82wzPVyTC9Eh97lkTdACTRLUC4J77tBZ9qet5QuOJy2izjb0fAiyqv5VxeAYfZbVp32jMlW8Hbp1gWNGdTEGOqJEh3bG0DB4yjJVotEMv1LkPzbNwRUl_9GUfBC7a6i0WdbfteSHzpSSBrmlb4OZOmh_c2C3L5aL8eRyV0hi5BlK-3IPLrA_Gaj3DWFTUwNAJZnS_XLqxq7uibBKgf6zg3gOWY7jcgkUvdMtpUR212h6mXkuuEmfr6h6GOrGzruQX3WCqejQbVmgmIlsp7VShvqI406AJoeOKhdoOLGME3x8PbVlWDpjsjFM9pV3VOFfuhwolqCm90DCOLPCcQECPV4Owhu2PTZKJkZxdyGqFcgecF2uTxSlEs-IVHGhIp7cHWfL0HdKEo4fRqdv3z0G3HFOvBUvPPwE4okMw7iYDw2HD8eiD5LuKUSz_jKRpOLomi4LEQixWvD-o3_dZ_SmyGrM_RbS7fcTgIgwzyeqN6qF5TcWpWyeTO6Bhn9yb3y7996fVXxtswip8GkMyNSAGOrjh7eWQgrYe6nEwiiSJyOdMuQkRvx1w-FU__0Exf9P6yEOxHtBD_pmqm38UGKSjp7Bjljk6IPDJDQuI9YB0eZP8nzeE0b3_yRooCAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMWAB&adsafe_url=https%3A%2F%2Fznaj.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e79060f3-baf4-1ceb-767d-7bc19cfd5f28,c:g2F68j,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-tlt9m,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t9ghIU7+11%7C12%7C13%7C14%7C15%7C16*.1004046-63413776%7C161%7C171%7C18%7C19,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:fbbf202a-f041-11ec-8076-6262c1408689,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXTmEbiYNPJp28_5AdC_wWOVSNTKK0r5s1mwXZFZzBcDhoFoz4&d=CnkAoCZ_4NdeKdRBrkvTJoHgadaTAUWYjS0obtwI5smOtEASufJaI_Pggvigs83RLkmboYC9rQvc0F-_ewraVGcEO3OaFZBGDMgPa1KTLZXJU2HSN6oB6FTyf6zbneAAOcW305WR2tIL8Ji8-yQuCMqev5elSLNyivXIEtkTAKAmf-BFDTyTBtyfMybBYXQjceuWUJqYnxr82SJkzLyw6fXjoaRz3fk-q4J8LW429-bpf46cF9kD3AwwjFIpFusoNelDBxRHXY89M_nz96Sh1D6sEc9GtgD8AC6c9bL6WuIvcnYVsb--Qan4NMyI_UwbGec5yxWpWN8lhnYhD9UpAv5C9XaCEfhZHDGA-h3M6Z9yzEPoMiF7gLyP1I46TuQpIziRJYGDy8kiIswF276MEpJQTRS5OQy7hqKL5-Jgdnk5bJzcLQVUw9GGX1y37Sg8xbP4bgMz_zbOGxfWc_FYUaX0QKVTFKQ9Pp53ukKnmZ-46NrxQKOnoKHrJVWoBQAF7MWcVVNZZDvAz_jIwZpLvK6vNaMtox03Nuy13wwWHS09uxeVeGdIMi8Hz7SksKDQ1YpNUIk6U9uNJXOq2rU7TqGE26FGJPoPImfXYgyaYDkd1t688ztxzHbgo9hheryi1IvyEAgK720TxLZauj_gb41hE2ZUMfsKaQjiLhEhGf78huPHUvXzPt17fbJs4pUankaVczE9-c68sSuLrNfR4zRQ-x9RXFHy0n_P3moA_Y-59cIWL7daPz51HqaVsZU1ZLraH0cpSjo8cTJuZEo4rQMTDIUF67dkNXtRQZNSHyk5FKYOIVbtY2uQhl816XuYxgpnr5zofEBri3Jxnp8vqOPyc23laTxd7NkG9fAdcrBCUGe9VSVddR0A_30i6WAX0vvDXwidcZpsjqfLWxAVMN9I3xZDj63EF3sVopbHQU1fcCv7VnT2Z7QEISEV5N3qlLy8Ze67MkFJ4J_RELZFy4VB89tXg1s77GGbTpFTnbRoBn3n7VaTCnTPwmUhNkgP2YtAOO-UlzVe22r0iKFeeYN17mid6smfE8AQRvUbp5Av7NM8uhM0QLc12Qw6f8synbL7vrDqvpRyx0Tgpp474pPmE46Q3F8mDEP_r2IasMsfw-lSIf_P7TBl6ioMgJ4ItGMu-Z_f6zEVJSykuta8b5noQ87ZyoXErXqSPiGgyOyKW9i4pG2HcFqKCylSVEZjwflygTNO_BihYvJQ3YAmDTOlD_OzBDatjMNiiyleveDB7nsEyXR_FWPTpKsv6X5RkeYJgupqll4loxzlEHGYp9tJSgGZ_BsmO-XOtwwGuGzqfOcI4X88XcoXTxqfTRfT18zASTTH2-xQ6OnJFy8WMggAHfoQ86KKfSeMBZXRg_HWyiB_1XJMK8nDAXvDWbfJrUf6PC5NvxVFMzUgDrwNzPPMvlyPiRcODxj3PpFm4kV0dYdFbuEyFwgOKMXX7NbBmP9dzu7df0zm5J9f6kT7_HpYBbmiWmQ9L8yja9igNh2S3IyrAwxe_8ImpOdrWnMFF3aiBJPZFvVD8DG2729Decpq70j2b0K7oR83RdO6L9CP06J_uvH3Ssb-5PJFmZloY2uq_NcH_CB7gZHzFu5bbTQp6CBz7k4SDwrUUdN-JakEpTvEccOkTHuozs0CfoTa7HEQ0wDSWhBw-oMBapUeu0AL5jC0bXi_demfX3_5Ccih-fEMhA1CPqJGNnR4so1x4voEKjnUbZ-BHKO0sSs9b6xQwM6D6ZmC67OHXCwrA5Q3EmAOXqxtqLR_U-Nr3D3vvXmkd7s2JhrVUN43tkdpZtJwTwSMs50wR6SnY7aa5_yGpST26vw5ihfDNGRybi1u7X9oa-Ccj9raVVFSL5ZC5rQ4FgL7x21_qR894m_cIC6yyUNnouXjHUXJWlXa_NZJpjCT8IQDWio2xZv9du4BxBXS4TPdxVRo9dF7v4eArW2ftc52IWp0iRxD0HuDRY-_D33ZBNRF8-Lm9gL_JscekOqF0L2TTLAKACPc1e4KiIfEjFW5UWB6JOWz3yGYkEH4IDkZGiIG63wDTtaSYMWb4ZM11EB4pS58vQDOK7Id3QMO19E7RbMXuBuUfHyGTgxGX4fF0a6LwXicWWNODqjp6h7u84n70ORd6d4969IK5KfDU4lwsEGBnrXAHtIAPPJqjCA3KC9qGDTtpons0h9hBE5HVnyM3_OAcq-6d9XpqvAdgHYfrMyi0WV91FIPDhsNXzy-zegbhnfMymOkoEZnucIOhrF7IiB3osksBbbjz10kiNp6XZtSCuw5UHOa-AvLqj9xf3B3UdU9BuBL1y2QAxTAFDxo7M6VQGe46ju7QX7vX-D57RpbAFtY_ijiJBhzbh3cupExktMs-cSTaePXKMzwiG_lGq5xyKAZSHtoga9vjq9gpwY_7qnpHTPk3PPpaWY3KaKb908pSsZVbSBaeiVCd3_ntlDOYySsBv5BrkTk35YYGiQsza-j1c9OKjvVA16df4Vpj7PkxZaRPfHh4YOZCpLxt3OZi1QKR3eSzntiU76R2h8Ow64QvRoy0FvCinN5X-yUE7qi80e6gyqsOmsCQh9PwpdSI_gsE4in9qzQOWJndBc46ECV3DFW8VL0pHVlLFk8M8CNkDuUoGtyMwnogyqbEaNPo29byVStrJgPQ3jxgw9KLF6P-NORvNzoC2f1RTpkG62q1W-EkuZZpUVMIPmgQ48jZghnspoEA9Dr05yUvaK4eoF2petw3oc5khGgxFfLTyc5fqPwb_8eKdCa4pfti6RsfjDcEOxIGXbP8iluaHdwdSIqk19Coyu0NdEb14w9aFzu_Rqrgq1M1bSwCgeZkcDRVjsU_-Gvy_B5fuTh4p3OBy9ovh4RCVh2dcSed70vZjISS6PM2yZ82wzPVyTC9Eh97lkTdACTRLUC4J77tBZ9qet5QuOJy2izjb0fAiyqv5VxeAYfZbVp32jMlW8Hbp1gWNGdTEGOqJEh3bG0DB4yjJVotEMv1LkPzbNwRUl_9GUfBC7a6i0WdbfteSHzpSSBrmlb4OZOmh_c2C3L5aL8eRyV0hi5BlK-3IPLrA_Gaj3DWFTUwNAJZnS_XLqxq7uibBKgf6zg3gOWY7jcgkUvdMtpUR212h6mXkuuEmfr6h6GOrGzruQX3WCqejQbVmgmIlsp7VShvqI406AJoeOKhdoOLGME3x8PbVlWDpjsjFM9pV3VOFfuhwolqCm90DCOLPCcQECPV4Owhu2PTZKJkZxdyGqFcgecF2uTxSlEs-IVHGhIp7cHWfL0HdKEo4fRqdv3z0G3HFOvBUvPPwE4okMw7iYDw2HD8eiD5LuKUSz_jKRpOLomi4LEQixWvD-o3_dZ_SmyGrM_RbS7fcTgIgwzyeqN6qF5TcWpWyeTO6Bhn9yb3y7996fVXxtswip8GkMyNSAGOrjh7eWQgrYe6nEwiiSJyOdMuQkRvx1w-FU__0Exf9P6yEOxHtBD_pmqm38UGKSjp7Bjljk6IPDJDQuI9YB0eZP8nzeE0b3_yRooCAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMWAB

Request Chain 99

https://gum.criteo.com/sid/json?origin=publishertag&domain=znaj.ua&sn=ChromeSyncframe&so=0&topUrl=znaj.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=C8EWrHxrM0wvM1lobmlJWCtURVlIZWRwcTBqNjZvbEdIVVUyZWlJSWdLOWRRTGRXWkdwdjJvenlOOUgrVm1peDVnZGtCQ2RmTllodEFoWEl1cW1zc0NNdXBLeCtEQVptNmQ2aHZjYUhTalBIK3hoWHJ1VEJSS3plamtpYkRqaU42bnE0cVlZOHdONktZaUt5aUxZcEtvT0RnTmQ5by9QTVhsZzMxMXRidkwwa2p6ZW5YRkN3bDBiSENrd2pvZHJQQU1MUFZHdTBxSzZnaFZNZkJWWnBJN3FzbkFtdk1UKzM5NDJVOHN0NENZZnJDcjJCVjNGSUd4OGU0WVpxczdCQmZmQ0FGN0VQUklFMXZCdUx2K0JEN2VnTzliUT09fA&cppv=2

Request Chain 108

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFUIO3OiV-tcUSZgFO4XrYQ&google_cver=1&google_push=ARnp8GDgWtNNZbmfgg6wqdFVgxaOCj5jpWVRu6YSIho1QOSjxLRjBcqvgMumkeh2l2i-fMkv86JnqPmLIcwLF_kjgTbS3JP0lX_iDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDgWtNNZbmfgg6wqdFVgxaOCj5jpWVRu6YSIho1QOSjxLRjBcqvgMumkeh2l2i-fMkv86JnqPmLIcwLF_kjgTbS3JP0lX_iDQ

Request Chain 109

https://um.simpli.fi/gp_match?google_gid=CAESEEiwSYL_DkEz9qCkig_PW84&google_cver=1&google_push=ARnp8GA0LM8g4e-H3Em5LBWFsIykoqjs5hbHx1RvvrVZ9ZDuOHM089SK7fHsXdS5LZnUMeKaQifhGPVk608vHE8-4naMxOpV3DH1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B3120FEA3CBC47DDA16F4C3262F24381&google_push=ARnp8GA0LM8g4e-H3Em5LBWFsIykoqjs5hbHx1RvvrVZ9ZDuOHM089SK7fHsXdS5LZnUMeKaQifhGPVk608vHE8-4naMxOpV3DH1

Request Chain 112

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELHC10zYGsMMedBHTYKGYg4&google_cver=1&google_push=ARnp8GCWx48_7db2albN8Wzc7UgjNMPELYdN7YcYxUocJcQAgThXuk6vL27dkoqDBl4F2qH4rHsG5cw6dCrlw5RCmjl87MwOpn56MQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCWx48_7db2albN8Wzc7UgjNMPELYdN7YcYxUocJcQAgThXuk6vL27dkoqDBl4F2qH4rHsG5cw6dCrlw5RCmjl87MwOpn56MQ

Request Chain 128

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=96361062-ec3e-41dd-a19f-42bcc795726d

Request Chain 131

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e212025d-8b0a-4363-96eb-b9e376e87ddb

Request Chain 132

https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c7c09221-21ef-4a7e-9d47-18cd2cf7896c

Request Chain 133

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6354819737598645959

Request Chain 136

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4M4O1VN-5-JV1J&sigv=1&esig=2~e625db262a96e5169675fc81e27cb56ddd78cb8c

Request Chain 137

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wquE5ucJRfGmlZxhTfMxUQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wquE5ucJRfGmlZxhTfMxUQ

Request Chain 140

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/X_r9KtPFV2l-Kkfba-Dx3A?csrc=

Request Chain 141

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4M4O1VN-5-JV1J

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOMGVdNVP0muQcwwsqY905g&google_cver=1

Request Chain 143

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1xvZoYxCRM6G0x1sfnirlw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1xvZoYxCRM6G0x1sfnirlw

Request Chain 148

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=3919e0d5affa753e

154 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
znaj.ua/
Redirect Chain

http://znaj.ua/
https://znaj.ua/

303 KB
62 KB

222ms
86ms

Document
text/html

2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17192f725ae6361f7a85af28a0796e23d613d58de3d29974940c9240e6079c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: HIT
cf-ray: 71e11ff8790c839a-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 02:37:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 20 Jun 2022 02:35:19 GMT
link
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAgcNboZlGk%2B8vPgeoo%2F9nYVSzcJRjRdpT%2Fa1sloM7jaryb4f8I9mAt6p997BWCh0Q08aYBY7MR4e68OFstRhxD9Rx61lRQ6fbKR5%2FmgNlUc%2FPxyCA%2Fc6I0bkqCn4f4jxaqFaYs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache-status: MISS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://znaj.ua/
Non-Authoritative-Reason: HSTS

GET
H2 200 ukraine.png
znaj.ua/img/ 702 B
1 KB 68ms
68ms Image
image/webp 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/img/ukraine.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2679779
cf-polished: origFmt=png, origSize=992
content-disposition: inline; filename="ukraine.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 702
pragma: public
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 09 Mar 2022 13:29:35 GMT
server: cloudflare
etag: "6228abbf-3e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2Bdmfjb4U6hpsPuZVg0FWvbI8P5%2FOqBu8Pp6dIeiZYinW0pGUSr7lNn1wARjfE9D99ePcOiLsDLMT%2BaXFrVXmTTY5DbruFjih6QCPYFsCiSSFEADlAJXmTaGF6Up4GGYh9SMMGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 71e11ff929a0839a-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 zKbWErg9dkx1atZOeHSq3D1Y8OlhB4q7SFpXXGxr.jpg
znaj.ua/crops/e2ba6f/150x100/2/0/2022/06/08/ 6 KB
6 KB 87ms
87ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/e2ba6f/150x100/2/0/2022/06/08/zKbWErg9dkx1atZOeHSq3D1Y8OlhB4q7SFpXXGxr.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5946142285363d0ee06e63b2216f46d902181eb271b631175dbdb219b42d5fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5991, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5859
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 08 Jun 2022 10:14:25 GMT
server: cloudflare
etag: "62a07681-1767"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7Egz6UwMlgK2h6z1NCOJeAPquoCB5U9RTv%2F2%2BBMA%2FjOqj1yo5KUh4%2BT4kGq3iJdCvyrUDPyxMhOV5e%2BLG97h0BLR%2BYnhlPc9xVe68loGLWa5eBvDQcFAGVDO1uCSMrisoiHc7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71e11ff939a7839a-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 app.js Show response
znaj.ua/desktop/js/ 90 KB
26 KB 69ms
69ms Script
application/javascript 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaj.ua/desktop/js/app.js?id=f13d9d3b121596546fe3

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 532210
cf-polished: origSize=92589
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 13 Jun 2022 21:17:50 GMT
server: cloudflare
etag: W/"62a7a97e-169ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tlJEVl7cl9sQC5Tz9MIM%2Bq%2BZ3rISRFJPdKxThjD8iufPJdlpPw%2BZZdwjq42D6qTBBNjgRGY1dOyGtkpPEHmA50UDKYRtx8MJWrvXprEHI3eEdVcw2mE2Ty%2BI%2BjZG21xgBVrDNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: max-age=315360000, public
cf-ray: 71e11ff939ad839a-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
aixcdn.com/ 23 KB
9 KB 208ms
72ms Script
application/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/client.js?165570

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Apr 2022 16:27:29 GMT
server: cloudflare
etag: W/"62599cf1-5a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWWSJumV%2BEF3RHVjBWSndl3cGQFmLIHr%2F8jtqnVjbUgeFKrKR9QIzr4dxTjR3uoz17hfTjsJhw%2FbbPMxWFZls58GYY6HArqTTjfJmzUy2%2FUVs5eW%2FXR6KVn5k6wtHOkLasN4HeFWM2gB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 71e11ffa1825839d-MXP
expires: Mon, 20 Jun 2022 03:59:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5582
date: Mon, 20 Jun 2022 01:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 03:04:49 GMT

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 134 B
425 B 288ms
68ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16952272&s16952728&t0&c1&n314409&w0&y0&d24&r1600
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: f86ee2189f31b9ab8ef2f954984e75069c9098e3dd0d8aabaf20940dd4053294

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:51 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 52 KB
14 KB 187ms
62ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14031
expires: Mon, 20 Jun 2022 14:37:51 GMT

GET
H2 200 client.js Show response
s.getstat.net/cdn/ 16 KB
7 KB 218ms
77ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.getstat.net/cdn/client.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1950
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 15:15:08 GMT
server: cloudflare
etag: W/"6260237c-3e9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evkwxNa1XHxC3v6DWDzq0lqRFp%2FHGq0E7mJzVPl8Zh8IiC0lrVQauYI2J%2BAeo5UzN9PO7oGzaKa4mqzEjEGHdfF3NGtmgh0nRNvtP9ZURlLhmzi0S9EWmYDlJVpVJ9uqkDuMTLXp%2FcZ0ulFA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 71e11ffa2dc65a3d-MXP
cf-bgj: minify

GET
H2 200 client.js Show response
cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/ 58 KB
18 KB 236ms
99ms Script
application/javascript 2606:4700:3030::ac43:a0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/client.js
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 20 Jun 2022 01:55:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6nLhhxJPdIyaAyx%2B4o3Ffz97Y9sEojxIExINHLvw%2B6eWUsKLMYpYx7DsVUnE%2F5%2F0Sh9HfxV1Hk%2BG95hTsaRtMAW07B9CwbpMWoAVPaj4w03GGZQxN%2BjB3COirLHjRqZXtYSTlEDN6nasO2CFJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: max-age=14400, public
cf-ray: 71e11ffa1a4ff91b-MXP
cf-bgj: minify

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 lRiPllgyhVjCyKDmBLhrXOze0s69P3ZWNW73Tr8P.jpg
znaj.ua/crops/ac2370/150x100/2/0/2022/06/18/ 4 KB
5 KB 200ms
200ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/ac2370/150x100/2/0/2022/06/18/lRiPllgyhVjCyKDmBLhrXOze0s69P3ZWNW73Tr8P.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

869c6ae618ea37a9833302c91606c146775d68a83d119b04b28b142580fe972f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4654, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4515
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 18 Jun 2022 09:52:25 GMT
server: cloudflare
etag: "62ada059-122e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLcG%2BsZ5MTP9OYeSYaziUAubTmRrEA9WNPGrG5yvYtpjiuwfDOozIXTp%2B6iII%2ByKTvDHWWnJIYICms2LvUciE4KteUXzvIlVZ6XEajsE4tmUDtYDe9yRPhOteHaE0hm3DXKPoh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71e11ff9db073751-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 PabvJ1WcdNoIKphKiz9JTp4uQhtL30XGb8FdLCa0.jpg
znaj.ua/crops/26a7b1/150x100/2/0/2022/06/17/ 2 KB
3 KB 76ms
75ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/26a7b1/150x100/2/0/2022/06/17/PabvJ1WcdNoIKphKiz9JTp4uQhtL30XGb8FdLCa0.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bd2b8d26680535189e844ecffc15230855e8b33779e0c7624fbc96f400f571e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23051
cf-polished: origSize=2144, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1950
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 17 Jun 2022 19:40:15 GMT
server: cloudflare
etag: "62acd89f-860"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1id4XyXi5SNAurM3wRDFakzAQsAhVA1fdtgBehGBrk%2Bgd09%2Fc4%2FM%2FI%2FfEgw0LfLa4cTNfWyH1LD0M1pjP3mJKd64IYPJouTN%2FdZ6fHbaFtovkoaw0J15RCExKhfSXU7OaiKqDG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71e11ff9db083751-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 TvdxdCtWoIg7nw305QJLosfmvfhM6YOZQ0zOQDAE.jpg
znaj.ua/crops/d9b99e/150x100/2/0/2022/06/17/ 4 KB
4 KB 77ms
76ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/d9b99e/150x100/2/0/2022/06/17/TvdxdCtWoIg7nw305QJLosfmvfhM6YOZQ0zOQDAE.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be7e2d452303d1ed6ca61df2aa488cc8082ef5853834a62d4c2cd812a6ace6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23051
cf-polished: origSize=3862, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3597
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 17 Jun 2022 20:12:43 GMT
server: cloudflare
etag: "62ace03b-f16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPo3xD1jasDArUGtu0QKsVljVg%2B0JnzCEvR0lKdXdHEwAkuZ2TG9YuA0Dd5%2F3MYJ7qRQqw1fnRz5fRkYCmJcbE2FpTmBjgi8zyLLbysrWG0g%2Bzkd9m%2BI8mj6G4z%2BGpNIPUtHTqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71e11ff9db0a3751-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 HZL3xbVNoEYdhCGdPn6wO9DxbpfhfnLtbN943fi2.jpeg
znaj.ua/crops/b044e5/150x100/3/52_39/2019/05/31/ 5 KB
6 KB 78ms
78ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/b044e5/150x100/3/52_39/2019/05/31/HZL3xbVNoEYdhCGdPn6wO9DxbpfhfnLtbN943fi2.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

516c84e23a52e140744c763deab30c0a9bffbc0ae62bfa65938e39a6ad57011c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28451
cf-polished: origSize=5740, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 07 Jun 2019 05:17:42 GMT
server: cloudflare
etag: "5cf9f376-166c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmNmuOkYRwMxNhpkb3Q7UjOQsysh2ZFhjDuE3yzTX9ln55eMEWudI%2Frvo2CwRcvtO%2B4iLPBH5N0ycTS4cnVabvLVt0lyuW4TLTqg6dZKiCOLOGv8FnGik45fvu%2Fj%2FxXMgBMo%2Bys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71e11ff9db0c3751-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 9ZJRzFudHbZYt7mMRONz1mBg42bXgNeeQ9Jj8z35.jpeg
znaj.ua/crops/df9f4c/150x100/3/63_39/2019/03/09/ 3 KB
4 KB 200ms
199ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/df9f4c/150x100/3/63_39/2019/03/09/9ZJRzFudHbZYt7mMRONz1mBg42bXgNeeQ9Jj8z35.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

805b88b45940e3c6625c6b6773cba3f55f5782152a6134ea1a49021b264ba46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28425
cf-polished: origSize=3175, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2984
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 09 Mar 2019 08:12:48 GMT
server: cloudflare
etag: "5c837580-c67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pi%2FJZWbPbXu2voxIYkDpfgc4w6nxLJEddeVU7byZXqjACX43HJpfFUO3rMuwXVqfvJR8RDPRYo6LthMblhRAqzElcwe6twB%2Baln4%2FDmqCHGisIF6Ow2DpMMcv8NHUsWf2gni6js%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71e11ff9db0d3751-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 lRiPllgyhVjCyKDmBLhrXOze0s69P3ZWNW73Tr8P.jpg
znaj.ua/crops/2a1c5a/735x400/2/0/2022/06/18/ 42 KB
43 KB 197ms
197ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/2a1c5a/735x400/2/0/2022/06/18/lRiPllgyhVjCyKDmBLhrXOze0s69P3ZWNW73Tr8P.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b47d4be4dee93d7cf3bc4b91dc07efd5798cefea857d2a2499ac60df8ca52af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=43627, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43378
last-modified: Mon, 20 Jun 2022 02:08:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BzfQmDlgBCPBGXUuRXiKwjHgJsLyfpzer2rYtDYDxGdliBgxNNiU9KAx%2BuTy84tW0kgj7gWmsiTWde5OlueCwuuGuCBBrEX9D8sZSjbAxifczSbJmv1%2BJWUokri8%2BI%2FDQMX6bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 71e11ff9db0e3751-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 YxqOUHFF1mmilgzXhO1eXRDhVzdnYdzwZwqWLHEX.jpg
znaj.ua/crops/855146/735x400/2/0/2022/06/18/ 38 KB
39 KB 136ms
135ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/855146/735x400/2/0/2022/06/18/YxqOUHFF1mmilgzXhO1eXRDhVzdnYdzwZwqWLHEX.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d91e498a7fa5714fb177f6248f978c65978dcfe865082509b73e5d18ffe4c51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38927
last-modified: Sun, 19 Jun 2022 20:22:00 GMT
server: cloudflare
etag: "62af8568-980f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSt9gG%2FrRgGC6I072a2pZt0x%2Fyvs0jT%2BdMQA5cnywBqWkPiaprJiBwyievHQuxI8XjVyFn4W%2BLcPdYqNl4knhI6t6hXfenqisR0X5bH%2FwnXYsOJ1TCEVcSOXb%2B8XNgvHU1Vl7tE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71e11ff9db0f3751-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 133ms
49ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1345231921&t=pageview&_s=1&dl=https%3A%2F%2Fznaj.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B2%D1%96%D0%B6%D1%96%20%D1%82%D0%B0%20%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83.%20Znaj.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1484215504&gjid=1904489971&cid=647516359.1655692671&tid=UA-108263001-1&_gid=1846340346.1655692671&_r=1&_slc=1&z=582957996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 276 B
390 B 58ms
58ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=znaj.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b8f35632fd3ef196505506edc4dc56aca96049bacdb954ec64dbac1f83f4eacb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 276
expires: Wed, 20 Jul 2022 02:37:51 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 038F 5 KB
3 KB 182ms
59ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: f6c7bf8bad6257bc516a24ed90d7e0761be42fcc3a58286166478a886d7c241c

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2720
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 02:37:51 GMT
etag: PRIVATE7520710249
expires: Wed, 20 Jul 2022 02:37:51 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 121 Show response
aixcdn.com/p/ 257 B
795 B 134ms
69ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/121

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165570

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7b7dc029aadf4c26e5ad370b70c77c812936e206519fb854123588c074da9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54915
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Jun 2022 10:32:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9C9Lpa6XCiEQqZEuMCDIEe4QFeT%2F61Ve7mnfuC7%2ByZlrtAkiDnyF9P1gb5EiuoV%2BdjNcaU7TWxLN%2Fn02wD%2By%2FW1MQsi%2BIIBLhPVrMWlBw%2FtPA7aF67wFRzhpspM6d7wfSx%2FlOsnhjWuO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 71e11ffafe3d0f86-MXP

GET
H3 200 97 Show response
aixcdn.com/p/ 23 B
676 B 132ms
68ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/97

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165570

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54915
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Jun 2022 10:32:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAeU0R%2B2EXF7BheMq9US%2FcrgNpbfO%2FC%2FLjsv3G4KbfXWsey3I%2BOJrpoFX5UiLgJkYvzHcNwoOyLkhlO%2BufAqMTjAYsNg1F48vbLfVhcJNqpqtKwf7WKYAvc32i9Dhc6q%2BzRb6bh9BkOX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 71e11ffafe3f0f86-MXP

GET
H3 200 194 Show response
aixcdn.com/p/ 2 KB
2 KB 143ms
79ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/194

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165570

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54915
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Jun 2022 10:32:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHeO8wk4TDht%2FX%2BmRagtdjJ5KmbkYRMbJl5qeAxYylYOmUhlRr5Xb2NBfFA8QCPwYPUuEOd%2BWe1LE6gZjhr4YkZmUIQDsV9JaOyBOfEJX%2BgZjgtdzfDKvYCz7QpM%2B6qeJq4nHAZYRtRu"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 71e11ffafe410f86-MXP

GET
H3 200 pv
s.getstat.net/ 42 B
786 B 170ms
101ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.getstat.net/pv?u=https%3A%2F%2Fznaj.ua%2F&d=znaj.ua&s=&t=&l=uk&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=1&r=0.44709999299131153

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frUzlHuQuwthSCvLI0DdbCFgQbMyzI55sLMAW1Jv6xZzv8Y5C3GqwtbLc8eX%2Bd2WSYk1%2FJAVivGeDJZjqqARGwZDahi3DPC0Uc8L4W6JBeFWdu7rtcEPcHYCI9KGoyRBc%2BPqRIgVUxnn7daS"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store
cf-ray: 71e11ffb1ec659fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
439 B 106ms
35ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-108263001-1&cid=647516359.1655692671&jid=1484215504&gjid=1904489971&_gid=1846340346.1655692671&_u=IEBAAEAAAAAAAC~&z=1252654278

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 20 Jun 2022 02:37:51 GMT
content-type: text/plain
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 branding Show response
a4p.adpartner.pro/ 11 KB
3 KB 184ms
59ms Script
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=1582&0.35560695289324795
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: d46ceb2bde60881fb19d81ed006513a18f1fa2428fe60af86e50e308a13f298f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f71992763841d0332af83ddd0a20e8fe8bc3b27240e01a595f1874facd0fb75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28067
x-xss-protection: 0
server: sffe
etag: "1250 / 681 of 1000 / last-modified: 1655503512"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Jun 2022 02:37:51 GMT

GET
H2 200 ym.js Show response
cdn-b.notsy.io/zna/ 331 KB
105 KB 149ms
41ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/zna/ym.js
Requested by: Host: aixcdn.com
URL: https://aixcdn.com/client.js?165570
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 53d663d90e71c1a13c8fa7114e48153feb6f6f5eebdc06a9f7e761834cd5a91e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 250
cdn-storageserver: DE-51
cdn-cachedat: 06/10/2022 05:52:47
cdn-pullzone: 139012
server: BunnyCDN-AMS1-879
last-modified: Wed, 08 Jun 2022 12:46:31 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62a09a27-52bcd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 9ffbb55d11b846c1865151eac37108ab
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 147ms
57ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=647516359.1655692671&jid=1484215504&_u=IEBAAEAAAAAAAC~&z=306820947

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 155ms
53ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=647516359.1655692671&jid=1484215504&_u=IEBAAEAAAAAAAC~&z=306820947

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1655692671299/
Redirect Chain

https://gaua.hit.gemius.pl/_1655692671299/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&...
https://gaua.hit.gemius.pl/__/_1655692671299/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%...

169 B
424 B

157ms
157ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1655692671299/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Xq_KEOGccdAD0iMPa4NeTooJX52epR4ug9OMOqu60ZL.c7GCWEWz42hZClnhIyd2CH1zaAyPJaTYu9N.7VVMLgMkWzK1/HW.8soE1fZ736/&ltime=213&fpdata=OHHQxN_F6IPfjoxMkFicSaGbdQUrLodFzzEYPhW_IEj..7&fpcap=
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 58eaa225ef9d2deb542358436f546b535db18da07706aacd69b6c806ada48f1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:51 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sun, 19 Jun 2022 02:37:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:51 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1655692671299/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Xq_KEOGccdAD0iMPa4NeTooJX52epR4ug9OMOqu60ZL.c7GCWEWz42hZClnhIyd2CH1zaAyPJaTYu9N.7VVMLgMkWzK1/HW.8soE1fZ736/&ltime=213&fpdata=OHHQxN_F6IPfjoxMkFicSaGbdQUrLodFzzEYPhW_IEj..7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 19 Jun 2022 02:37:51 GMT

GET
H2 200 pubads_impl_2022061501.js Show response
securepubads.g.doubleclick.net/gpt/ 370 KB
126 KB 149ms
40ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28aef55dcb709a65e43a106aa1ccca41e80b48ae2da0241c6d5467e300e3280a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 01:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128507
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 08:34:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Jun 2023 01:04:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 308 B
784 B 155ms
50ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=znaj.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55e3d7b435220567bd3fc6cb2cdc45264e1baf76b96190cfacce62f106c5320d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147
x-xss-protection: 0
expires: Mon, 20 Jun 2022 02:37:51 GMT

GET
H2 200 branding.min.js Show response
a4p.adpartner.pro/apstc/ 13 KB
3 KB 60ms
58ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.35560695289324795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
cache-control: no-store no-transform
last-modified: Tue, 15 Mar 2022 16:47:24 GMT
server: nginx
content-encoding: br
etag: W/"6230c31c-35bf"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame D3B0 0
0 807ms
806ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=0cb3861d-d555-49d0-a09f-2ae506fe8d60&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.35560695289324795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Mon, 20 Jun 2022 02:37:52 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/branding/ Frame 90D9 5 KB
2 KB 61ms
60ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=14268315807555876&apuid=7e525fdc-1b91-45d2-bcb0-75e1b02d96fd&session_pageview=1&session_id=0cb3861d-d555-49d0-a09f-2ae506fe8d60&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.35560695289324795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 1cdf135a9708c898def02b41ef7feff10ff1b33fe51ee4bb1bb1e7f2dc193358

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 02:37:51 GMT
server: nginx

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 144ms
49ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 20 Jun 2022 02:37:02 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 50
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
content-encoding: gzip
x-amz-cf-id: uAMb5UkTj5j6Ej-6PClD8VVliQng_tJpedeReB5UbY4LupI7G_jKoA==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 197ms
95ms Ping
text/html 138.199.37.230
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?ZNA;desktop;;main_page_desktop;f660f7|9a4b76
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-230.datapacket.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn-b.notsy.io/video/ 202 KB
66 KB 43ms
41ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/video/video.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 2eca65c53dd9bde738a3f90724e5fd5156756d9c4c6ec5a5934b17f14f389ec9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 224
cdn-storageserver: DE-198
cdn-cachedat: 06/18/2022 16:07:43
cdn-pullzone: 139012
server: BunnyCDN-AMS1-879
last-modified: Sat, 18 Jun 2022 16:07:06 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62adf82a-32639"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: ba20aefe7a6fac2a8ee5a82fede41093
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 150ms
54ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220620

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b743f9a2fbe125acf0961c59e7779eb45aad74d5517a11f02ca64f057151fb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41813
x-jsd-version: 1.0.1377
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19134-FRA, cache-iad-kiad7000084-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"664-EBQrHDDXEk1JdorrX6cwQphcpj8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BS1Lb0gSkPmK4VK3KvnBhiNyVeLk3pTb3TR5Y7nxBmb%2BHQjO00YfldeWpE2U3XF4L6avkSj4jXnV24mQG07ZsE7By8tqDOui09O82aWBX8X97oN8WfssNgjbfTcdiiXxUNhG7KjK63iHEfRusQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 71e11ffe4caccc5a-ZRH
access-control-expose-headers: *

GET
H2 200 / Show response
adx.adform.net/adx/ 25 B
482 B 148ms
46ms XHR
application/json 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEzNDAxNTEmdHJhbnNhY3Rpb25JZD1mMmY5ZmYzZS1mZjE5LTRkMmMtYjBlMS03ZTZlOTQwOWYxMTAmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTMmdHJhbnNhY3Rpb25JZD1iODQ3NWM5Zi01ODBmLTQzMjctYjM5NC1lMTYzYmMzNjhiN2MmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTUmdHJhbnNhY3Rpb25JZD03MDAzMDcwNy1mOTJmLTQ0NWEtYjk3OS01ZjkzZDE3YjIwNzUmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTcmdHJhbnNhY3Rpb25JZD02ZTgzMTQwYS1jMTg0LTQzMmMtYTZjNi1mZWI0NzNjMzhkMDcmcmN1cj1FVVI%3D&bWlkPTEzNDAxNjImdHJhbnNhY3Rpb25JZD04MDY2NTRiNi1mOGI3LTRmM2EtYTk0Yy01ZDJjMGVkOWY5M2QmcmN1cj1FVVI%3D&pt=gross&stid=1f7c4ef3-705d-4717-aeab-3fa0a5eed08b&fd=1

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f3f0b960f461d81b48d29ac360a0f3553add3be3e891fb67878b4f11a0822339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://znaj.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 80 KB
19 KB 244ms
167ms XHR
application/json 185.33.221.119
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.119 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

nginx/1.21.3 /

Resource Hash

018323bd2dfca53e21945028760ea3c61357f11d03fcc5b59c1924bdbad5af9e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 20 Jun 2022 02:37:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0d91af56-6c90-4f04-8a65-7bdf69e175e0
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 258ms
99ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309704&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=f2f9ff3e-ff19-4d2c-b0e1-7e6e9409f110&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7106982920380867
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f3d298b16922005b0e51249d516ab06336af93baebee08d20353956b91009966

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 255ms
97ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309706&size_id=16&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=b8475c9f-580f-4327-b394-e163bc368b7c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04659645426931247
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4c7bdb96de1645e33df5ded331246015dc1b5ef9073379f5b1a33ffab154bf8e

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 265ms
108ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309708&size_id=16&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=70030707-f92f-445a-b979-5f93d17b2075&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15126306966088676
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b05d03480511cb5c223aa9dc4f563a8a9b2d9d6a1360218754fbbf9995bd48ec

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 252ms
93ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309710&size_id=16&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=6e83140a-c184-432c-a6c6-feb473c38d07&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5068543760966124
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a93eb2f287e89a77d377cd245ee2168092a994736532271e4c2fbc87eed1d8cb

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 365ms
145ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309716&size_id=10&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=806654b6-f8b7-4f3a-a94c-5d2c0ed9f93d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5847014425502661
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 27d6b6cc1ece4626e3f342e76d1203d2dddd66680ae7b6290c5a2a4ec7a65f73

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
209 B 117ms
37ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=41413599178

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Jun 2022 02:37:50 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
501 B 210ms
117ms XHR
application/json 18.197.83.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fznaj.ua%2F&tmax=1000

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.83.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-83-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:51 GMT
accept-ch: sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 8 KB
1 KB 528ms
280ms XHR
application/json 2a06:8640:764::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 626dd7d975bb08163c0f9b59cbd12e14964ed421d2cb0c9d76e27e642d40b863

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 20 Jun 2022 02:37:52 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://znaj.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 909

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 384 B
426 B 256ms
256ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8217,8220,8221,8222,8223&sizes=970x90|728x90,336x280|600x280,336x280|600x280,336x280|600x280,300x600&referer=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 458309b3b6dd63beba7199e1c36a9eacac598c59986a9e1fabfbee932b8c89cb

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://znaj.ua
date: Mon, 20 Jun 2022 02:37:51 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 90D9 49 KB
20 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=14268315807555876&apuid=7e525fdc-1b91-45d2-bcb0-75e1b02d96fd&session_pageview=1&session_id=0cb3861d-d555-49d0-a09f-2ae506fe8d60&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5582
date: Mon, 20 Jun 2022 01:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 03:04:49 GMT

POST
H2 200 branding Show response
a4p.adpartner.pro/ Frame 90D9 772 B
448 B 62ms
62ms XHR
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=1582&session_id=0cb3861d-d555-49d0-a09f-2ae506fe8d60&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=14268315807555876&apuid=7e525fdc-1b91-45d2-bcb0-75e1b02d96fd&session_pageview=1&session_id=0cb3861d-d555-49d0-a09f-2ae506fe8d60&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 3e6eb089aade1932a634c0b0e2aff1b3993ea1775de672aa8914f47e1a5ffba1

Request headers

Referer: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=14268315807555876&apuid=7e525fdc-1b91-45d2-bcb0-75e1b02d96fd&session_pageview=1&session_id=0cb3861d-d555-49d0-a09f-2ae506fe8d60&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 geolocation.json Show response
cdn-b.notsy.io/ 3 B
648 B 123ms
41ms Fetch
text/plain 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/geolocation.json
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/video/video.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
cdn-edgestorageid: 883
cdn-fileserver: 309
cdn-storageserver: DE-167
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cdn-cachedat: 06/09/2022 15:54:31
cdn-pullzone: 139012
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-ym-country: GB
content-length: 3
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "622b54c3-3"
content-type: text/plain
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: a1c2c3690e3442acb914785364bbdd60
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 153ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 154ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 02:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 896 B
533 B 256ms
169ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3778609910102664&correlator=4288047099000997&eid=31067913%2C31068114%2C44742767%2C44752585%2C42531606%2C31064019%2C31065517&output=ldjh&gdfp_req=1&vrg=2022061501&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_WEB_INTERSTITIAL&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3438404882&sfv=1-0-38&fsbs=1&ecs=20220620&ists=1&fas=8&fsapi=false&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1655692671778&lmt=1655692519&dlt=1655692670855&idt=897&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=647516359.1655692671&ga_sid=1655692672&ga_hid=1345231921&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2093c1afaaf1e83ffb5690543efb55daadf4227f375d98b7ce036567f1a053e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 503
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3138 6 KB
4 KB 182ms
53ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 02:37:51 GMT
expires: Tue, 20 Jun 2023 02:37:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022061501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 127ms
43ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022061501.js?cb=31068114

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

sffe /

Resource Hash

335b4741c751ac4bb947ebca0e29ae33be037def432ea7b2fb4488ed8d8cdd74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 17:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13544
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 08:34:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 17 Jun 2023 17:30:46 GMT

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
487 B 82ms
81ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fznaj.ua%2F&pid=SkL6ewutnlS4k&cb=0&ws=1600x1200&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22ZNA_ATC%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ATC_970%22%7D%2C%7B%22sd%22%3A%22ZNA_ITA%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336%22%7D%2C%7B%22sd%22%3A%22ZNA_ITA_1%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336_1%22%7D%2C%7B%22sd%22%3A%22ZNA_ITA_2%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336_2%22%7D%2C%7B%22sd%22%3A%22ZNA_SBR%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_SBR_300c%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:51 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 6RWNFQZXSQWSG8R1WX8T
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 06dVgPjpazQdG3AQjOWckUR459CTlME2rD9qerpPXsF_cqvZgYRKmg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 125ms
42ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 05:00:07 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 77865
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 16 Jun 2022 07:15:00 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: V0pVBg0mlfLR15rr7Wd2OdbBwvWb7BSE
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: Sm4izuPWBMpjF8XDriRSpe_iaj6gaMQaXzj_6bYjocyv-dokyuskwg==

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame D9F4 0
139 B 58ms
58ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25227e525fdc-1b91-45d2-bcb0-75e1b02d96fd%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 20 Jun 2022 02:37:51 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame F355 0
139 B 59ms
58ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25227e525fdc-1b91-45d2-bcb0-75e1b02d96fd%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 20 Jun 2022 02:37:51 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 /
c.aixcdn.com/ 42 B
393 B 119ms
107ms Image
image/gif 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aixcdn.com/?2120&3224&4137&4166&r=4868

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pikD1KmTqoyRYbAdUQAqOpsuwZtPwQpA7elJat5O5dCYc5MGO97yXevt27RLlMKQu5jxi600nHge%2FYGTpCIcNMAKcwFt5C0PdZfyMqx6xKfieiREVY4AP6t5y2%2BAZJFMGNz051cLsWEhl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 71e12000ef50839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 132ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 133ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 165 KB
47 KB 336ms
336ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3778609910102664&correlator=4284704472406099&eid=31067913%2C31068114%2C44742767%2C44752585%2C42531606%2C31064019%2C31065517&output=ldjh&gdfp_req=1&vrg=2022061501&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_ATC_970%2CZNA_ITA_336%2CZNA_ITA_336_1%2CZNA_ITA_336_2%2CZNA_SBR_300c&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=320x50%7C970x90%7C728x90%2C320x50%7C336x280%7C600x280%2C320x50%7C336x280%7C600x280%2C320x50%7C336x280%7C600x280%2C300x600&fluid=height%2Cheight%2Cheight%2Cheight%2C0&ifi=2&adks=2184955199%2C1604177946%2C1670658071%2C2070129014%2C3542710887&sfv=1-0-38&fsbs=1%2C1%2C1%2C1%2C1&ecs=20220620&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D437fc5cdeed0b07%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D437fc5cdeed0b07%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D4457d001d37a165%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.00%26hb_adid%3D4457d001d37a165%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D45fbc643a7a737%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.03%26hb_adid%3D45fbc643a7a737%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D46c6dfdcd593912%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.02%26hb_adid%3D46c6dfdcd593912%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D477747da94bcb6b%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D477747da94bcb6b%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D4fc7cfe475bfd592-229b470bb7cd0074%3AT%3D1655692671%3AS%3DALNI_MY0KU9F8Z7ecj4wi-tFAgDV85aewg&abxe=1&dt=1655692672200&lmt=1655692519&dlt=1655692670855&idt=897&biw=1600&bih=1200&adxs=315%2C-9%2C-9%2C-9%2C-9&adys=147%2C-9%2C-9%2C-9%2C-9&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C2%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0%2C0&psts=AGkb-H9KPAIQOSIcQCK5mXMxwbWI2HaNc_4lyEooqua7EXrY&ga_vid=647516359.1655692671&ga_sid=1655692672&ga_hid=1345231921&ga_fc=true&btvi=0%7C-1%7C-1%7C-1%7C-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b857d92d6ceb29b88b5211f1a2bd88b0bddae2e9cea8ea75cca42b78f0bc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48124
x-xss-protection: 0
google-lineitem-id: -1,-2,5951414560,-1,5950108731
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,138384284442,-1,138384524013
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 161ms
64ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022061501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f184e61bf6adb06f274d03a227e628e2376c3e2c674aad79b800a94be6a85637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10751
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 161ms
62ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 02:37:52 GMT

GET
H3 200 container.html Show response
fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 82CA 6 KB
3 KB 129ms
42ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061501.js?cb=31068114

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 02:37:51 GMT
expires: Tue, 20 Jun 2023 02:37:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 182ms
62ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Jun 2022 02:37:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2482 13 KB
5 KB 126ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 5600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 01:04:32 GMT
expires: Tue, 20 Jun 2023 01:04:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2950 783 B
536 B 132ms
48ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f5eb395bb62ef58eda0ea8e8612217e82346d3618a0f0fb2d8103b00d306e9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WYmwCGyuuA8gZS3r4L0dZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-WYmwCGyuuA8gZS3r4L0dZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 02:37:52 GMT
expires: Mon, 20 Jun 2022 02:37:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CB18 624 B
733 B 141ms
51ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEN2P3pgDGOHeissBMAE&v=APEucNVt1XQ8NcwofE8XgI732pO2ZV8OuuKPezPKDd5X1qh-SOSQ4cpMs0F5h94S6QLfKXeN3va-JNvjRCGy_0ZLTQyMZ5xbQ4xGzZvMAMpMa30OToMhnknigH522h8OX3wIxZ3WE7rYu9RnA7wwLc7xf4W2cD9Ep104qNlCqKhxpPCCQY3O008

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 02:37:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 82CA 14 KB
11 KB 160ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTiOQj-je_Visd9HsOh5F1qwRqFuYueD4VIWYIoE6MUzoYBpPdfRAjWRJZC3gjDraoZIkM2g5tvJSiGrZR20Vie1whLXMynD96DJUco8ZZlgDdPQjpDqarv1fjLtGcfdppCduuk80xt2cNBWkNLg5vDCgVrg&cry=1&dbm_d=AKAmf-DTYZWerGiMaIYIkUIkxXIybxXxGCpax-Z-P0lqqfwN5_fgufsK_J-6nACx0CfgFvp520BAkx_tdqAxdqoDxZ_z643693-aa8NwG3-hHEO4IkndqwUCoo_zHWHvJWcXIjZIL-BrSND6EudaO4rryH8N58cAqSYeozOqdKdvUY8mdTH8-HwUxMdO5cXLdsQN1sRVVgaCBiOb54Nk8-8fniW-Ita07-ge8Yemjqm46SgcQfyWtKSeJO9sosG_9XzKvlyC2N3lCdFpKDmF-aBi9W6UbrxZ7c21Opjzb4rdNaRIKnX-ulEw3GKUolLEAi0h5HC2EiKPlBG-gnFIRD018V04giqWPmeUJBGeKCg_TQLlG_6QkDvikxPIuGey-ZUF5UgKK1LJAKWUcKDBQO7frnsyIIKfTbPIWKzD9GI7jx3nq5XCn-xF7NCTX3bnSCqIQg-Spo55QF45hRpA-MPhZwaYfldUeIbAl6MnHDZ_mmsa0B6BlUVrSmJ8zsUVajQ0MTR_pOTDY-ybtdIfWCHYNBtVGf-BuyepjaxIeHhngJ_d1BA-MirHRGszDlwT_DFlENpqNYc5L4eJEmJPx3e9LRmLFqSytIl-XwktSVChjFu_i9Wjq9RJCAPbjbKcVuR3S71_WV2mznoxQaxUuNB4qz-o5MhDffcdoyCvain2DpbJNQ4ygOcCl4HLJJKTBDWszPW7qZgRZhdwWmnZq4jnMVITi4Vdqxa-57O_i2ZWplz5m9rWQqSUCnbQuH9cmRTTHUA1_jEsMqB79-Udss4bSNdcTWnhiXICtGMHRDF-Jv96GJct8on0MHn8KvUIj9QAM77WoLTlL6cvRVyLlcPEMG2rHX8NreY0yMd7Kuy3XA-ezURTOd_WyhwdtKTH0P62G_5wBPF4yewnyeFZigd48GyuJTcGP6FdJnlHBIfAsidKcFMheEwkLkpy377lhAqcHc--xS7zR2iYfOZcMfIq1dZvDwX-y2QtT6GiGgJc_I56saHsa6nEB_mfpU6QrjOmS7fLU7RnX5G2HU1cY_4mB_ICOP6DYoivA6eGIx3Jokv3_q4Hn2chkfb0XEJvf26ktdGWlrlW6728kIFsVRo8zvMOGFei1-SD_r98k8TSorZZem9atqzNsFFTEnQDwfzR53RGdp8Ukr-TDYJOEdhPoUm0qMDCYfXoWnjLiHFXeIdrETLQKv20GkyHNnQEs1bN9Ch-uP1EPLQYAW1wdaulY2f5gMtnynMjYQ-uztA2gRnt4SddMvwl_M3ElQnkkgYreno_NcRLj6LoLn-IGyHovw8Nlmmd2O7vsUFrR55AwwIez6vbP65KP-Ga4ldbChhjm9CIz85X9TxV5Xr5yhhaDUICueHZLEO3YAhPStohyzMt86w5G0VLS9hGkSwkfVkf1QaWOELARVxRxOCCjMcdPnb5XnefEr0IcSl0hYrxkB96vp1bYmC-bFyLPPyP8KauYvd8aG7ITRGQ51Vc9rRXJx3Rus81Y75cJjKpfFUs2ZhcdoS5kdd92jvT3az0D7-FJwpcU5r0SSTXcBmpVlDo7niQRSJHbyif4EAZufHO3ABq9lqTzYhWjGaIf_i0vd8PtluDfAAprO6xi3DGmqi4BBN02H9oHr3Uab2-Sw23fa1fOOuWWe67PYZRaBfVXv0FVyuiychYabooa_qwaenBOtdmyTczI4zXGS8Ef3SLTvJYjX9xng6GcL4AUMS-aWEzMvF7RJrosmG56h4LYdPrVoeRDVHosZ0f9_bgM4Td0mpMrAsz3roYPwSS1Woek-mmFiOJ0uRNZkIobJcVM4F9Vm4SBRsBekPUdoCRGE5djGcWJvQlFTOFbcttUwoozQJERUDtuauvu-h2kANLmII0BmGVNkhFb7tSLSrXZC4R3bVUWv7mbDikv92wKi3KA3NHzv08NIyny8d4XoSwUyu5jxMslRghpmDVtj10ANT73uFWFggcjD7ArqXp4wBZidBjmWpayglSh0srR5d58T08iDtvOsDzLdVpImu437gwtTvbegApgk8Vc3KDEJ0yulfzdTc2ewH0VOi33Vd2h_z47dEF-42i5Qdf4W7gGy-YpGmttK3OqAPlUEC5AgG5fzW9wRevFiVXX6qDn0hWMUgJLg4uHxtD3B1GfcGkmnr1_tFRii2wxb6JmYaygeypS31LjXbMClkMyvjNFHuKJp7j5c3TAQlA7wtUQvBoyKmSvZbzicSQR07FUQEJOemq9yPSzs5ZmcNQa0F5lxRYQQb3bc9R1xBbEv1d7PPKpJIETLxC_2XDqoL9iHK0V0p9dgwK2qmA-MNLUbojhtvbS5c-hzuscVLEOaOzV3u3a4cNVPC7N7lb89bmjNDk5NksWY7GKgFFOT7Z1pvjvmyPUXN0Knr9gKJWY2lJPD0p_VEPIUWEAwrefHIP2GtFa1CoP7B8yXPGX0ZNTMiT8XKC5RVHYgVRu1GAb45rnVSyg8rKEeyYfL7uyOa8GwPUd3MN3m-z1NRLSFwwlkQvEJvjL31SSvgiHvYZaZg6D1_9f5-TnzsIzzJyBRQAxNHWaJp4fNBbIUW8cZvGQfHeGE6h-ChlTsR3XPBlpQnE6WaJDZeULIiyLnxCt032YesP4QQ3-jg1zdoaASP6CqeOPry1XV_8vHSs_JXiJsHvHHyg_Pv7Irwu1BJ1xyQ&cid=CAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMQ&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b271338af35b0fe70fa91019de735f284923f60d019cb45bcaf906f879b3570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10725
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82CA 42 B
63 B 158ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5klaCZjmF_o5MHe830-abUDXa42UOouNqbCSQ7P3fW8NiOIPlo7prbMEavuQeSUt_E6u5osD8MdYhOVoYTIFsUA7K2OGnm-VsXEwrKZOkahihFgU

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1004046/63413776/xbbe/creative/ Frame 82CA 241 KB
74 KB 146ms
44ms Script
application/javascript 52.18.137.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1004046/63413776/xbbe/creative/adj?p=APEucNXTmEbiYNPJp28_5AdC_wWOVSNTKK0r5s1mwXZFZzBcDhoFoz4&d=CnkAoCZ_4NdeKdRBrkvTJoHgadaTAUWYjS0obtwI5smOtEASufJaI_Pggvigs83RLkmboYC9rQvc0F-_ewraVGcEO3OaFZBGDMgPa1KTLZXJU2HSN6oB6FTyf6zbneAAOcW305WR2tIL8Ji8-yQuCMqev5elSLNyivXIEtkTAKAmf-BFDTyTBtyfMybBYXQjceuWUJqYnxr82SJkzLyw6fXjoaRz3fk-q4J8LW429-bpf46cF9kD3AwwjFIpFusoNelDBxRHXY89M_nz96Sh1D6sEc9GtgD8AC6c9bL6WuIvcnYVsb--Qan4NMyI_UwbGec5yxWpWN8lhnYhD9UpAv5C9XaCEfhZHDGA-h3M6Z9yzEPoMiF7gLyP1I46TuQpIziRJYGDy8kiIswF276MEpJQTRS5OQy7hqKL5-Jgdnk5bJzcLQVUw9GGX1y37Sg8xbP4bgMz_zbOGxfWc_FYUaX0QKVTFKQ9Pp53ukKnmZ-46NrxQKOnoKHrJVWoBQAF7MWcVVNZZDvAz_jIwZpLvK6vNaMtox03Nuy13wwWHS09uxeVeGdIMi8Hz7SksKDQ1YpNUIk6U9uNJXOq2rU7TqGE26FGJPoPImfXYgyaYDkd1t688ztxzHbgo9hheryi1IvyEAgK720TxLZauj_gb41hE2ZUMfsKaQjiLhEhGf78huPHUvXzPt17fbJs4pUankaVczE9-c68sSuLrNfR4zRQ-x9RXFHy0n_P3moA_Y-59cIWL7daPz51HqaVsZU1ZLraH0cpSjo8cTJuZEo4rQMTDIUF67dkNXtRQZNSHyk5FKYOIVbtY2uQhl816XuYxgpnr5zofEBri3Jxnp8vqOPyc23laTxd7NkG9fAdcrBCUGe9VSVddR0A_30i6WAX0vvDXwidcZpsjqfLWxAVMN9I3xZDj63EF3sVopbHQU1fcCv7VnT2Z7QEISEV5N3qlLy8Ze67MkFJ4J_RELZFy4VB89tXg1s77GGbTpFTnbRoBn3n7VaTCnTPwmUhNkgP2YtAOO-UlzVe22r0iKFeeYN17mid6smfE8AQRvUbp5Av7NM8uhM0QLc12Qw6f8synbL7vrDqvpRyx0Tgpp474pPmE46Q3F8mDEP_r2IasMsfw-lSIf_P7TBl6ioMgJ4ItGMu-Z_f6zEVJSykuta8b5noQ87ZyoXErXqSPiGgyOyKW9i4pG2HcFqKCylSVEZjwflygTNO_BihYvJQ3YAmDTOlD_OzBDatjMNiiyleveDB7nsEyXR_FWPTpKsv6X5RkeYJgupqll4loxzlEHGYp9tJSgGZ_BsmO-XOtwwGuGzqfOcI4X88XcoXTxqfTRfT18zASTTH2-xQ6OnJFy8WMggAHfoQ86KKfSeMBZXRg_HWyiB_1XJMK8nDAXvDWbfJrUf6PC5NvxVFMzUgDrwNzPPMvlyPiRcODxj3PpFm4kV0dYdFbuEyFwgOKMXX7NbBmP9dzu7df0zm5J9f6kT7_HpYBbmiWmQ9L8yja9igNh2S3IyrAwxe_8ImpOdrWnMFF3aiBJPZFvVD8DG2729Decpq70j2b0K7oR83RdO6L9CP06J_uvH3Ssb-5PJFmZloY2uq_NcH_CB7gZHzFu5bbTQp6CBz7k4SDwrUUdN-JakEpTvEccOkTHuozs0CfoTa7HEQ0wDSWhBw-oMBapUeu0AL5jC0bXi_demfX3_5Ccih-fEMhA1CPqJGNnR4so1x4voEKjnUbZ-BHKO0sSs9b6xQwM6D6ZmC67OHXCwrA5Q3EmAOXqxtqLR_U-Nr3D3vvXmkd7s2JhrVUN43tkdpZtJwTwSMs50wR6SnY7aa5_yGpST26vw5ihfDNGRybi1u7X9oa-Ccj9raVVFSL5ZC5rQ4FgL7x21_qR894m_cIC6yyUNnouXjHUXJWlXa_NZJpjCT8IQDWio2xZv9du4BxBXS4TPdxVRo9dF7v4eArW2ftc52IWp0iRxD0HuDRY-_D33ZBNRF8-Lm9gL_JscekOqF0L2TTLAKACPc1e4KiIfEjFW5UWB6JOWz3yGYkEH4IDkZGiIG63wDTtaSYMWb4ZM11EB4pS58vQDOK7Id3QMO19E7RbMXuBuUfHyGTgxGX4fF0a6LwXicWWNODqjp6h7u84n70ORd6d4969IK5KfDU4lwsEGBnrXAHtIAPPJqjCA3KC9qGDTtpons0h9hBE5HVnyM3_OAcq-6d9XpqvAdgHYfrMyi0WV91FIPDhsNXzy-zegbhnfMymOkoEZnucIOhrF7IiB3osksBbbjz10kiNp6XZtSCuw5UHOa-AvLqj9xf3B3UdU9BuBL1y2QAxTAFDxo7M6VQGe46ju7QX7vX-D57RpbAFtY_ijiJBhzbh3cupExktMs-cSTaePXKMzwiG_lGq5xyKAZSHtoga9vjq9gpwY_7qnpHTPk3PPpaWY3KaKb908pSsZVbSBaeiVCd3_ntlDOYySsBv5BrkTk35YYGiQsza-j1c9OKjvVA16df4Vpj7PkxZaRPfHh4YOZCpLxt3OZi1QKR3eSzntiU76R2h8Ow64QvRoy0FvCinN5X-yUE7qi80e6gyqsOmsCQh9PwpdSI_gsE4in9qzQOWJndBc46ECV3DFW8VL0pHVlLFk8M8CNkDuUoGtyMwnogyqbEaNPo29byVStrJgPQ3jxgw9KLF6P-NORvNzoC2f1RTpkG62q1W-EkuZZpUVMIPmgQ48jZghnspoEA9Dr05yUvaK4eoF2petw3oc5khGgxFfLTyc5fqPwb_8eKdCa4pfti6RsfjDcEOxIGXbP8iluaHdwdSIqk19Coyu0NdEb14w9aFzu_Rqrgq1M1bSwCgeZkcDRVjsU_-Gvy_B5fuTh4p3OBy9ovh4RCVh2dcSed70vZjISS6PM2yZ82wzPVyTC9Eh97lkTdACTRLUC4J77tBZ9qet5QuOJy2izjb0fAiyqv5VxeAYfZbVp32jMlW8Hbp1gWNGdTEGOqJEh3bG0DB4yjJVotEMv1LkPzbNwRUl_9GUfBC7a6i0WdbfteSHzpSSBrmlb4OZOmh_c2C3L5aL8eRyV0hi5BlK-3IPLrA_Gaj3DWFTUwNAJZnS_XLqxq7uibBKgf6zg3gOWY7jcgkUvdMtpUR212h6mXkuuEmfr6h6GOrGzruQX3WCqejQbVmgmIlsp7VShvqI406AJoeOKhdoOLGME3x8PbVlWDpjsjFM9pV3VOFfuhwolqCm90DCOLPCcQECPV4Owhu2PTZKJkZxdyGqFcgecF2uTxSlEs-IVHGhIp7cHWfL0HdKEo4fRqdv3z0G3HFOvBUvPPwE4okMw7iYDw2HD8eiD5LuKUSz_jKRpOLomi4LEQixWvD-o3_dZ_SmyGrM_RbS7fcTgIgwzyeqN6qF5TcWpWyeTO6Bhn9yb3y7996fVXxtswip8GkMyNSAGOrjh7eWQgrYe6nEwiiSJyOdMuQkRvx1w-FU__0Exf9P6yEOxHtBD_pmqm38UGKSjp7Bjljk6IPDJDQuI9YB0eZP8nzeE0b3_yRooCAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMWAB
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.137.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-137-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 73454af9157242d4c1c3611153efeebb95e94935f3a9bd1b55cfc763cd3d66fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 82CA 3 KB
1 KB 56ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 02:16:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82CA 137 KB
42 KB 148ms
66ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 02:37:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 82CA 17 KB
7 KB 49ms
43ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 02:16:59 GMT

GET
H3 200 KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2482 36 KB
14 KB 54ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 01:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14007
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 01:04:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2950 0
0 103ms
93ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022061501&jk=3778609910102664&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CB18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1&C=1

43 B
781 B

88ms
88ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEN2P3pgDGOHeissBMAE&v=APEucNVt1XQ8NcwofE8XgI732pO2ZV8OuuKPezPKDd5X1qh-SOSQ4cpMs0F5h94S6QLfKXeN3va-JNvjRCGy_0ZLTQyMZ5xbQ4xGzZvMAMpMa30OToMhnknigH522h8OX3wIxZ3WE7rYu9RnA7wwLc7xf4W2cD9Ep104qNlCqKhxpPCCQY3O008
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Jun 2022 02:37:53 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Mon, 20 Jun 2022 02:37:53 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CB18
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq-dgevhSuQWzqasaA8d6AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1

43 B
781 B

50ms
50ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEN2P3pgDGOHeissBMAE&v=APEucNVt1XQ8NcwofE8XgI732pO2ZV8OuuKPezPKDd5X1qh-SOSQ4cpMs0F5h94S6QLfKXeN3va-JNvjRCGy_0ZLTQyMZ5xbQ4xGzZvMAMpMa30OToMhnknigH522h8OX3wIxZ3WE7rYu9RnA7wwLc7xf4W2cD9Ep104qNlCqKhxpPCCQY3O008
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Jun 2022 02:37:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMV_s018Y00XfhUtkY32VfQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CB18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOy9cPOXLFxRFf7fMgUtnjI&google_cver=1

43 B
1 KB

37ms
36ms

Image
image/gif

185.33.221.119
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOy9cPOXLFxRFf7fMgUtnjI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEN2P3pgDGOHeissBMAE&v=APEucNVt1XQ8NcwofE8XgI732pO2ZV8OuuKPezPKDd5X1qh-SOSQ4cpMs0F5h94S6QLfKXeN3va-JNvjRCGy_0ZLTQyMZ5xbQ4xGzZvMAMpMa30OToMhnknigH522h8OX3wIxZ3WE7rYu9RnA7wwLc7xf4W2cD9Ep104qNlCqKhxpPCCQY3O008

Protocol

HTTP/1.1

Server

185.33.221.119 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:53 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9018241b-0cf6-4448-be38-c157e8fb6642
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOy9cPOXLFxRFf7fMgUtnjI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CB18
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM1NDgxOTczNzU5ODY0NTk1OQ%3D%3D

170 B
502 B

70ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM1NDgxOTczNzU5ODY0NTk1OQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 20 Jun 2022 02:37:52 GMT
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ad2c6558-fc6b-4286-808b-e326f4e7c837
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM1NDgxOTczNzU5ODY0NTk1OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 82CA 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTiOQj-je_Visd9HsOh5F1qwRqFuYueD4VIWYIoE6MUzoYBpPdfRAjWRJZC3gjDraoZIkM2g5tvJSiGrZR20Vie1whLXMynD96DJUco8ZZlgDdPQjpDqarv1fjLtGcfdppCduuk80xt2cNBWkNLg5vDCgVrg&cry=1&dbm_d=AKAmf-DTYZWerGiMaIYIkUIkxXIybxXxGCpax-Z-P0lqqfwN5_fgufsK_J-6nACx0CfgFvp520BAkx_tdqAxdqoDxZ_z643693-aa8NwG3-hHEO4IkndqwUCoo_zHWHvJWcXIjZIL-BrSND6EudaO4rryH8N58cAqSYeozOqdKdvUY8mdTH8-HwUxMdO5cXLdsQN1sRVVgaCBiOb54Nk8-8fniW-Ita07-ge8Yemjqm46SgcQfyWtKSeJO9sosG_9XzKvlyC2N3lCdFpKDmF-aBi9W6UbrxZ7c21Opjzb4rdNaRIKnX-ulEw3GKUolLEAi0h5HC2EiKPlBG-gnFIRD018V04giqWPmeUJBGeKCg_TQLlG_6QkDvikxPIuGey-ZUF5UgKK1LJAKWUcKDBQO7frnsyIIKfTbPIWKzD9GI7jx3nq5XCn-xF7NCTX3bnSCqIQg-Spo55QF45hRpA-MPhZwaYfldUeIbAl6MnHDZ_mmsa0B6BlUVrSmJ8zsUVajQ0MTR_pOTDY-ybtdIfWCHYNBtVGf-BuyepjaxIeHhngJ_d1BA-MirHRGszDlwT_DFlENpqNYc5L4eJEmJPx3e9LRmLFqSytIl-XwktSVChjFu_i9Wjq9RJCAPbjbKcVuR3S71_WV2mznoxQaxUuNB4qz-o5MhDffcdoyCvain2DpbJNQ4ygOcCl4HLJJKTBDWszPW7qZgRZhdwWmnZq4jnMVITi4Vdqxa-57O_i2ZWplz5m9rWQqSUCnbQuH9cmRTTHUA1_jEsMqB79-Udss4bSNdcTWnhiXICtGMHRDF-Jv96GJct8on0MHn8KvUIj9QAM77WoLTlL6cvRVyLlcPEMG2rHX8NreY0yMd7Kuy3XA-ezURTOd_WyhwdtKTH0P62G_5wBPF4yewnyeFZigd48GyuJTcGP6FdJnlHBIfAsidKcFMheEwkLkpy377lhAqcHc--xS7zR2iYfOZcMfIq1dZvDwX-y2QtT6GiGgJc_I56saHsa6nEB_mfpU6QrjOmS7fLU7RnX5G2HU1cY_4mB_ICOP6DYoivA6eGIx3Jokv3_q4Hn2chkfb0XEJvf26ktdGWlrlW6728kIFsVRo8zvMOGFei1-SD_r98k8TSorZZem9atqzNsFFTEnQDwfzR53RGdp8Ukr-TDYJOEdhPoUm0qMDCYfXoWnjLiHFXeIdrETLQKv20GkyHNnQEs1bN9Ch-uP1EPLQYAW1wdaulY2f5gMtnynMjYQ-uztA2gRnt4SddMvwl_M3ElQnkkgYreno_NcRLj6LoLn-IGyHovw8Nlmmd2O7vsUFrR55AwwIez6vbP65KP-Ga4ldbChhjm9CIz85X9TxV5Xr5yhhaDUICueHZLEO3YAhPStohyzMt86w5G0VLS9hGkSwkfVkf1QaWOELARVxRxOCCjMcdPnb5XnefEr0IcSl0hYrxkB96vp1bYmC-bFyLPPyP8KauYvd8aG7ITRGQ51Vc9rRXJx3Rus81Y75cJjKpfFUs2ZhcdoS5kdd92jvT3az0D7-FJwpcU5r0SSTXcBmpVlDo7niQRSJHbyif4EAZufHO3ABq9lqTzYhWjGaIf_i0vd8PtluDfAAprO6xi3DGmqi4BBN02H9oHr3Uab2-Sw23fa1fOOuWWe67PYZRaBfVXv0FVyuiychYabooa_qwaenBOtdmyTczI4zXGS8Ef3SLTvJYjX9xng6GcL4AUMS-aWEzMvF7RJrosmG56h4LYdPrVoeRDVHosZ0f9_bgM4Td0mpMrAsz3roYPwSS1Woek-mmFiOJ0uRNZkIobJcVM4F9Vm4SBRsBekPUdoCRGE5djGcWJvQlFTOFbcttUwoozQJERUDtuauvu-h2kANLmII0BmGVNkhFb7tSLSrXZC4R3bVUWv7mbDikv92wKi3KA3NHzv08NIyny8d4XoSwUyu5jxMslRghpmDVtj10ANT73uFWFggcjD7ArqXp4wBZidBjmWpayglSh0srR5d58T08iDtvOsDzLdVpImu437gwtTvbegApgk8Vc3KDEJ0yulfzdTc2ewH0VOi33Vd2h_z47dEF-42i5Qdf4W7gGy-YpGmttK3OqAPlUEC5AgG5fzW9wRevFiVXX6qDn0hWMUgJLg4uHxtD3B1GfcGkmnr1_tFRii2wxb6JmYaygeypS31LjXbMClkMyvjNFHuKJp7j5c3TAQlA7wtUQvBoyKmSvZbzicSQR07FUQEJOemq9yPSzs5ZmcNQa0F5lxRYQQb3bc9R1xBbEv1d7PPKpJIETLxC_2XDqoL9iHK0V0p9dgwK2qmA-MNLUbojhtvbS5c-hzuscVLEOaOzV3u3a4cNVPC7N7lb89bmjNDk5NksWY7GKgFFOT7Z1pvjvmyPUXN0Knr9gKJWY2lJPD0p_VEPIUWEAwrefHIP2GtFa1CoP7B8yXPGX0ZNTMiT8XKC5RVHYgVRu1GAb45rnVSyg8rKEeyYfL7uyOa8GwPUd3MN3m-z1NRLSFwwlkQvEJvjL31SSvgiHvYZaZg6D1_9f5-TnzsIzzJyBRQAxNHWaJp4fNBbIUW8cZvGQfHeGE6h-ChlTsR3XPBlpQnE6WaJDZeULIiyLnxCt032YesP4QQ3-jg1zdoaASP6CqeOPry1XV_8vHSs_JXiJsHvHHyg_Pv7Irwu1BJ1xyQ&cid=CAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMQ&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 07:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 07:25:10 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0CD9 15 KB
6 KB 165ms
56ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=znaj.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cf123b4d7a9a20f1cd0a1e41dd39841845abb4350e5d466adb592f4bdf5b9be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6149
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 02:37:52 GMT
server-processing-duration-in-ticks: 1968
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 177ms
60ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:53 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Jun 2022 02:37:53 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 82CA
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1004046/63413776/xbbe/creative/adj?p=APEucNXTmEbiYNPJp28_5AdC_wWOVSNTKK0r5s1mwXZFZzBcDhoFoz4&d=CnkAoCZ_4NdeKdRBrkvTJoHgadaTAUWYjS0obtwI5smOtEASufJaI_Pggvigs83...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXTmEbiYNPJp28_5AdC_wWOVSNTKK0r5s1mwXZFZzBcDhoFoz4&d=CnkAoCZ_4NdeKdRBrkvTJoHgadaTAUWYjS0obtwI5smOtEASufJaI_Pggvigs83RLkmboYC9rQvc0F-_ewraVGcEO...

61 KB
22 KB

157ms
67ms

Script
text/javascript

74.125.140.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXTmEbiYNPJp28_5AdC_wWOVSNTKK0r5s1mwXZFZzBcDhoFoz4&d=CnkAoCZ_4NdeKdRBrkvTJoHgadaTAUWYjS0obtwI5smOtEASufJaI_Pggvigs83RLkmboYC9rQvc0F-_ewraVGcEO3OaFZBGDMgPa1KTLZXJU2HSN6oB6FTyf6zbneAAOcW305WR2tIL8Ji8-yQuCMqev5elSLNyivXIEtkTAKAmf-BFDTyTBtyfMybBYXQjceuWUJqYnxr82SJkzLyw6fXjoaRz3fk-q4J8LW429-bpf46cF9kD3AwwjFIpFusoNelDBxRHXY89M_nz96Sh1D6sEc9GtgD8AC6c9bL6WuIvcnYVsb--Qan4NMyI_UwbGec5yxWpWN8lhnYhD9UpAv5C9XaCEfhZHDGA-h3M6Z9yzEPoMiF7gLyP1I46TuQpIziRJYGDy8kiIswF276MEpJQTRS5OQy7hqKL5-Jgdnk5bJzcLQVUw9GGX1y37Sg8xbP4bgMz_zbOGxfWc_FYUaX0QKVTFKQ9Pp53ukKnmZ-46NrxQKOnoKHrJVWoBQAF7MWcVVNZZDvAz_jIwZpLvK6vNaMtox03Nuy13wwWHS09uxeVeGdIMi8Hz7SksKDQ1YpNUIk6U9uNJXOq2rU7TqGE26FGJPoPImfXYgyaYDkd1t688ztxzHbgo9hheryi1IvyEAgK720TxLZauj_gb41hE2ZUMfsKaQjiLhEhGf78huPHUvXzPt17fbJs4pUankaVczE9-c68sSuLrNfR4zRQ-x9RXFHy0n_P3moA_Y-59cIWL7daPz51HqaVsZU1ZLraH0cpSjo8cTJuZEo4rQMTDIUF67dkNXtRQZNSHyk5FKYOIVbtY2uQhl816XuYxgpnr5zofEBri3Jxnp8vqOPyc23laTxd7NkG9fAdcrBCUGe9VSVddR0A_30i6WAX0vvDXwidcZpsjqfLWxAVMN9I3xZDj63EF3sVopbHQU1fcCv7VnT2Z7QEISEV5N3qlLy8Ze67MkFJ4J_RELZFy4VB89tXg1s77GGbTpFTnbRoBn3n7VaTCnTPwmUhNkgP2YtAOO-UlzVe22r0iKFeeYN17mid6smfE8AQRvUbp5Av7NM8uhM0QLc12Qw6f8synbL7vrDqvpRyx0Tgpp474pPmE46Q3F8mDEP_r2IasMsfw-lSIf_P7TBl6ioMgJ4ItGMu-Z_f6zEVJSykuta8b5noQ87ZyoXErXqSPiGgyOyKW9i4pG2HcFqKCylSVEZjwflygTNO_BihYvJQ3YAmDTOlD_OzBDatjMNiiyleveDB7nsEyXR_FWPTpKsv6X5RkeYJgupqll4loxzlEHGYp9tJSgGZ_BsmO-XOtwwGuGzqfOcI4X88XcoXTxqfTRfT18zASTTH2-xQ6OnJFy8WMggAHfoQ86KKfSeMBZXRg_HWyiB_1XJMK8nDAXvDWbfJrUf6PC5NvxVFMzUgDrwNzPPMvlyPiRcODxj3PpFm4kV0dYdFbuEyFwgOKMXX7NbBmP9dzu7df0zm5J9f6kT7_HpYBbmiWmQ9L8yja9igNh2S3IyrAwxe_8ImpOdrWnMFF3aiBJPZFvVD8DG2729Decpq70j2b0K7oR83RdO6L9CP06J_uvH3Ssb-5PJFmZloY2uq_NcH_CB7gZHzFu5bbTQp6CBz7k4SDwrUUdN-JakEpTvEccOkTHuozs0CfoTa7HEQ0wDSWhBw-oMBapUeu0AL5jC0bXi_demfX3_5Ccih-fEMhA1CPqJGNnR4so1x4voEKjnUbZ-BHKO0sSs9b6xQwM6D6ZmC67OHXCwrA5Q3EmAOXqxtqLR_U-Nr3D3vvXmkd7s2JhrVUN43tkdpZtJwTwSMs50wR6SnY7aa5_yGpST26vw5ihfDNGRybi1u7X9oa-Ccj9raVVFSL5ZC5rQ4FgL7x21_qR894m_cIC6yyUNnouXjHUXJWlXa_NZJpjCT8IQDWio2xZv9du4BxBXS4TPdxVRo9dF7v4eArW2ftc52IWp0iRxD0HuDRY-_D33ZBNRF8-Lm9gL_JscekOqF0L2TTLAKACPc1e4KiIfEjFW5UWB6JOWz3yGYkEH4IDkZGiIG63wDTtaSYMWb4ZM11EB4pS58vQDOK7Id3QMO19E7RbMXuBuUfHyGTgxGX4fF0a6LwXicWWNODqjp6h7u84n70ORd6d4969IK5KfDU4lwsEGBnrXAHtIAPPJqjCA3KC9qGDTtpons0h9hBE5HVnyM3_OAcq-6d9XpqvAdgHYfrMyi0WV91FIPDhsNXzy-zegbhnfMymOkoEZnucIOhrF7IiB3osksBbbjz10kiNp6XZtSCuw5UHOa-AvLqj9xf3B3UdU9BuBL1y2QAxTAFDxo7M6VQGe46ju7QX7vX-D57RpbAFtY_ijiJBhzbh3cupExktMs-cSTaePXKMzwiG_lGq5xyKAZSHtoga9vjq9gpwY_7qnpHTPk3PPpaWY3KaKb908pSsZVbSBaeiVCd3_ntlDOYySsBv5BrkTk35YYGiQsza-j1c9OKjvVA16df4Vpj7PkxZaRPfHh4YOZCpLxt3OZi1QKR3eSzntiU76R2h8Ow64QvRoy0FvCinN5X-yUE7qi80e6gyqsOmsCQh9PwpdSI_gsE4in9qzQOWJndBc46ECV3DFW8VL0pHVlLFk8M8CNkDuUoGtyMwnogyqbEaNPo29byVStrJgPQ3jxgw9KLF6P-NORvNzoC2f1RTpkG62q1W-EkuZZpUVMIPmgQ48jZghnspoEA9Dr05yUvaK4eoF2petw3oc5khGgxFfLTyc5fqPwb_8eKdCa4pfti6RsfjDcEOxIGXbP8iluaHdwdSIqk19Coyu0NdEb14w9aFzu_Rqrgq1M1bSwCgeZkcDRVjsU_-Gvy_B5fuTh4p3OBy9ovh4RCVh2dcSed70vZjISS6PM2yZ82wzPVyTC9Eh97lkTdACTRLUC4J77tBZ9qet5QuOJy2izjb0fAiyqv5VxeAYfZbVp32jMlW8Hbp1gWNGdTEGOqJEh3bG0DB4yjJVotEMv1LkPzbNwRUl_9GUfBC7a6i0WdbfteSHzpSSBrmlb4OZOmh_c2C3L5aL8eRyV0hi5BlK-3IPLrA_Gaj3DWFTUwNAJZnS_XLqxq7uibBKgf6zg3gOWY7jcgkUvdMtpUR212h6mXkuuEmfr6h6GOrGzruQX3WCqejQbVmgmIlsp7VShvqI406AJoeOKhdoOLGME3x8PbVlWDpjsjFM9pV3VOFfuhwolqCm90DCOLPCcQECPV4Owhu2PTZKJkZxdyGqFcgecF2uTxSlEs-IVHGhIp7cHWfL0HdKEo4fRqdv3z0G3HFOvBUvPPwE4okMw7iYDw2HD8eiD5LuKUSz_jKRpOLomi4LEQixWvD-o3_dZ_SmyGrM_RbS7fcTgIgwzyeqN6qF5TcWpWyeTO6Bhn9yb3y7996fVXxtswip8GkMyNSAGOrjh7eWQgrYe6nEwiiSJyOdMuQkRvx1w-FU__0Exf9P6yEOxHtBD_pmqm38UGKSjp7Bjljk6IPDJDQuI9YB0eZP8nzeE0b3_yRooCAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMWAB

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

74.125.140.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f157.1e100.net

Software

cafe /

Resource Hash

b23f533bae6fc7bd5f1b077226a5c9fb2aab98953de7a8f5ea9ba884a66491dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21537
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXTmEbiYNPJp28_5AdC_wWOVSNTKK0r5s1mwXZFZzBcDhoFoz4&d=CnkAoCZ_4NdeKdRBrkvTJoHgadaTAUWYjS0obtwI5smOtEASufJaI_Pggvigs83RLkmboYC9rQvc0F-_ewraVGcEO3OaFZBGDMgPa1KTLZXJU2HSN6oB6FTyf6zbneAAOcW305WR2tIL8Ji8-yQuCMqev5elSLNyivXIEtkTAKAmf-BFDTyTBtyfMybBYXQjceuWUJqYnxr82SJkzLyw6fXjoaRz3fk-q4J8LW429-bpf46cF9kD3AwwjFIpFusoNelDBxRHXY89M_nz96Sh1D6sEc9GtgD8AC6c9bL6WuIvcnYVsb--Qan4NMyI_UwbGec5yxWpWN8lhnYhD9UpAv5C9XaCEfhZHDGA-h3M6Z9yzEPoMiF7gLyP1I46TuQpIziRJYGDy8kiIswF276MEpJQTRS5OQy7hqKL5-Jgdnk5bJzcLQVUw9GGX1y37Sg8xbP4bgMz_zbOGxfWc_FYUaX0QKVTFKQ9Pp53ukKnmZ-46NrxQKOnoKHrJVWoBQAF7MWcVVNZZDvAz_jIwZpLvK6vNaMtox03Nuy13wwWHS09uxeVeGdIMi8Hz7SksKDQ1YpNUIk6U9uNJXOq2rU7TqGE26FGJPoPImfXYgyaYDkd1t688ztxzHbgo9hheryi1IvyEAgK720TxLZauj_gb41hE2ZUMfsKaQjiLhEhGf78huPHUvXzPt17fbJs4pUankaVczE9-c68sSuLrNfR4zRQ-x9RXFHy0n_P3moA_Y-59cIWL7daPz51HqaVsZU1ZLraH0cpSjo8cTJuZEo4rQMTDIUF67dkNXtRQZNSHyk5FKYOIVbtY2uQhl816XuYxgpnr5zofEBri3Jxnp8vqOPyc23laTxd7NkG9fAdcrBCUGe9VSVddR0A_30i6WAX0vvDXwidcZpsjqfLWxAVMN9I3xZDj63EF3sVopbHQU1fcCv7VnT2Z7QEISEV5N3qlLy8Ze67MkFJ4J_RELZFy4VB89tXg1s77GGbTpFTnbRoBn3n7VaTCnTPwmUhNkgP2YtAOO-UlzVe22r0iKFeeYN17mid6smfE8AQRvUbp5Av7NM8uhM0QLc12Qw6f8synbL7vrDqvpRyx0Tgpp474pPmE46Q3F8mDEP_r2IasMsfw-lSIf_P7TBl6ioMgJ4ItGMu-Z_f6zEVJSykuta8b5noQ87ZyoXErXqSPiGgyOyKW9i4pG2HcFqKCylSVEZjwflygTNO_BihYvJQ3YAmDTOlD_OzBDatjMNiiyleveDB7nsEyXR_FWPTpKsv6X5RkeYJgupqll4loxzlEHGYp9tJSgGZ_BsmO-XOtwwGuGzqfOcI4X88XcoXTxqfTRfT18zASTTH2-xQ6OnJFy8WMggAHfoQ86KKfSeMBZXRg_HWyiB_1XJMK8nDAXvDWbfJrUf6PC5NvxVFMzUgDrwNzPPMvlyPiRcODxj3PpFm4kV0dYdFbuEyFwgOKMXX7NbBmP9dzu7df0zm5J9f6kT7_HpYBbmiWmQ9L8yja9igNh2S3IyrAwxe_8ImpOdrWnMFF3aiBJPZFvVD8DG2729Decpq70j2b0K7oR83RdO6L9CP06J_uvH3Ssb-5PJFmZloY2uq_NcH_CB7gZHzFu5bbTQp6CBz7k4SDwrUUdN-JakEpTvEccOkTHuozs0CfoTa7HEQ0wDSWhBw-oMBapUeu0AL5jC0bXi_demfX3_5Ccih-fEMhA1CPqJGNnR4so1x4voEKjnUbZ-BHKO0sSs9b6xQwM6D6ZmC67OHXCwrA5Q3EmAOXqxtqLR_U-Nr3D3vvXmkd7s2JhrVUN43tkdpZtJwTwSMs50wR6SnY7aa5_yGpST26vw5ihfDNGRybi1u7X9oa-Ccj9raVVFSL5ZC5rQ4FgL7x21_qR894m_cIC6yyUNnouXjHUXJWlXa_NZJpjCT8IQDWio2xZv9du4BxBXS4TPdxVRo9dF7v4eArW2ftc52IWp0iRxD0HuDRY-_D33ZBNRF8-Lm9gL_JscekOqF0L2TTLAKACPc1e4KiIfEjFW5UWB6JOWz3yGYkEH4IDkZGiIG63wDTtaSYMWb4ZM11EB4pS58vQDOK7Id3QMO19E7RbMXuBuUfHyGTgxGX4fF0a6LwXicWWNODqjp6h7u84n70ORd6d4969IK5KfDU4lwsEGBnrXAHtIAPPJqjCA3KC9qGDTtpons0h9hBE5HVnyM3_OAcq-6d9XpqvAdgHYfrMyi0WV91FIPDhsNXzy-zegbhnfMymOkoEZnucIOhrF7IiB3osksBbbjz10kiNp6XZtSCuw5UHOa-AvLqj9xf3B3UdU9BuBL1y2QAxTAFDxo7M6VQGe46ju7QX7vX-D57RpbAFtY_ijiJBhzbh3cupExktMs-cSTaePXKMzwiG_lGq5xyKAZSHtoga9vjq9gpwY_7qnpHTPk3PPpaWY3KaKb908pSsZVbSBaeiVCd3_ntlDOYySsBv5BrkTk35YYGiQsza-j1c9OKjvVA16df4Vpj7PkxZaRPfHh4YOZCpLxt3OZi1QKR3eSzntiU76R2h8Ow64QvRoy0FvCinN5X-yUE7qi80e6gyqsOmsCQh9PwpdSI_gsE4in9qzQOWJndBc46ECV3DFW8VL0pHVlLFk8M8CNkDuUoGtyMwnogyqbEaNPo29byVStrJgPQ3jxgw9KLF6P-NORvNzoC2f1RTpkG62q1W-EkuZZpUVMIPmgQ48jZghnspoEA9Dr05yUvaK4eoF2petw3oc5khGgxFfLTyc5fqPwb_8eKdCa4pfti6RsfjDcEOxIGXbP8iluaHdwdSIqk19Coyu0NdEb14w9aFzu_Rqrgq1M1bSwCgeZkcDRVjsU_-Gvy_B5fuTh4p3OBy9ovh4RCVh2dcSed70vZjISS6PM2yZ82wzPVyTC9Eh97lkTdACTRLUC4J77tBZ9qet5QuOJy2izjb0fAiyqv5VxeAYfZbVp32jMlW8Hbp1gWNGdTEGOqJEh3bG0DB4yjJVotEMv1LkPzbNwRUl_9GUfBC7a6i0WdbfteSHzpSSBrmlb4OZOmh_c2C3L5aL8eRyV0hi5BlK-3IPLrA_Gaj3DWFTUwNAJZnS_XLqxq7uibBKgf6zg3gOWY7jcgkUvdMtpUR212h6mXkuuEmfr6h6GOrGzruQX3WCqejQbVmgmIlsp7VShvqI406AJoeOKhdoOLGME3x8PbVlWDpjsjFM9pV3VOFfuhwolqCm90DCOLPCcQECPV4Owhu2PTZKJkZxdyGqFcgecF2uTxSlEs-IVHGhIp7cHWfL0HdKEo4fRqdv3z0G3HFOvBUvPPwE4okMw7iYDw2HD8eiD5LuKUSz_jKRpOLomi4LEQixWvD-o3_dZ_SmyGrM_RbS7fcTgIgwzyeqN6qF5TcWpWyeTO6Bhn9yb3y7996fVXxtswip8GkMyNSAGOrjh7eWQgrYe6nEwiiSJyOdMuQkRvx1w-FU__0Exf9P6yEOxHtBD_pmqm38UGKSjp7Bjljk6IPDJDQuI9YB0eZP8nzeE0b3_yRooCAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMWAB
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 5022 80 KB
21 KB 152ms
46ms Script
application/javascript 2600:9000:2156:aa00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:aa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 3002600
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: WBH12UQZXAh7-IFMVyY0MGCaAMH6YMVHApZdeGqxDGmQ0Ui3L0FbqA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82CA 43 B
215 B 575ms
184ms Image
image/gif 2600:1f13:800:7780:6f1d:66a6:e122:b540
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1004046&asId=e79060f3-baf4-1ceb-767d-7bc19cfd5f28&tv=%7Bc:g2F68O,pingTime:-3,time:51,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t9ghIU7+11%7C12%7C13%7C14%7C15%7C16*.1004046-63413776%7C161%7C171%7C18%7C19,idMap:16*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6f1d:66a6:e122:b540 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82CA 43 B
216 B 571ms
184ms Image
image/gif 2600:1f13:800:7780:6f1d:66a6:e122:b540
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1004046&asId=e79060f3-baf4-1ceb-767d-7bc19cfd5f28&tv=%7Bc:g2F68Q,pingTime:-6,time:53,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t9ghIU7+11%7C12%7C13%7C14%7C15%7C16*.1004046-63413776%7C161%7C171%7C18%7C19,idMap:16*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:znaj.ua*&br=c
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6f1d:66a6:e122:b540 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E256 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 241962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 07:25:11 GMT
expires: Sat, 17 Jun 2023 07:25:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82CA 43 B
215 B 555ms
184ms Image
image/gif 2600:1f13:800:7780:6f1d:66a6:e122:b540
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1004046&asId=e79060f3-baf4-1ceb-767d-7bc19cfd5f28&tv=%7Bc:g2F699,pingTime:-2,time:72,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:383,beZ:384,mfA:386,cmA:387,inA:387,inZ:391,prA:391,prZ:398,si:404,poA:405,poZ:425,cmZ:425,mfZ:425,loA:436,loZ:438,ltA:455,ltZ:455%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t9ghIU7+11%7C12%7C13%7C14%7C15%7C16*.1004046-63413776%7C161%7C171%7C18%7C19,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:50,readyFired:false%7D&br=c
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6f1d:66a6:e122:b540 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2482 0
9 B 41ms
40ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uy_6EQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js Show response
pagead2.googlesyndication.com/bg/ Frame E256 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 01:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14007
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 01:04:31 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0CD9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=znaj.ua&sn=ChromeSyncframe&so=0&topUrl=znaj.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=C8EWrHxrM0wvM1lobmlJWCtURVlIZWRwcTBqNjZvbEdIVVUyZWlJSWdLOWRRTGRXWkdwdjJvenlOOUgrVm1peDVnZGtCQ2RmTllodEFoWEl1cW1zc0NNdXBLeCtEQVptNmQ2aHZjYUhTalBIK3hoWHJ1VEJSS3plamtpYk...

438 B
634 B

136ms
40ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=C8EWrHxrM0wvM1lobmlJWCtURVlIZWRwcTBqNjZvbEdIVVUyZWlJSWdLOWRRTGRXWkdwdjJvenlOOUgrVm1peDVnZGtCQ2RmTllodEFoWEl1cW1zc0NNdXBLeCtEQVptNmQ2aHZjYUhTalBIK3hoWHJ1VEJSS3plamtpYkRqaU42bnE0cVlZOHdONktZaUt5aUxZcEtvT0RnTmQ5by9QTVhsZzMxMXRidkwwa2p6ZW5YRkN3bDBiSENrd2pvZHJQQU1MUFZHdTBxSzZnaFZNZkJWWnBJN3FzbkFtdk1UKzM5NDJVOHN0NENZZnJDcjJCVjNGSUd4OGU0WVpxczdCQmZmQ0FGN0VQUklFMXZCdUx2K0JEN2VnTzliUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8690335cb39c1572e59590b8fe68b7974e827d587beb79cb1cd79f6d32e52759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:52 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6256
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:52 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=C8EWrHxrM0wvM1lobmlJWCtURVlIZWRwcTBqNjZvbEdIVVUyZWlJSWdLOWRRTGRXWkdwdjJvenlOOUgrVm1peDVnZGtCQ2RmTllodEFoWEl1cW1zc0NNdXBLeCtEQVptNmQ2aHZjYUhTalBIK3hoWHJ1VEJSS3plamtpYkRqaU42bnE0cVlZOHdONktZaUt5aUxZcEtvT0RnTmQ5by9QTVhsZzMxMXRidkwwa2p6ZW5YRkN3bDBiSENrd2pvZHJQQU1MUFZHdTBxSzZnaFZNZkJWWnBJN3FzbkFtdk1UKzM5NDJVOHN0NENZZnJDcjJCVjNGSUd4OGU0WVpxczdCQmZmQ0FGN0VQUklFMXZCdUx2K0JEN2VnTzliUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1482
content-length: 541
expires: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 82CA 106 KB
38 KB 190ms
42ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
Origin: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 07:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 07:25:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame 82CA 8 KB
3 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1004046/63413776/xbbe/creative/adj?p=APEucNXTmEbiYNPJp28_5AdC_wWOVSNTKK0r5s1mwXZFZzBcDhoFoz4&d=CnkAoCZ_4NdeKdRBrkvTJoHgadaTAUWYjS0obtwI5smOtEASufJaI_Pggvigs83RLkmboYC9rQvc0F-_ewraVGcEO3OaFZBGDMgPa1KTLZXJU2HSN6oB6FTyf6zbneAAOcW305WR2tIL8Ji8-yQuCMqev5elSLNyivXIEtkTAKAmf-BFDTyTBtyfMybBYXQjceuWUJqYnxr82SJkzLyw6fXjoaRz3fk-q4J8LW429-bpf46cF9kD3AwwjFIpFusoNelDBxRHXY89M_nz96Sh1D6sEc9GtgD8AC6c9bL6WuIvcnYVsb--Qan4NMyI_UwbGec5yxWpWN8lhnYhD9UpAv5C9XaCEfhZHDGA-h3M6Z9yzEPoMiF7gLyP1I46TuQpIziRJYGDy8kiIswF276MEpJQTRS5OQy7hqKL5-Jgdnk5bJzcLQVUw9GGX1y37Sg8xbP4bgMz_zbOGxfWc_FYUaX0QKVTFKQ9Pp53ukKnmZ-46NrxQKOnoKHrJVWoBQAF7MWcVVNZZDvAz_jIwZpLvK6vNaMtox03Nuy13wwWHS09uxeVeGdIMi8Hz7SksKDQ1YpNUIk6U9uNJXOq2rU7TqGE26FGJPoPImfXYgyaYDkd1t688ztxzHbgo9hheryi1IvyEAgK720TxLZauj_gb41hE2ZUMfsKaQjiLhEhGf78huPHUvXzPt17fbJs4pUankaVczE9-c68sSuLrNfR4zRQ-x9RXFHy0n_P3moA_Y-59cIWL7daPz51HqaVsZU1ZLraH0cpSjo8cTJuZEo4rQMTDIUF67dkNXtRQZNSHyk5FKYOIVbtY2uQhl816XuYxgpnr5zofEBri3Jxnp8vqOPyc23laTxd7NkG9fAdcrBCUGe9VSVddR0A_30i6WAX0vvDXwidcZpsjqfLWxAVMN9I3xZDj63EF3sVopbHQU1fcCv7VnT2Z7QEISEV5N3qlLy8Ze67MkFJ4J_RELZFy4VB89tXg1s77GGbTpFTnbRoBn3n7VaTCnTPwmUhNkgP2YtAOO-UlzVe22r0iKFeeYN17mid6smfE8AQRvUbp5Av7NM8uhM0QLc12Qw6f8synbL7vrDqvpRyx0Tgpp474pPmE46Q3F8mDEP_r2IasMsfw-lSIf_P7TBl6ioMgJ4ItGMu-Z_f6zEVJSykuta8b5noQ87ZyoXErXqSPiGgyOyKW9i4pG2HcFqKCylSVEZjwflygTNO_BihYvJQ3YAmDTOlD_OzBDatjMNiiyleveDB7nsEyXR_FWPTpKsv6X5RkeYJgupqll4loxzlEHGYp9tJSgGZ_BsmO-XOtwwGuGzqfOcI4X88XcoXTxqfTRfT18zASTTH2-xQ6OnJFy8WMggAHfoQ86KKfSeMBZXRg_HWyiB_1XJMK8nDAXvDWbfJrUf6PC5NvxVFMzUgDrwNzPPMvlyPiRcODxj3PpFm4kV0dYdFbuEyFwgOKMXX7NbBmP9dzu7df0zm5J9f6kT7_HpYBbmiWmQ9L8yja9igNh2S3IyrAwxe_8ImpOdrWnMFF3aiBJPZFvVD8DG2729Decpq70j2b0K7oR83RdO6L9CP06J_uvH3Ssb-5PJFmZloY2uq_NcH_CB7gZHzFu5bbTQp6CBz7k4SDwrUUdN-JakEpTvEccOkTHuozs0CfoTa7HEQ0wDSWhBw-oMBapUeu0AL5jC0bXi_demfX3_5Ccih-fEMhA1CPqJGNnR4so1x4voEKjnUbZ-BHKO0sSs9b6xQwM6D6ZmC67OHXCwrA5Q3EmAOXqxtqLR_U-Nr3D3vvXmkd7s2JhrVUN43tkdpZtJwTwSMs50wR6SnY7aa5_yGpST26vw5ihfDNGRybi1u7X9oa-Ccj9raVVFSL5ZC5rQ4FgL7x21_qR894m_cIC6yyUNnouXjHUXJWlXa_NZJpjCT8IQDWio2xZv9du4BxBXS4TPdxVRo9dF7v4eArW2ftc52IWp0iRxD0HuDRY-_D33ZBNRF8-Lm9gL_JscekOqF0L2TTLAKACPc1e4KiIfEjFW5UWB6JOWz3yGYkEH4IDkZGiIG63wDTtaSYMWb4ZM11EB4pS58vQDOK7Id3QMO19E7RbMXuBuUfHyGTgxGX4fF0a6LwXicWWNODqjp6h7u84n70ORd6d4969IK5KfDU4lwsEGBnrXAHtIAPPJqjCA3KC9qGDTtpons0h9hBE5HVnyM3_OAcq-6d9XpqvAdgHYfrMyi0WV91FIPDhsNXzy-zegbhnfMymOkoEZnucIOhrF7IiB3osksBbbjz10kiNp6XZtSCuw5UHOa-AvLqj9xf3B3UdU9BuBL1y2QAxTAFDxo7M6VQGe46ju7QX7vX-D57RpbAFtY_ijiJBhzbh3cupExktMs-cSTaePXKMzwiG_lGq5xyKAZSHtoga9vjq9gpwY_7qnpHTPk3PPpaWY3KaKb908pSsZVbSBaeiVCd3_ntlDOYySsBv5BrkTk35YYGiQsza-j1c9OKjvVA16df4Vpj7PkxZaRPfHh4YOZCpLxt3OZi1QKR3eSzntiU76R2h8Ow64QvRoy0FvCinN5X-yUE7qi80e6gyqsOmsCQh9PwpdSI_gsE4in9qzQOWJndBc46ECV3DFW8VL0pHVlLFk8M8CNkDuUoGtyMwnogyqbEaNPo29byVStrJgPQ3jxgw9KLF6P-NORvNzoC2f1RTpkG62q1W-EkuZZpUVMIPmgQ48jZghnspoEA9Dr05yUvaK4eoF2petw3oc5khGgxFfLTyc5fqPwb_8eKdCa4pfti6RsfjDcEOxIGXbP8iluaHdwdSIqk19Coyu0NdEb14w9aFzu_Rqrgq1M1bSwCgeZkcDRVjsU_-Gvy_B5fuTh4p3OBy9ovh4RCVh2dcSed70vZjISS6PM2yZ82wzPVyTC9Eh97lkTdACTRLUC4J77tBZ9qet5QuOJy2izjb0fAiyqv5VxeAYfZbVp32jMlW8Hbp1gWNGdTEGOqJEh3bG0DB4yjJVotEMv1LkPzbNwRUl_9GUfBC7a6i0WdbfteSHzpSSBrmlb4OZOmh_c2C3L5aL8eRyV0hi5BlK-3IPLrA_Gaj3DWFTUwNAJZnS_XLqxq7uibBKgf6zg3gOWY7jcgkUvdMtpUR212h6mXkuuEmfr6h6GOrGzruQX3WCqejQbVmgmIlsp7VShvqI406AJoeOKhdoOLGME3x8PbVlWDpjsjFM9pV3VOFfuhwolqCm90DCOLPCcQECPV4Owhu2PTZKJkZxdyGqFcgecF2uTxSlEs-IVHGhIp7cHWfL0HdKEo4fRqdv3z0G3HFOvBUvPPwE4okMw7iYDw2HD8eiD5LuKUSz_jKRpOLomi4LEQixWvD-o3_dZ_SmyGrM_RbS7fcTgIgwzyeqN6qF5TcWpWyeTO6Bhn9yb3y7996fVXxtswip8GkMyNSAGOrjh7eWQgrYe6nEwiiSJyOdMuQkRvx1w-FU__0Exf9P6yEOxHtBD_pmqm38UGKSjp7Bjljk6IPDJDQuI9YB0eZP8nzeE0b3_yRooCAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMWAB&adsafe_url=https%3A%2F%2Fznaj.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e79060f3-baf4-1ceb-767d-7bc19cfd5f28,c:g2F68j,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-tlt9m,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t9ghIU7+11%7C12%7C13%7C14%7C15%7C16*.1004046-63413776%7C161%7C171%7C18%7C19,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:fbbf202a-f041-11ec-8076-6262c1408689,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 02:29:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 82CA 27 KB
10 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10546
x-xss-protection: 0
server: cafe
etag: 1672864604874404814
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 02:32:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E256 0
20 B 82ms
82ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJoz3gN2vYqiuNYLQ3gOo0bXICAAAAAA4AeAEAg&bg=!KCulK2_NAAbASn8N4Eo7ACkAdvg8Wg3B_pzBKJpPLZ38wGWoG0TbvErmn78ek-NoJ0p0Ng3_RUkylwIAAABWUgAAAAJoAQeZAuYYtt0kvOnqpy4mmLu_qPkilc42dKY_JjkRYZIxZ30wQYWF-5PXVCf63cgdX1oMn_Pz9qH154vnp3oJko0vumqLx5WRuAb0SbNwuCTX9eSL7qPXLT4w8W0G75eaSP2AYVmAbodn2ORgQzAgq3DFCU6VLf3IONPXPs2MzPcuFJ_ZUiCAbhKTfjJNOXoWpYRt7Pt8Xbyq-4rERLE3Xq93TtMyHKqv1J0XfBP9f_0eC0Z5TzcwKH4K4_Swrtuap6AzjKu7TSsEKjH3rZiIDTWumBcSIwav33kmTPtzxzAZCog_vb03PqKReYjI2x4N-tIgck628L1YO2f0nyrY_3togCMpPKtI48Mfh1zIooiGfK4lnMjqhM-wFFFurBjm8aEBVGh556ykpmusfIWG0dyWiTYPZBYMuPBF_mRsmYl3m6FvqligxY4_0PH_PPGRRHFZsYVqBZzHt0_WG94qB9QkKcJE1X9elJa4GrBT_jxclePRF3A96d9TyfFOQfXUebrk9RRjr495UYRtQ46NZFLtzToGzgo35wIyqlcNBCj__65os6EJuGez9vcvOZp3-mqXzxeL0ZOgx0dg6J5kzOdRk_reOUvrBitw9UbLf5weXNH465qbDJSGfAsgmnCiGO-YoVKEmFFeF5J_Lcbb8Xywdf3mxQhU9XZxw4Oy6XzYKtayycwaKpX1RMoIdUlhLEO8E-RmcMQAs7yd-s8F3rj_dvyM7wuBf0n4JQIfwCSvhWY9lB9e-6PHXqZytbq2zen8SuLJRAG9FqyXXJ-xKlq7YXonta-aA0FoyHKB5JJE7bxz_3SUPgNt0rEdsLAwJ1-nzt-4JWb70ux5-GrruxTnhbcV1-lpprFWPW08w_KSoQbJbRWPsoDzRJr_wSdrdBoexktyKjrB4oyVFaFNoY6HsxzBK7sl5UzDVZZ0sUzuJ83GdEGPH6_5xxFSGWNsAoNKoMLBsJGQoVesx4fGjwCnOh7mVQYAUsiY

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B536 1 KB
749 B 43ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 47501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 20 Jun 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 82CA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd3f282962bb4659015192ddd25e0d49752fba94f110d8335f770de7694bd257

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame B536 35 B
463 B 124ms
41ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGSBxfCjtJ5HSoockmAtrkE&google_cver=1&google_push=ARnp8GCPxABVUdmVPmS3yxVa6flaODG51L90zDN4K4uQIZCmZ3QjQVvkBj7caWZ0jiVC5FdOSc-QblvMDWBlx3Ouw5QHF8beTcla

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B536 0
104 B 170ms
66ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEOcASpDDNY6H6JXuj4tdBc&google_cver=1&google_push=ARnp8GDtrAgbfFK63Zgz4HS95lpa_9c_Bgk3Bo8eDqx9SOakU8W3xBM-l4Hj_af5xBUgEhycIGEo3Xs3CCYbNVgVJsAFXLWNNVnwIg
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B536
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFUIO3OiV-tcUSZgFO4XrYQ&google_cver=1&google_push=ARnp8GDgWtNNZbmfgg6wqdFVgxaOCj5jpWVRu6YSIho1QOSjxLRjBcqvgMumkeh2l2i-fMkv86JnqPmLIcwLF_kj...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDgWtNNZbmfgg6wqdFVgxaOCj5jpWVRu6YSIho1QOSjxLRjBcqvgMumkeh2l2i-fMkv86JnqPmLIcwLF_kjgTbS3JP0lX_iDQ

170 B
188 B

53ms
53ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDgWtNNZbmfgg6wqdFVgxaOCj5jpWVRu6YSIho1QOSjxLRjBcqvgMumkeh2l2i-fMkv86JnqPmLIcwLF_kjgTbS3JP0lX_iDQ

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 20 Jun 2022 02:37:53 GMT
Server: MT3 4447 e18e916 master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDgWtNNZbmfgg6wqdFVgxaOCj5jpWVRu6YSIho1QOSjxLRjBcqvgMumkeh2l2i-fMkv86JnqPmLIcwLF_kjgTbS3JP0lX_iDQ
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 20 Jun 2022 02:37:52 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B536
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEiwSYL_DkEz9qCkig_PW84&google_cver=1&google_push=ARnp8GA0LM8g4e-H3Em5LBWFsIykoqjs5hbHx1RvvrVZ9ZDuOHM089SK7fHsXdS5LZnUMeKaQifhGPVk608vHE8-4naMxOpV3DH1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B3120FEA3CBC47DDA16F4C3262F24381&google_push=ARnp8GA0LM8g4e-H3Em5LBWFsIykoqjs5hbHx1RvvrVZ9ZDuOHM089SK7fHsXdS5LZnUMeKaQifhGPVk608vHE8...

170 B
188 B

52ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B3120FEA3CBC47DDA16F4C3262F24381&google_push=ARnp8GA0LM8g4e-H3Em5LBWFsIykoqjs5hbHx1RvvrVZ9ZDuOHM089SK7fHsXdS5LZnUMeKaQifhGPVk608vHE8-4naMxOpV3DH1

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 20 Jun 2022 02:37:53 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B3120FEA3CBC47DDA16F4C3262F24381&google_push=ARnp8GA0LM8g4e-H3Em5LBWFsIykoqjs5hbHx1RvvrVZ9ZDuOHM089SK7fHsXdS5LZnUMeKaQifhGPVk608vHE8-4naMxOpV3DH1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 19 Jun 2022 02:37:53 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B536 0
191 B 116ms
32ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFjOUYwCAIX72x45DHxUJYU&google_cver=1&google_push=ARnp8GCKIgHhF6UaSeYHOVGWWapGrShVbuiFK9B9tTq3BidKMOkGkTKZNHkO2-Z7pItxVgwQ8karBvBegd6c66q51C-XJ74rFiaM5Q
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame B536 43 B
351 B 100ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEwHStwXto-cQMceSGrEExc&google_cver=1&google_push=ARnp8GCPTCfQpImXJ5pGhnqg3R4KRaDGxZYOGCem5GixEgRGiv07a9h0p2W5B5HYfNcYiZWM1X28mPAccdG-fCVLkgbMTREKPbIC
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9ugh4jcs9sga2f5p7mrv77u9qiul417a

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B536
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELHC10zYGsMMedBHTYKGYg4&google_cver=1&google_push=ARnp8GCWx48_7db2albN8Wzc7UgjNMPELYdN7YcYxUocJcQAgThXuk6vL27dkoqDBl4F2qH4rHsG5cw6dCrl...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCWx48_7db2albN8Wzc7UgjNMPELYdN7YcYxUocJcQAgThXuk6vL27dkoqDBl4F2qH4rHsG5cw6dCrlw5RCmjl87MwOpn56MQ

170 B
188 B

52ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCWx48_7db2albN8Wzc7UgjNMPELYdN7YcYxUocJcQAgThXuk6vL27dkoqDBl4F2qH4rHsG5cw6dCrlw5RCmjl87MwOpn56MQ

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCWx48_7db2albN8Wzc7UgjNMPELYdN7YcYxUocJcQAgThXuk6vL27dkoqDBl4F2qH4rHsG5cw6dCrlw5RCmjl87MwOpn56MQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B536 0
12 B 50ms
49ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LM1-pI6HS13S7X00DkgYDoCx9iHBrLwa5GxW28WTnHyF39yDSQhu7mP-n6N-y_NWxN0GeD

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82CA 43 B
215 B 184ms
184ms Image
image/gif 2600:1f13:800:7780:6f1d:66a6:e122:b540
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1004046&asId=e79060f3-baf4-1ceb-767d-7bc19cfd5f28&tv=%7Bc:g2F6ga,pingTime:-10,time:507,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1655692673497%7C%7Ca9bf3c421d977404f5d9e8cdcf35f060%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cd398f93296585dac255124cb8b00906f%7C%7C91c333906f839a9b3d864876d52d3129%7C%7C8a951a2e90cbe9d3d93a69e52656f93d%7C%7C510f42f08712cd39ca010d7c99ee52ba%7C%7Ce72b0b9bd80620eb824fdffb47dded1e%7C%7C1629390669%7D
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6f1d:66a6:e122:b540 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/ Frame 9B43 6 KB
2 KB 122ms
40ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a96af58d18a72238f8b3a8a5a1d01044ca2f0750148b2987167ed05bf5c665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 584369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2174
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 08:18:24 GMT
expires: Tue, 13 Jun 2023 08:18:24 GMT
last-modified: Fri, 29 Apr 2022 20:41:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 82CA 0
575 B 186ms
82ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5dl9gODybO4Y_tyjfzvVGjvBYB4j56kTSz2CDxPmRihRZbjIDvyyr7XzM49hbAUvLruiC6Y_cuAekbS7Zr2eDzkgdVP31yiC67FM3kyPOGb4i7fuxh5pVzVeZBTHI9aGl7Rii125aGw&sai=AMfl-YTO2HkRuW6OIZ636RCCwHqEgWmINOtbGX9u5QOgMi4PxK_alwXVAxYGPyL6ce_o6Rrmvpp4DMHU1PM4U0eTFxoZgM3M_ZUBLW5J3nbG-BpueOycWCEf56yvuZ4&sig=Cg0ArKJSzNUqKnaZdnT0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=260&cbvp=1&cstd=257&cisv=r20220615.78384&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 02:37:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82CA 43 B
215 B 252ms
252ms Image
image/gif 2600:1f13:800:7780:6f1d:66a6:e122:b540
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1004046&asId=e79060f3-baf4-1ceb-767d-7bc19cfd5f28&tv=%7Bc:g2F6gX,time:556,type:e,im:%7Bpci:%7Btdr:509%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:556,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B550~0%5D,as:%5B550~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t9ghIU7+11%7C12%7C13%7C14%7C15%7C16*.1004046-63413776%7C161%7C171%7C18%7C19,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6f1d:66a6:e122:b540 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:53 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
78ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022061501&jk=3778609910102664&bg=!pqWlpeHNAAbASn8N4Eo7ACkAdvg8Wu6hbJpOgvEpCEr4_Kj7chcjyxcz7Ye0JED0YGLV9JcqpKangwIAAADGUgAAAAdoAQcKAHLnBKsJZbWmeieFQ5RTY61E3Wg6Bl7dH1pbPLoAYazNPydmrcdrM1NGErVV39y63z4fvx37vcmmUkUKDMaOozfJBka1EeoPNRR6V29cBfzF3XFTLt4EpLAiCDR7dOQA-zaH_KNQHmpL_harmrrTrTjADDuZApkWw9jO_-2DqSdTtXLDkbO5HOUnpm8vr2BrCbw0FC-TD1_c9H1KTyIYxXk5k_ZA81_szyXJjFWF2O8zOwteDo4gH3D3hHTWk8osoSlMUMXcRQADruqjsD2GuRexEh5YyED8pA9KzRodqdCZOgU7e2qiI73v-34yoiDAhvQE8J4cUSnnSXgLMpIzDg4AMR-g-YYKyjqMpbJmURKiEkd98VdFSlP3pMGd3Cl58lLduwXUrgQ7CD3o44eMf6mR9w4KdTHVv3JCuAarozrnYLnkX1c_IbTcCZE9hJ2fcmBRwnJgBOY9i0ETFJRYFu0LVOiPAkod43vnLLhijbY5IYnXRmN1XSyGF48W5SjhiNbYx4eNo8gX9TXsMiaAvuh1nmnD9eDYif4UWye5WClcnlBQI3atU-bXbZlVAh9ZxHvsuD4e8oyZTtnAXe80CA1rQYRwv7MlduEIsik__YJlvfgJe-YftmTOko_0QU65fLzi2X8fCs-X7zWnhB8Pn8ZGagIF7Su6nAAtVV6pG6k5TB3PvV98lBb7xGEueoD2qN9aNqSA3VXZ8UlXxTvSW3NSkI916jGD5J9jb7uWvUCKrgYJN7QjTkNoBftA2ISL_pT6dYuMyqCWLjN9yVz6EPq0xVYu9EogOLElmEojrDXpJVShcE1jiWPhOf5UJWiBDOJ2wva0vTQBUiFPo5Ih1gd1psdXsvKsoQbFLqJR7V9rxedpm9JMPia2o5SIuEWRmhPrVYXyurzkn7BkrtQNPALA0eInTzVDAquFIrPQduHEm5uZeqSx4bFp7YdgySD_TsZrbkCxstZl5Xoxrh2H6XWB8RPILl7TqfRWhkXgqrQsUm155t5id0c6b3XyCIeDrdCI-pwPddkSym3JOglw4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9B43 236 KB
63 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 02:37:53 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/ Frame 9B43 52 KB
12 KB 41ms
41ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21312a569438309b3ab24fc9edac7a97e4cf05f164cbae35be54de96c8a5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 08:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584369
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12416
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 20:41:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Jun 2023 08:18:24 GMT

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/images/ Frame 9B43 108 KB
108 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/images/index_atlas_NP_1.jpg?1639047426322

Requested by

Host: fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com
URL: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d713f6e916cc0dfd6fe1c5f82a97fe162ca29f779b228cfd89fe3fa7f121765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14923794691669180363/uk_en_airwrap_display_728x90_na_campaignhero_shopnow_na/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 07:38:05 GMT
x-content-type-options: nosniff
age: 586788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110304
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 20:41:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Jun 2023 07:38:05 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 82CA 0
26 B 163ms
81ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5dl9gODybO4Y_tyjfzvVGjvBYB4j56kTSz2CDxPmRihRZbjIDvyyr7XzM49hbAUvLruiC6Y_cuAekbS7Zr2eDzkgdVP31yiC67FM3kyPOGb4i7fuxh5pVzVeZBTHI9aGl7Rii125aGw&sai=AMfl-YTO2HkRuW6OIZ636RCCwHqEgWmINOtbGX9u5QOgMi4PxK_alwXVAxYGPyL6ce_o6Rrmvpp4DMHU1PM4U0eTFxoZgM3M_ZUBLW5J3nbG-BpueOycWCEf56yvuZ4&sig=Cg0ArKJSzNUqKnaZdnT0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=510&vt=11&dtpt=250&dett=3&cstd=257&cisv=r20220615.78384&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 02:37:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82CA 42 B
64 B 167ms
84ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOFgq_ddz15fYFc2fsEKY9WXPopQdqFYcZQsn02v3qcqbQ0L3MPNWoGhjuvclDPMdK4I27Q4wf0hsVqv3RufMP98Gf-QKh5cHoEbmQnu2SmoybpHr4cvjSd5TmA89QfyqAMkQv9w&sai=AMfl-YQ0OkqCoy8i-q_ZQpwFtncAAIynqjyV82YaXBemTVVJb3XcOJS33TzWfESkJG3__XWf84LrIASNLXIMv_CFVlQAZPGvqyRqrhLdMydoUO7KA2VlVw5DlssWCqU&sig=Cg0ArKJSzCYT5Q28Cd5OEAE&cid=CAASJORos1HvND-gPZGiCp9Sl_bMmL-qvhHrMwirz_0UmuAVDzXEMQ&id=lidar2&mcvt=1000&p=147,436,237,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2184955199&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655692672608&rpt=817&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82CA 43 B
215 B 184ms
183ms Image
image/gif 2600:1f13:800:7780:6f1d:66a6:e122:b540
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1004046&asId=e79060f3-baf4-1ceb-767d-7bc19cfd5f28&tv=%7Bc:g2F6x8,pingTime:1,time:1559,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:559%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:559,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B553~0%5D,as:%5B553~728.90%5D%7D%7D,%7Bsl:i,t:559,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:254,fm:t9ghIU7+11%7C12%7C13%7C14%7C15%7C16*.1004046-63413776%7C161%7C171%7C18%7C19,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6f1d:66a6:e122:b540 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:54 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82CA 43 B
215 B 184ms
184ms Image
image/gif 2600:1f13:800:7780:6f1d:66a6:e122:b540
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1004046&asId=e79060f3-baf4-1ceb-767d-7bc19cfd5f28&tv=%7Bc:g2F6x9,pingTime:1,time:1560,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:559%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:559,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B553~0%5D,as:%5B553~728.90%5D%7D%7D,%7Bsl:i,t:559,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:254,fm:t9ghIU7+11%7C12%7C13%7C14%7C15%7C16*.1004046-63413776%7C161%7C171%7C18%7C19,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6f1d:66a6:e122:b540 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fdb804731cb857adc5ff639ac34d67d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:54 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame A39D 1 KB
986 B 1374ms
686ms Document
text/html 23.227.150.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.150.210 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 033a53416c1a8de97aa263b853cccc6c938fabce45a09a6938f963368b674c1b

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://znaj.ua
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 691
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Jun 2022 02:37:55 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1C95 52 KB
17 KB 104ms
29ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79815
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 20 Jun 2022 02:37:55 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 293847
X-Served-By: cache-lga21962-LGA, cache-lcy19236-LCY
X-Timer: S1655692675.283967,VS0,VE0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame AB39
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=96361062-ec3e-41dd-a19f-42bcc795726d

0
407 B

412ms
111ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=96361062-ec3e-41dd-a19f-42bcc795726d
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Mon, 20 Jun 2022 02:37:54 GMT
Etag: fa06ec5bbfe10fd1
Server: VertaMedia 1.0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71e12014c9f80221-ZRH
content-length: 0
date: Mon, 20 Jun 2022 02:37:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=96361062-ec3e-41dd-a19f-42bcc795726d
server: cloudflare

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E391 281 B
554 B 142ms
41ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Jun 2022 02:37:55 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame AA7A 37 B
140 B 126ms
44ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 20 Jun 2022 02:37:55 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e212025d-8b0a-4363-96eb-b9e376e87ddb

0
407 B

586ms
104ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e212025d-8b0a-4363-96eb-b9e376e87ddb
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 02:37:54 GMT
Server: VertaMedia 1.0
Etag: fa06ec5bbfe10fd1
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e212025d-8b0a-4363-96eb-b9e376e87ddb
date: Mon, 20 Jun 2022 02:37:55 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D...
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c7c09221-21ef-4a7e-9d47-18cd2cf7896c

0
407 B

489ms
104ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c7c09221-21ef-4a7e-9d47-18cd2cf7896c
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 02:37:54 GMT
Server: VertaMedia 1.0
Etag: fa06ec5bbfe10fd1
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c7c09221-21ef-4a7e-9d47-18cd2cf7896c
date: Mon, 20 Jun 2022 02:37:55 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6354819737598645959

0
390 B

555ms
109ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6354819737598645959
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 02:37:54 GMT
Server: VertaMedia 1.0
Etag: fa06ec5bbfe10fd1
Content-Length: 0

Redirect headers

Date: Mon, 20 Jun 2022 02:37:55 GMT
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 56a7894e-4da6-4511-b4f0-71dacc413c8a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6354819737598645959
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1C95 0
867 B 50ms
49ms Script
text/html 185.33.221.119
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.119 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:55 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c2865753-8d01-4186-a555-12c3fdfd85fb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E391 31 KB
10 KB 42ms
42ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f8cd96fe86c32769f5f9f5d72b5a5d7bc20623fc09c460122e1ffbc8cac5a59b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 02:37:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 17:17:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32230
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9455
Expires: Mon, 20 Jun 2022 11:35:05 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame E391
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4M4O1VN-5-JV1J&sigv=1&esig=2~e625db262a96e5169675fc81e27cb56ddd78cb8c

0
194 B

157ms
51ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4M4O1VN-5-JV1J&sigv=1&esig=2~e625db262a96e5169675fc81e27cb56ddd78cb8c

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:55 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4M4O1VN-5-JV1J&sigv=1&esig=2~e625db262a96e5169675fc81e27cb56ddd78cb8c
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E391
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wquE5ucJRfGmlZxhTfMxUQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wquE5ucJRfGmlZxhTfMxUQ

43 B
556 B

47ms
47ms

Image
image/gif

52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wquE5ucJRfGmlZxhTfMxUQ

Protocol

HTTP/1.1

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:55 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HN7NX380KVCPKDEVWBVQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wquE5ucJRfGmlZxhTfMxUQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame E391 0
0 108ms
38ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E391 70 B
265 B 163ms
52ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

X_r9KtPFV2l-Kkfba-Dx3A
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame E391
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/X_r9KtPFV2l-Kkfba-Dx3A?csrc=

0
919 B

146ms
46ms

Image
text/plain

2a05:d018:d29:3605:733c:ed5f:ba2e:ed39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/rubicon/X_r9KtPFV2l-Kkfba-Dx3A?csrc=

Protocol

Server

2a05:d018:d29:3605:733c:ed5f:ba2e:ed39 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

Redirect headers

Location: https://pr-bh.ybp.yahoo.com/sync/rubicon/X_r9KtPFV2l-Kkfba-Dx3A?csrc=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E391
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4M4O1VN-5-JV1J

0
706 B

248ms
168ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4M4O1VN-5-JV1J
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:55 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A06C9BABD0664D8898D17CA7753B9F3D Ref B: LTSEDGE1912 Ref C: 2022-06-20T02:37:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXh1/3NX3Sa/dAil1gSlg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4M4O1VN-5-JV1J
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E391
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOMGVdNVP0muQcwwsqY905g&google_cver=1

0
239 B

189ms
43ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOMGVdNVP0muQcwwsqY905g&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 02:37:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOMGVdNVP0muQcwwsqY905g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E391
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1xvZoYxCRM6G0x1sfnirlw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1xvZoYxCRM6G0x1sfnirlw

43 B
556 B

120ms
120ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1xvZoYxCRM6G0x1sfnirlw

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 02:37:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V3SCCEJCKNGXN9RTWY52
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1xvZoYxCRM6G0x1sfnirlw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 qvKhqP3FeAAUYFNOgRwGU9mnd219b9Ht48bcVi1V.png
znaj.ua/crops/7ef82d/150x100/2/0/2022/06/17/ 5 KB
6 KB 67ms
67ms Image
image/png 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/7ef82d/150x100/2/0/2022/06/17/qvKhqP3FeAAUYFNOgRwGU9mnd219b9Ht48bcVi1V.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22bd410659be7e4f0499408fe63f02409a59438471e61a3f98889e4e91fd9c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
cf-polished: origSize=5495, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5359
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 17 Jun 2022 16:27:59 GMT
server: cloudflare
etag: "62acab8f-1577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RoZYb%2Bys1OPjl%2B%2B5v8P2RmVo2vzMdpMa3g98JkE2RoPLBP0saY2bQI0cLmgRcmvICUuUp2ZTvk80w4I1HjAnjy99MFYsxalfp8G9OFmG0ZKWXyI8PXTX5%2FZPxojFmJzcQnQmaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 71e120195df83751-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 XbeHFqdVHphPbCilyDTjdcyMRSDb3dJVBsFTaZzN.jpg
znaj.ua/crops/864060/735x400/2/0/2022/06/18/ 41 KB
41 KB 85ms
85ms Image
image/jpeg 2606:4700:20::681a:12a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/864060/735x400/2/0/2022/06/18/XbeHFqdVHphPbCilyDTjdcyMRSDb3dJVBsFTaZzN.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367eb76491b8431e35629d5c409a6c227106f8300c7482e65981db0809ca598c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:37:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=41707, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41550
last-modified: Sun, 19 Jun 2022 20:13:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjqwzmR5A0vjeBHZnXvhZO%2FAUup5yTgPFxrbBi%2F6IdIFvWkPIzFr%2BzxNJO1WdPQk3wi08BbqA%2BLtIpKvCb%2BvGXFmppBwqIiGKUVx%2FbUmkojeIQ9jDRlQQJWoXvhzCNmmVG%2FZMq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 71e1201aeec33751-MXP
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1C95 0
867 B 35ms
35ms Script
text/html 185.33.221.119
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.119 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS