www.ukr.net Open in urlscan Pro
104.18.8.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ukr.net/
Effective URL:
https://www.ukr.net/
Submission: On March 03 via manual (March 3rd 2023, 8:08:44 am UTC) from US — Scanned from DE

Summary HTTP 213 Redirects Links 308 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 34 domains to perform 213 HTTP transactions. The main IP is 104.18.8.128, located in and belongs to CLOUDFLARENET, US. The main domain is www.ukr.net. The Cisco Umbrella rank of the primary domain is 173199.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 7th 2023. Valid for: a year.

This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.9.128 104.18.9.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	104.18.8.128 104.18.8.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:808::2008	15169 (GOOGLE) (GOOGLE)
23	2606:4700::68... 2606:4700::6812:509	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1 9	212.42.75.253 212.42.75.253	8856 (UKRNET Kiev) (UKRNET Kiev)
2 2	212.42.75.249 212.42.75.249	8856 (UKRNET Kiev) (UKRNET Kiev)
5	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
8	212.42.76.151 212.42.76.151	8856 (UKRNET Kiev) (UKRNET Kiev)
4	212.42.83.135 212.42.83.135	8856 (UKRNET Kiev) (UKRNET Kiev)
1	193.200.65.2 193.200.65.2	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	143.244.196.143 143.244.196.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	212.42.73.60 212.42.73.60	8856 (UKRNET Kiev) (UKRNET Kiev)
2	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
3	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1 1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
2	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	216.52.2.6 216.52.2.6	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
5	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
6 8	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
1 5	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	142.251.208.102 142.251.208.102	15169 (GOOGLE) (GOOGLE)
2	18.132.62.60 18.132.62.60	16509 (AMAZON-02) (AMAZON-02)
2	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
1	18.66.15.19 18.66.15.19	16509 (AMAZON-02) (AMAZON-02)
2	35.178.57.200 35.178.57.200	16509 (AMAZON-02) (AMAZON-02)
213	50

1 104.18.9.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.8.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zakladki.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6812:509 (United States)

ASN13335 (CLOUDFLARENET, US)

upst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 212.42.75.253 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com

accounts.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.42.75.249 (Ukraine) 2 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com

mail.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st11.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com

pinformer.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.83.135 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

kinoafisha.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com

trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.196.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

counter.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)

0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.1.122 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.201.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.244 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.157 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.132.62.60 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-62-60.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-19.vie50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.178.57.200 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-57-200.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	445 KB
29	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 221779 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	285 KB
26	ukr.net 5 redirects ukr.net — Cisco Umbrella Rank: 72293 www.ukr.net — Cisco Umbrella Rank: 173199 zakladki.ukr.net — Cisco Umbrella Rank: 396943 accounts.ukr.net — Cisco Umbrella Rank: 172454 mail.ukr.net — Cisco Umbrella Rank: 113813 counter.ukr.net — Cisco Umbrella Rank: 141980	156 KB
23	fwdcdn.com upst.fwdcdn.com — Cisco Umbrella Rank: 195226	414 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com	290 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	6 KB
8	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6249 ghb.adtelligent.com — Cisco Umbrella Rank: 5762 sync.adtelligent.com — Cisco Umbrella Rank: 4733	167 KB
8	sinoptik.ua pinformer.sinoptik.ua — Cisco Umbrella Rank: 153947	46 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 35870 hal900025.redintelligence.net — Cisco Umbrella Rank: 251492	11 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	6 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	280 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
5	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 56735 st11.rcvlink.com — Cisco Umbrella Rank: 77968	24 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	194 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
4	kinoafisha.ua kinoafisha.ua — Cisco Umbrella Rank: 291670	72 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18601 api.webgains.io — Cisco Umbrella Rank: 51787	31 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	162 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 40433	27 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8947 www.google.de — Cisco Umbrella Rank: 6149	939 B
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9955	1 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 35874	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 132014	931 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 589	277 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 972	672 B
1	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 157244	450 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 546074	170 B
1	mgid.com servicer.mgid.com — Cisco Umbrella Rank: 8635	3 KB
1	phoenix-widget.com api.phoenix-widget.com — Cisco Umbrella Rank: 251406	7 KB
1	trafmag.com trafmag.com — Cisco Umbrella Rank: 47754	3 KB
1	mixadvert.com m.mixadvert.com — Cisco Umbrella Rank: 243386	711 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	6 KB
213	34

	Domain	Requested by
26	pagead2.googlesyndication.com	www.ukr.net 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
23	upst.fwdcdn.com	www.ukr.net pinformer.sinoptik.ua upst.fwdcdn.com
20	tpc.googlesyndication.com	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com www.ukr.net googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
12	securepubads.g.doubleclick.net	www.ukr.net securepubads.g.doubleclick.net 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com www.googletagservices.com
9	accounts.ukr.net	1 redirects upst.fwdcdn.com www.ukr.net accounts.ukr.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	pinformer.sinoptik.ua	upst.fwdcdn.com pinformer.sinoptik.ua
7	fonts.gstatic.com	fonts.googleapis.com
7	www.ukr.net	www.ukr.net pinformer.sinoptik.ua upst.fwdcdn.com static.cloudflareinsights.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	hal900025.redintelligence.net	1 redirects 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com hal900025.redintelligence.net
5	s0.2mdn.net	www.ukr.net s0.2mdn.net
5	cdn.ampproject.org	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
4	googleads.g.doubleclick.net	www.ukr.net 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	www.googletagservices.com	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com www.ukr.net
4	counter.ukr.net	www.ukr.net counter.ukr.net
4	kinoafisha.ua	upst.fwdcdn.com kinoafisha.ua
4	go.rcvlink.com	www.ukr.net go.rcvlink.com
3	fonts.googleapis.com	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com s0.2mdn.net
3	ghb.adtelligent.com	player.adtelligent.com
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
3	www.googletagmanager.com	www.ukr.net www.googletagmanager.com adv.office-partner.de
2	api.webgains.io	analytics.webgains.io
2	googleads4.g.doubleclick.net	www.ukr.net
2	track.webgains.com	hal900025.redintelligence.net
2	5994599.fls.doubleclick.net	1 redirects www.ukr.net
2	encrypted-tbn3.gstatic.com	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
2	encrypted-tbn2.gstatic.com	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
2	sync.adtelligent.com	player.adtelligent.com www.ukr.net
2	www.google.com	www.ukr.net tpc.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	a4p.adpartner.pro	1 redirects upst.fwdcdn.com
2	mail.ukr.net	2 redirects
2	player.adtcdn.com	www.ukr.net
2	zakladki.ukr.net	www.ukr.net
2	ukr.net	2 redirects
1	analytics.webgains.io	track.webgains.com
1	adv.office-partner.de	hal900025.redintelligence.net
1	hal9000.redintelligence.net	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
1	www.gstatic.com	0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
1	ap.lijit.com	www.ukr.net
1	cs.admanmedia.com	1 redirects
1	www.google.de	www.ukr.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	s.znctrack.net	www.ukr.net
1	st11.rcvlink.com	www.ukr.net
1	loadercdn.net	www.ukr.net
1	servicer.mgid.com	upst.fwdcdn.com
1	api.phoenix-widget.com	upst.fwdcdn.com
1	trafmag.com	upst.fwdcdn.com
1	m.mixadvert.com	upst.fwdcdn.com
1	static.cloudflareinsights.com	www.ukr.net
213	57

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
www.booking.com
kinoafisha.ua
avtosale.ua
rabota.ua
rst.ua
avtoprod.ua
autoamerica.com.ua
osago.avtosale.ua
goroshina.ua
dom.ria.com
lun.ua
flatfy.ua
vitasan.com.ua
casada.ua
med-magazin.ua
healthyway.com.ua
bit.ly
doctoronline.care
viveohealth.com
teplo.app
narnia.space
artpotolok.kiev.ua
lascala.ua
top-parfyum.com.ua
rozetka.com.ua
goodmax.com.ua
work.ua
optima.school
layboard.com
grc.ua
mon.gov.ua
cutt.ly
buketland.com.ua
flowers.ua
www.accordtour.com
hvosting.ua
nic.ua
internetua.com
rx-name.ua
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
mixadvert.com
m.mixadvert.com
www.5.ua
fakty.com.ua
www.rbc.ua
vgoru.org
www.unn.com.ua
ua.news
censor.net
hromadske.ua
novyny.live
interfax.com.ua
www.obozrevatel.com
biz.ligazakon.net
bizagro.com.ua
uaprom.info
usm.media
www.newsroom.kh.ua
armyinform.com.ua
sud.ua
chasdiy.org
mayupravo.com
vechirniy.kyiv.ua
yaizakon.com.ua
risu.ua
life.liga.net
mykyivregion.com.ua
kyiv.comments.ua
businessua.com
toneto.net
itechua.com
psm7.com
dev.ua
xn--b1alfsfclih.com
nauka.ua
www.newsru.co.il
tsn.ua
nnews.com.ua
root-nation.com
newsyou.info
autotheme.info
avtosota.com
glavnoe.ukrainianwall.com
ua-electro.com
sportnews.com.ua
onthewaytowembley.com
fanday.net
ua.tribuna.com
nashamama.com
zdorovia.com.ua
lhealth.info
u-news.com.ua
ua-novosti.info
sensatsiya.com
vogue.ua
focus.ua
nv.ua
sprotyv.info
babel.ua
bomok.com.ua
novosti-n.org
trueua.info
hronikers.com
www.epochtimes.com.ua
kriminal.tv
hyser.com.ua
prostoway.com
shuba.life
www.trserial.net.ua
pixelinform.com
rezina.cc
shinadiski.com.ua
www.zapchast.com.ua
kiaparts.com.ua
autoshini.com
transshina.com.ua
pokraska.diskservice.com.ua
www.optics-pro.com.ua
www.aks.ua
ukroptica.com.ua
helplist.io
npdn.in.ua
www.helpua.io
dovidka.info
savelife.in.ua
www.facebook.com
shelter.dopomagai.org
petlive.com.ua
bank.gov.ua
sprotyv.mod.gov.ua
klubnatura.pl
www.bamf.de
www.czechhomesforukraine.com
www.unterkunft-ukraine.de
life.nv.ua
www.migrationsverket.se
life.pravda.com.ua
www.ukrainetakeshelter.com
www.immobilienscout24.de
chytomo.com
zib.com.ua
t.me
upst.fwdcdn.com
trafmag.com
phoenix-widget.com
click.phoenix-widget.com
code.nvtk.com
narnia-ua.space
mgid.com
clck.mgid.com
adline.kiev.ua
mail.ukr.net
zakladki.ukr.net

Subject Issuer	Validity	Valid
ukr.net Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
fwdcdn.com Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.ukr.net Thawte RSA CA 2018	`2022-04-12` - `2023-05-13`	a year	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2022-09-25` - `2023-10-01`	a year	crt.sh
adpartner.pro R3	`2023-02-24` - `2023-05-25`	3 months	crt.sh
m.mixadvert.com R3	`2023-01-22` - `2023-04-22`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
kinoafisha.ua Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-12-14`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
api.phoenix-widget.com R3	`2023-02-23` - `2023-05-24`	3 months	crt.sh
loadercdn.net R3	`2022-12-28` - `2023-03-28`	3 months	crt.sh
player.adtelligent.com R3	`2023-01-19` - `2023-04-19`	3 months	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-31` - `2023-09-05`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.ukr.net/
Frame ID: B42D3A8B1BB675C688E2370CFC371726
Requests: 73 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 43826295C3B6F22E117C6FC789E2E68B
Requests: 7 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 0BDBA36E147044EF3D06A7E4EB45ECEC
Requests: 5 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
Frame ID: E6B389D9EE3C1E87B9429F02257CCB3C
Requests: 12 HTTP requests in this frame

Frame: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1677830917068
Frame ID: 64A51B72764ED2E0F6ED2BE268A76B40
Requests: 5 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 1EFF1354EF6094CB11E7D2C0BBB47650
Requests: 1 HTTP requests in this frame

Frame: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B95AB83B103BFA0F88F4AEBE9820DF63
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=1d49ac8a-57e9-4b08-85e1-c95bf0678eeb
Frame ID: 80067562E263964258855792C24169F8
Requests: 1 HTTP requests in this frame

Frame: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7533CC46F89C1B063556BD3F19733383
Requests: 16 HTTP requests in this frame

Frame: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDA7F010C008C4BDDA67C410AEFDFE95
Requests: 7 HTTP requests in this frame

Frame: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F787D0F4AA33F80ACAB1C1C548D96F4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2mbvGATAB&v=APEucNWuCpMkGISj66gCxw-4NPJyqEoN4XTWf4G3izNE9drIcsWyc5Ay57xxuap0R8PzDzBOjsp9gwfWDkatprRhxMaQm4NHNz0AVCHvtKBIl-pk9803-761LRhrOuJVcRW_rbKUKj9X5wnFZajXwWU7kb5ku_g1EWoZqtzAolXRisi0IAFlxZo
Frame ID: 7DDE86E478E7E0CEBF2B387FF22A21D0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 72A1B7D9628C3F625CC1F6961977CDFB
Requests: 15 HTTP requests in this frame

Frame: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E1AE5AB72C1792CBD7862A3DE03E970E
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COuMnQEQwqudARii09jfATAB&v=APEucNUJcHAqxlvYEwKG0vzZf8WZyDCJwMpqvaub7-J95K23KaERCFnbf4qhz8HEZSfrYu8uWYGz61XtfWwBryGzeMb4Q3BNoPW33tEuBovp8SIVwCNsVqHtAyZ-pPPs75Lm7HwFV_uXuuKQiwiBgGVHT2bXEOr67YNEhyH7Xmdomfs08GVrWM0
Frame ID: 4F89EAF53A9A3B14E03404A5C642F5E6
Requests: 5 HTTP requests in this frame

Frame: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D2594D02504FE5EA6F53022C24CD9AC0
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB4B0293A5F2A9CC977E2DA54886A04E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 919D0812C0076A68F1CC69C2639377FC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3E367473700DC9A88D9FC2731BF417FD
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 437966A659E7F7A55E22FD51392750F4
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11
Frame ID: 63D9BFFB5AEABE8E1B7E44F62E13E030
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=72475300037255004444980012252025&a=7e0b1c1d
Frame ID: B8408FD0A23F3AC5272546C99E330F0C
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9952578787551990323/index.html
Frame ID: 21A4DA9EEAA953F0A41290032CA5C206
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37E2C8E5203F635A1A509ABCFBDBF58F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC23D520FAF82C0B4712D66EEB6DF2D1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Page URL History Show full URLs

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

213
Requests

95 %
HTTPS

48 %
IPv6

34
Domains

57
Subdomains

50
IPs

10
Countries

2758 kB
Transfer

7121 kB
Size

40
Cookies

308 Outgoing links

These are links going to different origins than the main page.

URL: http://ua.sinoptik.ua/?utm_source=ukr.net&utm_medium=main_page&utm_campaign=main_izbrannoe
Title: Sinoptik

Search URL Search Domain Scan URL

URL: http://orakul.com/
Title: Оракул

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=375206
Title: Booking

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/ua/?utm_source=ukr.net&utm_medium=link&utm_campaign=izbranoe
Title: Кіноафіша

Search URL Search Domain Scan URL

URL: http://avtosale.ua/
Title: AvtoSale

Search URL Search Domain Scan URL

URL: https://rabota.ua/ua?utm_source=ukrnet&utm_medium=cpm&utm_campaign=logo
Title: Robota.ua

Search URL Search Domain Scan URL

URL: http://rst.ua/
Title: Машини продають на сайтi RST

Search URL Search Domain Scan URL

URL: https://avtoprod.ua/
Title: Продати авто на AVTOPROD.ua

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/
Title: Avtosale - автосалони України

Search URL Search Domain Scan URL

URL: https://autoamerica.com.ua/?utm_source=ukr_net&utm_medium=url_fav&utm_campaign=ukr_net_ppc_40
Title: Авто з США та Канади - 40%

Search URL Search Domain Scan URL

URL: https://osago.avtosale.ua/insurance/osago
Title: Купити автоцивілку онлайн

Search URL Search Domain Scan URL

URL: https://goroshina.ua/
Title: Шинний центр ГороШина

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=338493
Title: Booking - бронювання житла

Search URL Search Domain Scan URL

URL: https://dom.ria.com/uk/novostroyki/?withoutHeader=1&utm_source=ukrnet&utm_medium=clikukrnet_newbuilds&utm_campaign=newbuildings&r_audience=partners_buyers&r_source=ukr.net&r_medium=link&r_campaign=clikukrnet
Title: DOM.RIA - новобудови України

Search URL Search Domain Scan URL

URL: https://lun.ua/
Title: ЛУН - Всі новобудови

Search URL Search Domain Scan URL

URL: https://flatfy.ua/
Title: FLATFY - Квартири шукай

Search URL Search Domain Scan URL

URL: https://vitasan.com.ua/ua/?utm_source=organichnipreparatytakosmetyka&utm_medium=medycyna&utm_id=ukrnet
Title: Органічні препарати, косметика

Search URL Search Domain Scan URL

URL: https://casada.ua/massazhnye-kresla-uk
Title: Масажні крісла Casada

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmedtovary
Title: Медичний магазин

Search URL Search Domain Scan URL

URL: http://healthyway.com.ua/uk/vikovi-zmini-v-sitkivci-oka/
Title: Вікові зміни в очах

Search URL Search Domain Scan URL

URL: http://healthyway.com.ua/uk/yak-shvidko-vidnovitisya-pislya-perelomiv-kistok/
Title: Перелом кісток

Search URL Search Domain Scan URL

URL: https://bit.ly/3idlh7f
Title: Ортопедичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3nKOLeo
Title: Пульсоксиметри

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmainpage&utm_campaign=medmag
Title: Товари для здоров'я

Search URL Search Domain Scan URL

URL: http://healthyway.com.ua/uk/vesnyanij-detoks-organizmu/
Title: Весінній детокс організму

Search URL Search Domain Scan URL

URL: http://doctoronline.care/
Title: Безкоштовні консультації лікарів

Search URL Search Domain Scan URL

URL: https://viveohealth.com/
Title: Онлайн консультації лікарів

Search URL Search Domain Scan URL

URL: https://teplo.app/
Title: Допомога психологів

Search URL Search Domain Scan URL

URL: https://narnia.space/?utm_source=ukrnet&utm_campaign=zagolovok
Title: Постільна білизна від 429 грн

Search URL Search Domain Scan URL

URL: https://artpotolok.kiev.ua/raschet-stoimosti/
Title: Стелі Art Decor

Search URL Search Domain Scan URL

URL: http://lascala.ua/index.php?utm_source=ukr_netdom&utm_medium=link&utm_campaign=ukr_netdom
Title: Постільна білизна 1+1=3

Search URL Search Domain Scan URL

URL: https://top-parfyum.com.ua/nishevaya-parfyumeria/
Title: Парфумерія

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=rozetka
Title: Магазин електронiки

Search URL Search Domain Scan URL

URL: https://goodmax.com.ua/uk/catalog/87-schetchiki-dlya-vody
Title: Лічильники води Goodmax

Search URL Search Domain Scan URL

URL: http://work.ua/?utm_source=ukr.net&utm_medium=advert&utm_campaign=main_rabota
Title: WORK.ua – №1 в Україні

Search URL Search Domain Scan URL

URL: http://rabota.ua/ua?utm_source=ukrnet&utm_medium=cpc&utm_campaign=link
Title: ROBOTA.ua - перевірені вакансії

Search URL Search Domain Scan URL

URL: https://optima.school/?utm_source=ukrnetLink&utm_medium=cpm&utm_campaign=workgr&utm_term=ukrnetLink
Title: Дистанційна освіта 1-11 клас

Search URL Search Domain Scan URL

URL: https://layboard.com/ua
Title: Робота за кордоном - Layboard

Search URL Search Domain Scan URL

URL: http://grc.ua/?utm_source=ukrnet&utm_medium=link&utm_campaign=main_page
Title: GRC.ua-робота професіоналам

Search URL Search Domain Scan URL

URL: https://mon.gov.ua/ua/news/bezplatne-navchannya-u-shkoli-optima-1-11-klasi
Title: Безкоштовне навчання в Оптіма

Search URL Search Domain Scan URL

URL: https://cutt.ly/1B0Kz3E
Title: Курси програмування

Search URL Search Domain Scan URL

URL: https://cutt.ly/lFSD6l7
Title: Оператор БПЛА (студент)

Search URL Search Domain Scan URL

URL: https://buketland.com.ua/
Title: Квіти - BuketLand

Search URL Search Domain Scan URL

URL: http://flowers.ua/
Title: Flowers-доставка квiтів

Search URL Search Domain Scan URL

URL: https://orakul.com/num/
Title: Нумерологічний прогнози

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/vsi_avtobusni_tury
Title: Автобусні тури в Європу

Search URL Search Domain Scan URL

URL: http://hvosting.ua/
Title: Домени і Хостинг Hvosting.ua

Search URL Search Domain Scan URL

URL: http://nic.ua/
Title: NIC.ua - домени і хостинг

Search URL Search Domain Scan URL

URL: http://internetua.com/
Title: СМИ - InternetUA

Search URL Search Domain Scan URL

URL: https://rx-name.ua/domains/tld/com.ua
Title: Домен com.ua 250 ₴ rx-name

Search URL Search Domain Scan URL

URL: https://sport.ua/football?utm_source=ukrnet-mainpage&utm_medium=ukrnet-link
Title: Футбол на Спорт.ua

Search URL Search Domain Scan URL

URL: https://btu.org.ua/
Title: Великий теніс України

Search URL Search Domain Scan URL

URL: http://rada.gov.ua/
Title: Верховна Рада України

Search URL Search Domain Scan URL

URL: https://www.president.gov.ua/
Title: Президент України

Search URL Search Domain Scan URL

URL: https://court.gov.ua/
Title: Верховний Суд

Search URL Search Domain Scan URL

URL: https://www.kmu.gov.ua/
Title: Кабінет Міністрів України

Search URL Search Domain Scan URL

URL: http://www.bank.gov.ua/
Title: Нацбанк

Search URL Search Domain Scan URL

URL: http://igov.org.ua/
Title: iGov - портал державних послуг

Search URL Search Domain Scan URL

URL: https://covid19.com.ua/
Title: Відомості про коронавірус

Search URL Search Domain Scan URL

URL: https://adp.digital/ap-landings/2/publisher.php?utm_source=own_promo&utm_medium=unit&utm_campaign=adpartner

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6513/3226515/45bcfd9c-2701-4605-90b4-bb8a306e9d0b?data=eyJjcmVhdGVkX2F0IjoxNjc3ODMwOTE3LCJzaG93X2lkIjoiNDViY2ZkOWMtMjcwMS00NjA1LTkwYjQtYmI4YTMwNmU5ZDBiIiwiYWRfdW5pdF9pZCI6NjUxMywicnVsZV9pZCI6MCwiYWRfaWQiOjMyMjY1MTUsImRhdGFfc291cmNlIjoiYXBwLWpzdS1wbC0yMDp0aXplcl9hZCIsInBsYXRmb3JtX2lkIjoxLCJvc19pZCI6NSwiYnJvd3Nlcl9pZCI6MSwiY3VzdG9tZXJfaWQiOiI1YTgxYjY5Ny02NjdlLTQxNDYtYjBkNy1kY2VlNzRhOTllMjQiLCJyZWdpb25faWQiOjg2LCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0=&hash=614daadb7bb3b3367bb34ed61ef9184b

Search URL Search Domain Scan URL

URL: https://mixadvert.com/

Search URL Search Domain Scan URL

URL: https://m.mixadvert.com/go/?h=f3e72cae116ee836d602b5360430c173&t=444319&b=1559

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/vavilon1?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%B0%D0%B2%D0%B8%D0%BB%D0%BE%D0%BD
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/demon-csne-proklyattya-ab-zu?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D0%B5%D0%BC%D0%BE%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5+%D0%BF%D1%80%D0%BE%D0%BA%D0%BB%D1%8F%D1%82%D0%B8%D0%B5+%D0%90%D0%B1%D0%B8%D0%B7%D1%83
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/celovek-muravei-i-osa-kvantomaniya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A7%D0%B5%D0%BB%D0%BE%D0%B2%D0%B5%D0%BA-%D0%BC%D1%83%D1%80%D0%B0%D0%B2%D0%B5%D0%B9+%D0%B8+%D0%9E%D1%81%D0%B0%3A+%D0%9A%D0%B2%D0%B0%D0%BD%D1%82%D0%BE%D0%BC%D0%B0%D0%BD%D0%B8%D1%8F
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/dva-shefi-zabagato?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D0%B2%D0%B0+%D1%88%D0%B5%D1%84%D0%B0-%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%82%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/krid-iii?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D1%80%D0%B8%D0%B4+III
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/smak-vishn?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%BA%D1%83%D1%81+%D0%B2%D0%B8%D1%88%D0%BD%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/titan-k-25-rok-v?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A2%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%BA%3A+25+%D0%BB%D0%B5%D1%82
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/rok-dog-3?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A0%D0%BE%D0%BA+%D0%94%D0%BE%D0%B3+3%3A+%D0%A0%D0%B8%D1%82%D0%BC%D0%B8%D1%87%D0%BD%D1%8B%D0%B9+%D0%B1%D0%B0%D0%BB
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mper-ya-u-vogn?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%98%D0%BC%D0%BF%D0%B5%D1%80%D0%B8%D1%8F+%D0%B2+%D0%BE%D0%B3%D0%BD%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/kit1?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%B8%D1%82
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/beshketn-kan-kuli?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D0%B7%D0%BE%D1%80%D0%BD%D1%8B%D0%B5+%D0%BA%D0%B0%D0%BD%D0%B8%D0%BA%D1%83%D0%BB%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/super-maik-poslednii-tanec?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D1%83%D0%BF%D0%B5%D1%80+%D0%9C%D0%B0%D0%B9%D0%BA%3A+%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B9+%D1%82%D0%B0%D0%BD%D0%B5%D1%86
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mujcsina-po-imeni-otto?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D1%83%D0%B6%D1%87%D0%B8%D0%BD%D0%B0+%D0%BF%D0%BE+%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8+%D0%9E%D1%82%D1%82%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/titanik-v-3D?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A2%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/argonatsi?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%90%D1%80%D0%B3%D0%BE%D0%BD%D0%B0%D1%82%D1%81%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mavka-lesnaya-pesnya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B0%D0%B2%D0%BA%D0%B0.+%D0%9B%D0%B5%D1%81%D0%BD%D0%B0%D1%8F+%D0%BF%D0%B5%D1%81%D0%BD%D1%8F
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/korset?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%BE%D1%80%D1%81%D0%B5%D1%82
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/skromnoe-obayanie-burjuazii?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%BA%D1%80%D0%BE%D0%BC%D0%BD%D0%BE%D0%B5+%D0%BE%D0%B1%D0%B0%D1%8F%D0%BD%D0%B8%D0%B5+%D0%B1%D1%83%D1%80%D0%B6%D1%83%D0%B0%D0%B7%D0%B8%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/avatar-2?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%90%D0%B2%D0%B0%D1%82%D0%B0%D1%80%3A+%D0%9F%D1%83%D1%82%D1%8C+%D0%B2%D0%BE%D0%B4%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mirni-21?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D1%80%D0%BD%D1%8B%D0%B9-21
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/kot-v-sapogah-2?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%BE%D1%82+%D0%B2+%D1%81%D0%B0%D0%BF%D0%BE%D0%B3%D0%B0%D1%85+2%3A+%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B5%D0%B5+%D0%B6%D0%B5%D0%BB%D0%B0%D0%BD%D0%B8%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/treugolnik-pecsali?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A2%D1%80%D0%B5%D1%83%D0%B3%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA+%D0%BF%D0%B5%D1%87%D0%B0%D0%BB%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/aster-ks-obel-ks-p-dnebesna-mper-ya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%90%D1%81%D1%82%D0%B5%D1%80%D0%B8%D0%BA%D1%81+%D0%B8+%D0%9E%D0%B1%D0%B5%D0%BB%D0%B8%D0%BA%D1%81%3A+%D0%9F%D0%BE%D0%B4%D0%BD%D0%B5%D0%B1%D0%B5%D1%81%D0%BD%D0%B0%D1%8F
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/alkarras?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%90%D0%BB%D1%8C%D0%BA%D0%B0%D1%80%D1%80%D0%B0%D1%81
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/sxedrik?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A9%D0%B5%D0%B4%D1%80%D0%B8%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/operaciya-fortuna?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F+%22%D0%A4%D0%BE%D1%80%D1%82%D1%83%D0%BD%D0%B0%22%3A+%D0%98%D1%81%D0%BA%D1%83%D1%81%D1%81%D1%82%D0%B2%D0%BE+%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/svinka-elv-s?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B2%D0%B8%D0%BD%D0%BA%D0%B0+%D0%AD%D0%BB%D0%B2%D0%B8%D1%81
Title: купити квитки

Search URL Search Domain Scan URL

URL: http://avtosale.ua/?utm_source=ukr.net&utm_medium=Logo&utm_campaign=informers

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=954&utm_source=ukr.net&utm_medium=Hyundai_I10&utm_campaign=informers&CarCommercial=2
Title: 377 300 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5201&utm_source=ukr.net&utm_medium=Renault_Koleos&utm_campaign=informers&CarCommercial=2
Title: 751 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=1747&utm_source=ukr.net&utm_medium=Ford_Transit_connect&utm_campaign=informers&CarCommercial=2
Title: 681 714 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=16977&utm_source=ukr.net&utm_medium=Renault_Duster&utm_campaign=informers&CarCommercial=2
Title: 428 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=2237&utm_source=ukr.net&utm_medium=Ford_Kuga&utm_campaign=informers&CarCommercial=2
Title: 805 311 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1872&modelId=32725&utm_source=ukr.net&utm_medium=Mazda_Cx_5&utm_campaign=informers&CarCommercial=2
Title: 801 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=32630&utm_source=ukr.net&utm_medium=Renault_Sandero_stepway&utm_campaign=informers&CarCommercial=2
Title: 437 100 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=32971&utm_source=ukr.net&utm_medium=Ford_Tourneo_custom&utm_campaign=informers&CarCommercial=2
Title: 1 249 559 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=936&utm_source=ukr.net&utm_medium=Hyundai_Santa_fe&utm_campaign=informers&CarCommercial=2
Title: 1 265 900 грн

Search URL Search Domain Scan URL

URL: https://www.5.ua/svit/rakety-dlia-himars-ta-amunitsiia-bilyi-dim-anonsuvav-novyi-paket-oboronnoi-dopomohy-ukraini-300409.html
Title: Ракети для HIMARS та амуніція: Білий дім анонсував новий пакет оборонної допомоги Україні

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/20230303-u-zaporizhzhi-z-pid-zavaliv-budynku-distaly-tila-shhe-dvoh-lyudej/
Title: У Запоріжжі з-під завалів будинку дістали тіла ще двох людей

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/news/minus-litak-gelikopter-ta-ponad-700-okupantiv-1677823533.html
Title: Мінус літак, гелікоптер та понад 700 окупантів: Генштаб оновив втрати РФ

Search URL Search Domain Scan URL

URL: https://vgoru.org/post/okupanti-vivezli-v-nevidomomu-napryamku-200-zhiteliv-sela-bojove
Title: Окупанти вивезли в невідомому напрямку 200 жителів села Бойове

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/2017767-cnn-rf-zazdalegid-planuvala-kativni-na-okupovanikh-teritoriyakh
Title: CNN: рф заздалегідь планувала катівні на окупованих територіях

Search URL Search Domain Scan URL

URL: https://ua.news/ua/world/britanska-rozvidka-sumnivayetsya-shho-rf-vikoristaye-v-ukrayini-novi-vijskovi-rozrobki
Title: Британська розвідка сумнівається, що рф використає в Україні нові військові розробки

Search URL Search Domain Scan URL

URL: https://censor.net/ua/news/3403387/ponad_930_diteyi_v_ukrayini_zaznaly_poranen_vnaslidok_viyiny_ofis_genprokurora
Title: Понад 930 дітей в Україні зазнали поранень внаслідок війни, - Офіс Генпрокурора

Search URL Search Domain Scan URL

URL: https://hromadske.ua/posts/udar-po-kupyansku-ta-artobstril-kamyanki-situaciya-u-regionah-zranku-3-bereznya
Title: Удар по Купʼянську та артобстріл Кам'янки: ситуація у регіонах зранку 3 березня

Search URL Search Domain Scan URL

URL: https://novyny.live/ru/war/danilov-rozpoviv-chomu-ukrayina-ne-atakuie-bilorus-i-shcho-dumaie-pro-lukashenka-80406.html
Title: Данилов рассказал, почему Украина не атакует Беларусь и что думает о Лукашенко

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/news/general/895185.html
Title: Заяви Шольца про гарантії безпеки Україні узгоджуються з повідомленнями про пропонований оборонний пакт Україна-НАТО - ISW

Search URL Search Domain Scan URL

URL: https://censor.net/ua/news/3403388/yes_planuye_protyagom_tyjniv_peredaty_ukrayini_spilno_zakupleni_boyeprypasy_financial_times
Title: ЄС планує протягом тижнів передати Україні спільно закуплені боєприпаси, - Financial Times

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/politics-news/glava-mid-estonii-edinstvennoj-garantiej-bezopasnosti-dlya-ukrainyi-yavlyaetsya-chlenstvo-v-nato-ili-obladanie-yadernyim-oruzhiem.htm?lang=ua
Title: Глава МЗС Естонії: єдиною гарантією безпеки для України є членство в НАТО або володіння ядерною зброєю

Search URL Search Domain Scan URL

URL: https://ua.news/ua/world/bangladesh-trebuet-kompensatsiyu-za-vojnu-v-ukraine-platit-dolzhny-energogiganty-i-oboronka
Title: Бангладеш вимагає компенсацію за війну в Україні: платити мають енергогіганти та оборонка

Search URL Search Domain Scan URL

URL: https://novyny.live/ekonomika/vlada-znovu-planuie-terminovo-zbilshiti-vitrati-na-oboronu-shcho-khochut-realizuvati-80407.html
Title: Влада знову планує терміново збільшити витрати на оборону: що хочуть реалізувати

Search URL Search Domain Scan URL

URL: https://biz.ligazakon.net/news/217858_fond-derzhmayna-planu-skontsentruvati-upravlnnya-100-derzhpdprimstv
Title: Фонд держмайна планує сконцентрувати управління 100% держпідприємств

Search URL Search Domain Scan URL

URL: https://bizagro.com.ua/ssha-razom-iz-3-ukrayinskimi-agrotrejderami-investuyut-44-mln-dolariv-v-infrastrukturu/
Title: США разом із 3 українськими агротрейдерами інвестують 44 млн доларів в інфраструктуру

Search URL Search Domain Scan URL

URL: https://uaprom.info/news/187837-nbu-lyutomu-zmenshiv-prodazh-valyuti-24-mlrd.html
Title: НБУ в лютому зменшив продаж валюти до $2,4 млрд

Search URL Search Domain Scan URL

URL: https://usm.media/ukra%d1%97na-vidpravila-do-afriki-j-azi%d1%97-majzhe-50-eksportu-psheniczi-zernovim-koridorom/
Title: Україна відправила до Африки й Азії майже 50% експорту пшениці «зерновим коридором»

Search URL Search Domain Scan URL

URL: https://www.newsroom.kh.ua/news/v-harkovskoy-oblasti-za-sutki-zaderzhali-75-chelovek-kotoryh-proveryayut-na-prichastnost-k-diversiyam-i-propagande-russkogo-mira
Title: В Харьковской области за сутки задержали 75 человек, которых проверяют на причастность к диверсиям и пропаганде “русского мира”

Search URL Search Domain Scan URL

URL: https://armyinform.com.ua/2023/03/03/za-dobu-pirotehniky-dsns-zneshkodyly-ponad-400-vybuhonebezpechnyh-predmetiv-ta-chotyry-aviabomby/
Title: За добу піротехніки ДСНС знешкодили понад 400 вибухонебезпечних предметів та чотири авіабомби

Search URL Search Domain Scan URL

URL: https://sud.ua/uk/news/ukraine/263550-11-let-za-ubiystvo-ukrainki-v-rovno-grazhdaninu-turtsii-ostavili-bez-izmeneniy-prigovor
Title: 11 років за вбивство українки: у Рівному громадянину Туреччини залишили без змін вирок

Search URL Search Domain Scan URL

URL: https://chasdiy.org/events/strong-vykryto-poplichnyka-okupantiv-iakyi-sformuvav-ta-ocholiuie-okupatsiine-unitarne-pidpryiemstvo-strong.html
Title: Викрито поплічника окупантів який сформував та очолює окупаційне “унітарне підприємство”

Search URL Search Domain Scan URL

URL: http://mayupravo.com/news/view/za-strilyaninu-u-jitlovomu-kvartali-mikolaeva-policeyiski-zatrimali-cholovika-a74199/
Title: За стрілянину у житловому кварталі Миколаєва поліцейські затримали чоловіка

Search URL Search Domain Scan URL

URL: https://vechirniy.kyiv.ua/news/79445/
Title: Київрада перейменувала Центральну бібліотеку імені Зої Космодем’янської для дітей на бібліотеку імені Грицька Бойка

Search URL Search Domain Scan URL

URL: https://internetua.com/sinoptik-rozpovila-pro-pogodu-na-vihidni
Title: Синоптик розповіла про погоду на вихідні

Search URL Search Domain Scan URL

URL: https://yaizakon.com.ua/5-klyuchovih-zmin-vijskkomati-v-ukrayini-zapratsyuyut-po-novomu/
Title: 5 ключових змін: військкомати в Україні запрацюють по-новому

Search URL Search Domain Scan URL

URL: https://risu.ua/u-kiyivradi-zasudili-diyalnist-upc-mp_n137231
Title: Депутати Київради засудили діяльність УПЦ МП і вимагають її заборони

Search URL Search Domain Scan URL

URL: https://life.liga.net/all/news/muzey-v-amsterdame-priznal-malevicha-ukrainskim
Title: Музей в Амстердамі визнав Малевича українським

Search URL Search Domain Scan URL

URL: https://mykyivregion.com.ua/news/patrulni-kiyivshhini-proveli-zanyattya-v-navcalnix-zakladax-borshhagivskoyi-otg-foto
Title: Патрульні Київщини провели заняття в навчальних закладах Борщагівської ОТГ (ФОТО)

Search URL Search Domain Scan URL

URL: https://kyiv.comments.ua/ua/news/offense/2023/16343-pid-chas-budivnictva-podilskogo-mostu-u-kievi-vkrali-milyoni-foto.html?utm_source=ukrnet&utm_medium=ukrnet2
Title: Під час будівництва Подільського мосту у Києві вкрали мільйони (ФОТО)

Search URL Search Domain Scan URL

URL: http://businessua.com/robota/83177ekonomichne-stanovisze-kiyan-pid-chas-viini-opituvannya.html
Title: Економічне становище киян під час війни: опитування

Search URL Search Domain Scan URL

URL: https://novyny.live/kiev/na-pivnichnii-okolitsi-kiieva-mozhut-lunati-vibukhi-u-kmva-nazvali-prichinu-80405.html
Title: На північній околиці Києва можуть лунати вибухи: у КМВА назвали причину

Search URL Search Domain Scan URL

URL: https://toneto.net/news/kultura/na-ki--vshchin---viyavili-nove-pohovannya-mirnih-meshkants--v--zagiblih-p--d-chas-ros--ysko---okupats-----pravoohoronts---f--ksuyut-us---fakti-vo--nnih-zlochin--v-voroga-krim--nal
Title: На Київщині виявили нове поховання мирних мешканців, загиблих під час російської окупації

Search URL Search Domain Scan URL

URL: https://itechua.com/smartphones/207976
Title: Складено топ-10 найпотужніших смартфонів на Android станом на лютий 2023 року

Search URL Search Domain Scan URL

URL: https://internetua.com/rozkrito-termini-vihodu-bezramkovogo-iphone
Title: Розкрито терміни виходу безрамкового iPhone

Search URL Search Domain Scan URL

URL: https://psm7.com/uk/cryptocurrency/krupnejshie-kriptovalyutnye-birzhi-priostanovili-vyvod-sredstv-na-karty-ukrainskix-bankov.html
Title: Найбільші криптовалютні біржі призупинили виведення коштів на картки українських банків

Search URL Search Domain Scan URL

URL: https://dev.ua/news/kytai-1677826197
Title: Китай планує збудувати конкурента Starlink – власне угруповання супутників. Що про це відомо

Search URL Search Domain Scan URL

URL: https://xn--b1alfsfclih.com/%d0%bf%d1%80%d0%be%d0%b3%d0%bd%d0%be%d0%b7-%d1%86%d1%96%d0%bd%d0%b8-%d0%b1%d1%96%d1%82%d0%ba%d0%be%d0%b9%d0%bd%d0%b0-%d1%82%d0%b0-ethereum-btc-%d1%82%d0%b0-eth-%d0%b2%d0%bf%d0%b0%d0%bb%d0%b8-%d0%bd/
Title: Прогноз ціни біткойна та Ethereum: BTC та ETH впали на 5%, але наскільки низько вони можуть впасти?

Search URL Search Domain Scan URL

URL: https://nauka.ua/news/v-angliyi-znajshli-grebin-iz-lyudskogo-cherepa-vikom-dvi-tisyachi-rokiv
Title: В Англії знайшли гребінь із людського черепа віком дві тисячі років

Search URL Search Domain Scan URL

URL: https://www.newsru.co.il/world/3mar2023/crewdragon_111.html
Title: На МКС прибыл новый экипаж – из США, ОАЭ и РФ

Search URL Search Domain Scan URL

URL: https://tsn.ua/tsikavinki/podorozh-u-chasi-mozhliva-za-dopomogoyu-kilcevih-vcheniy-2277082.html
Title: Подорож у часі можлива за допомогою кільцевих лазерів - вчений

Search URL Search Domain Scan URL

URL: https://nnews.com.ua/u-vodah-entselady-znajdeno-dokazy-isnuvannya-gidrotermalnyh-ventyliv.html
Title: У водах Енцелади знайдено докази існування гідротермальних вентилів

Search URL Search Domain Scan URL

URL: https://root-nation.com/ua/news-ua/it-news-ua/ua-analiz-asteroida-ryugu-pokazav-tisyachi-organichnih-molekul/
Title: Новий аналіз астероїда Рюгу показав тисячі органічних молекул

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/03/nazvali-top-5-najproblemnishix-vzhivanix-krosoveriv
Title: Назвали топ-5 найпроблемніших вживаних кросоверів

Search URL Search Domain Scan URL

URL: https://autotheme.info/news/184882-na-dorogah-ukrayini-z-yavilisya-novi-mashini-zi-spetssignalami-yaki-neobhidno-propuskati.html
Title: На дорогах України з’явилися нові машини зі спецсигналами, які необхідно пропускати

Search URL Search Domain Scan URL

URL: https://avtosota.com/25714-5-avtomobiliv-z-najmenshymy-bagazhnykamy.html
Title: 5 автомобілів з найменшими багажниками

Search URL Search Domain Scan URL

URL: https://glavnoe.ukrainianwall.com/uk/98784-navesni-dlya-vodijiv-vvedut-seryoznu-zaboronu-za-porushennya-shtraf
Title: У Раді готують новий штраф для водіїв

Search URL Search Domain Scan URL

URL: https://ua-electro.com/pershij-elektromobil-suzuki-jimny-zyavitsya-u-2026-roci-shho-shhe-vidomo/
Title: Перший електромобіль Suzuki Jimny з'явиться у 2026 році, що ще відомо

Search URL Search Domain Scan URL

URL: https://sportnews.com.ua/59943/zaruba-v-piznih-raundah-olimpijskij-chempion-dav-prognoz-na-usik-f-yuri/2023/03/03/
Title: Заруба в пізніх раундах: олімпійський чемпіон дав прогноз на Усік — Ф’юрі

Search URL Search Domain Scan URL

URL: https://onthewaytowembley.com/fulhem-podpishet-igroka-shahtera-na-postoyannoj-osnove/
Title: «Фулхэм» подпишет игрока «Шахтера» на постоянной основе

Search URL Search Domain Scan URL

URL: https://fanday.net/news/ne-uspel-ya-pozdorovatsya-kak-on-menya-srazu-pozval-na-personalnuyu-teoriyu-pikhalenok-o-petrakove
Title: «Не успел я поздороваться, как он меня сразу позвал на персональную теорию»: Пихаленок – о Петракове

Search URL Search Domain Scan URL

URL: http://sport.ua/news/616945-opredelilis-polufinalnye-pary-na-sorevnovaniyah-atp-v-akapulko
Title: Определились полуфинальные пары на соревнованиях ATP в Акапулько

Search URL Search Domain Scan URL

URL: https://ua.tribuna.com/uk/tribuna/blogs/ukrainianf/3073982/
Title: Велике дослідження кутових в УПЛ: «Динамо» та «Шахтар» не використовують потенціал, «Дніпро-1» – серед лідерів

Search URL Search Domain Scan URL

URL: http://nashamama.com/zdorovya/57352pro-yaki-zahvoryuvannya-mozhut-govoriti-holodni-ruki.html
Title: Про які захворювання можуть говорити холодні руки?

Search URL Search Domain Scan URL

URL: http://zdorovia.com.ua/harchuvannja/59492tri-produkti-yaki-poslablyuyut-imunitet.html
Title: Три продукти, які послаблюють імунітет

Search URL Search Domain Scan URL

URL: https://lhealth.info/16715/shcho-take-seredzemnomorskyj-sposib-zhyttia-i-iak-vin-pokrashchuie-zdorov-ia
Title: Що таке середземноморський спосіб життя і як він покращує здоров’я

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/142658-5-rechovyn-iaki-shchodnia-potribni-nashomu-tilu-dlia-zdorovia.html
Title: 5 речовин, які щодня потрібні нашому тілу для здоров'я

Search URL Search Domain Scan URL

URL: https://internetua.com/svitom-shiritsya-superbakteriya-diareyi-yaka-ne-piddayetsya-likuvannua
Title: Світом шириться супербактерія діареї, яка не піддається лікуванню

Search URL Search Domain Scan URL

URL: https://ua-novosti.info/shoubiznes/klum-pokazala-svij-vixid-u-svit-u-yaskravij-sukni-z-glibokim-dekolte.html
Title: Клум показала свій вихід у світ у яскравій сукні з глибоким декольте

Search URL Search Domain Scan URL

URL: https://sensatsiya.com/shou-biznes/62285-na-komu-oleg-vynnyk-odrujyvsya-naspravdi-prosta-ta-vrodlyva-divchyna-iz-sela-bez-groshei-ta-zv-yazkiv/?utm_source=ukr.net
Title: ЗМІ розсекретили особистість справжньої дружини Олега Винника

Search URL Search Domain Scan URL

URL: https://toneto.net/news/kultura/bog-zabira---vse-zayve---hristina-gornyak-rozsekretila--z-kim-v--dpochiva---na-mald--vah-----zgadala-pro-kolishnogo-eksdrugina-ostapchuka-vir--shila-vlashtuvati-detoks-na-rayskih-ostrovah-p--slya-ostann--h-novin-lyudi
Title: Христина Горняк розсекретила, з ким відпочиває на Мальдівах

Search URL Search Domain Scan URL

URL: https://vogue.ua/article/vogueman/brend/maykl-b-dzhordan-u-reklamniy-kampaniji-calvin-klein-51506.html
Title: Майкл Б. Джордан у рекламній кампанії Calvin Klein

Search URL Search Domain Scan URL

URL: https://focus.ua/auto/552978-dzhastin-biber-podaril-sebe-na-den-rozhdeniya-unikalnyy-sportkar-porsche-foto-video
Title: Джастин Бибер подарил себе на день рождения уникальный спорткар Porsche (фото, видео)

Search URL Search Domain Scan URL

URL: https://nv.ua/ukr/world/geopolitics/bryanska-oblast-poraneno-dvoh-rosiyskih-prikordonnikiv-podrobici-novini-rosiji-50308115.html
Title: Два російських прикордонника поранені під час перестрілки з бійцями Російського добровольчого корпусу в Брянській області — росЗМІ

Search URL Search Domain Scan URL

URL: https://sprotyv.info/analitica/rosiya-vtracha%d1%94-vazheli-vplivu-na-serbiyu-isw/
Title: Росія втрачає важелі впливу на Сербію – ISW

Search URL Search Domain Scan URL

URL: https://ua.news/ua/world/svoboda-vyrazheniya-vzglyadov-vozle-posolstva-rf-v-finlyandii-sozhgli-portret-putina
Title: «Свобода висловлення поглядів»: біля посольства рф у Фінляндії спалили портрет путіна

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/economics/552775-rossiya-i-gryazznye-dengi-kak-skoro-strana-agressor-okazhetsya-v-chernom-spiske-fatf
Title: Росія та брудні гроші. Коли країна-агресор опиниться в чорному списку FATF

Search URL Search Domain Scan URL

URL: https://babel.ua/news/91173-u-ssha-areshtuvali-dvoh-cholovikiv-za-vidpravku-aviatehniki-do-rosiji
Title: У США заарештували двох чоловіків за відправку авіатехніки до росії

Search URL Search Domain Scan URL

URL: https://bomok.com.ua/novyny/pidbytyj-rosijskyj-tank-zhartoma-vystavyly-na-prodazh-u-lytvi/
Title: Підбитий російський танк жартома виставили на продаж у Литві

Search URL Search Domain Scan URL

URL: https://novosti-n.org/ua/ukraine/Zuhvalyj-baran-zalyshyv-bez-dyvana-svogo-malenkogo-gospodarya-VIDEO--301177
Title: Зухвалий баран залишив без дивана свого маленького господаря (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/142657-gromadianska-viina-na-rosii-merezha-vybukhnula-memamy-pro-ukrainsku-drg-u-briansku.html
Title: Громадянська війна на росії: Мережа вибухнула мемами про "українську ДРГ" у Брянську

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/03/sobaka-yakij-rozirvav-chuzhu-posilku-vlashtuvav-gospodaryam-pikantnij-syurpriz-video
Title: Собака, який розірвав чужу посилку, влаштував господарям пікантний «сюрприз» (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://internetua.com/rosiiska-propaganda-kupilasya-na-jartivlive-video-85-ricsnogo-ukrayinskogo-blogera
Title: Російська пропаганда “купилася” на жартівливе відео 85-річного українського блогера

Search URL Search Domain Scan URL

URL: https://novosti-n.org/news/Obstrel-Ochakova-poyavylys-foto-posledstvyj-262984
Title: Обстрел Очакова: появились фото последствий

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/03/dzhud-lou-zminivsya-do-nevpiznannya-dlya-novo%d1%97-roli-foto
Title: Джуд Лоу змінився до невпізнання для нової ролі (фото)

Search URL Search Domain Scan URL

URL: http://trueua.info/news/-zsu-zbili-rosijskij-zasekrechenij-rozviduvalnij-dron-kartograf-foto
Title: ЗСУ збили російський засекречений розвідувальний дрон "Картограф" (фото)

Search URL Search Domain Scan URL

URL: https://censor.net/ua/photo_news/3403386/ukrayinok_hotily_vyvezty_do_chehiyi_v_seksualne_rabstvo_prykordonnyky_ne_daly_foto
Title: Українок хотіли вивезти до Чехії в сексуальне рабство. Прикордонники не дали. ФОТО

Search URL Search Domain Scan URL

URL: https://tsn.ua/lady/news/show-biznes/blisnula-formami-z-usih-rakursiv-kim-kardashyan-u-bikini-seksualno-pozuvala-v-dushi-2277070.html
Title: Блиснула формами з усіх ракурсів: Кім Кардашян у бікіні сексуально позувала в душі

Search URL Search Domain Scan URL

URL: https://hronikers.com/2023/03/03/v-dytsadku-u-rivnomu-zranku-vyiavyly-zakryvavlene-tilo-okhorontsia-foto-video/
Title: В дитсадку у Рівному зранку виявили закривавлене тіло охоронця (ФОТО, ВІДЕО)

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/03/u-pidmoskov%d1%97-progrimiv-vibux
Title: У Підмосков’ї прогримів вибух

Search URL Search Domain Scan URL

URL: https://www.epochtimes.com.ua/novyny-ekonomiky/rosiya-znyzhuye-zalezhnist-vid-dolara-pokladayuchys-na-kytayskyy-yuan-video-149711
Title: Росія знижує залежність від долара, покладаючись на китайський юань (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://kriminal.tv/news/morskoj_bespilotnik_hydra_dron_razvedchik_nezametnyj_dlja_protivnika_video.html
Title: Морской беспилотник Hydra — дрон-разведчик, незаметный для противника (видео)

Search URL Search Domain Scan URL

URL: https://ua.news/ua/technologies/tesla-pokazala-kak-roboty-optimus-sobirayut-drugih-robotov-video
Title: Tesla показала, як роботи Optimus збирають інших роботів – відео

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/142647-6-vydiv-posudu-iaky-kategorychno-ne-mozhna-stavyty-v-mikrokhvylovu-pich.html
Title: 6 видів посуду, який категорично не можна ставити в мікрохвильову піч

Search URL Search Domain Scan URL

URL: https://hyser.com.ua/uk/community/189317-est-na-lyuboy-kuhne-kak-pri-pomoshchi-nedorogo-sredstva-izbavitsya-ot-nepriyatnogo-zapaha-iz-rakoviny
Title: Названо простий засіб, який допомагає позбутися запаху в раковині

Search URL Search Domain Scan URL

URL: https://prostoway.com/35951-3-nezvychajni-yemnosti-dlya-vyroshhuvannya-rozsady-ekonomno-ta-ekologichno
Title: 3 незвичайні ємності для вирощування розсади: економно та екологічно

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/03/vdala-pyatnicya-goroskop-dlya-vsix-znakiv-zodiaku-na-3-bereznya-2023-roku
Title: Вдала п’ятниця. Гороскоп для всіх знаків Зодіаку на 3 березня 2023 року

Search URL Search Domain Scan URL

URL: https://internetua.com/groshi-dlya-nih-ne-problema-p-yat-znakiv-zodiaku-yaki-mojut-legko-rozbagatiti
Title: Гроші для них не проблема: п'ять знаків Зодіаку, які можуть легко розбагатіти

Search URL Search Domain Scan URL

URL: https://shuba.life/recipes/10896-tosti-z-rikotoyu-na-snidanok-energijnij-snidanok
Title: Тости з рикотою на сніданок — енергійний сніданок

Search URL Search Domain Scan URL

URL: https://www.trserial.net.ua/pyrig-sonyashnyk-ne-lyshe-smachno-a-j-krasyvo-zminyuyemo-nachynku-i-zavzhdy-riznyj-smak/
Title: Пиріг “Соняшник” – не лише смачно, а й красиво: змінюємо начинку і завжди різний смак

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/03/profitroli-z-limonnim-zavarnim-kremom
Title: Профітролі з лимонним заварним кремом

Search URL Search Domain Scan URL

URL: https://internetua.com/yak-zakriti-paket-dlya-zapikannya-genialnii-sposib
Title: Як закрити пакет для запікання: геніальний спосіб

Search URL Search Domain Scan URL

URL: https://pixelinform.com/lifestyle/yak-prygotuvaty-idealni-syrnyky-7-sekretiv-smachnogo-snidanku-vid-shef-kuhariv/
Title: Як приготувати ідеальні сирники: 7 секретів смачного сніданку від шеф-кухарів

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpd&utm_campaign=banner_shiny-diski_brendirovanie-toplivo&utm_content=120-77

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aries/today.html
Title: Овен

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/taurus/today.html
Title: Телець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/gemini/today.html
Title: Близнюки

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/cancer/today.html
Title: Рак

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/lion/today.html
Title: Лев

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/virgo/today.html
Title: Дiва

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/libra/today.html
Title: Терези

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/scorpio/today.html
Title: Скорпiон

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/sagittarius/today.html
Title: Стрiлець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/capricorn/today.html
Title: Козоріг

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aquarius/today.html
Title: Водолій

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/pisces/today.html
Title: Риби

Search URL Search Domain Scan URL

URL: http://orakul.com/sonnik/
Title: Сонник

Search URL Search Domain Scan URL

URL: http://orakul.com/imena/
Title: Тлумачення імен

Search URL Search Domain Scan URL

URL: http://orakul.com/taro/
Title: Таро

Search URL Search Domain Scan URL

URL: https://shinadiski.com.ua/
Title: Шини для авто та диски

Search URL Search Domain Scan URL

URL: https://www.zapchast.com.ua/
Title: Автозапчастини

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpc&utm_campaign=link_shiny-diski_ssylka-na-glavnoy&utm_content=text
Title: Авторезина та диски

Search URL Search Domain Scan URL

URL: http://kiaparts.com.ua/
Title: Запчаст. Kia, Hyundai

Search URL Search Domain Scan URL

URL: https://autoshini.com/?utm_source=ukr.net
Title: Шини та диски

Search URL Search Domain Scan URL

URL: http://transshina.com.ua/
Title: Автошини та диски

Search URL Search Domain Scan URL

URL: https://pokraska.diskservice.com.ua/
Title: Фарбування дисків

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/
Title: Купити нове авто

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_liberti-967/
Title: Інфініті ВІДІ Ліберті

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_insite-1120/
Title: Хонда ВІДІ Інсайт

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_armada-993/
Title: Ніссан ВІДІ Армада

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_avtostrada-961/
Title: Toyota на Кільцевій

Search URL Search Domain Scan URL

URL: https://www.optics-pro.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=optica
Title: Оптика для полювання

Search URL Search Domain Scan URL

URL: http://www.aks.ua/
Title: Аксесуари, запчастини

Search URL Search Domain Scan URL

URL: https://ukroptica.com.ua/
Title: Тепловізори і оптика

Search URL Search Domain Scan URL

URL: https://helplist.io/
Title: Об'єднання волонтерів

Search URL Search Domain Scan URL

URL: https://npdn.in.ua/b796ec837a694c9183a68d6aeaab1e9f
Title: Волонтерство

Search URL Search Domain Scan URL

URL: http://www.helpua.io/
Title: Проєкт HelpUA

Search URL Search Domain Scan URL

URL: https://dovidka.info/
Title: Dovidka.info

Search URL Search Domain Scan URL

URL: https://savelife.in.ua/donate/
Title: Підтримка армії

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/687761881312683
Title: Свалявський рух опору

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/create?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_host&utm_id=ukrnet
Title: Житло біженцям

Search URL Search Domain Scan URL

URL: https://petlive.com.ua/
Title: Перетримка тварин

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/about/support-the-armed-forces
Title: Допомога ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/president.gov.ua
Title: Офіс Президента

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KabminUA
Title: Кабінет Міністрів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mvs.gov.ua
Title: Мін. внутрішніх справ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MNS.GOV.UA
Title: ДСНС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TerritorialDefenseForces
Title: ТерО ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUStratCom
Title: СтратКом ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dsszzi
Title: Держспецзвʼязок

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UkrainianLandForces
Title: Сухопутні ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CinCAFU
Title: Головнокомандувач

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GeneralStaff.ua
Title: Ген штаб ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MinistryofDefence.UA
Title: Міністерство оборони

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UA.National.Police
Title: Національна поліція

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DPSUkraine
Title: ДПС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NGUmainpage
Title: Нацгвардія України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StratcomCentreUA
Title: Центр інф. безпеки

Search URL Search Domain Scan URL

URL: https://www.facebook.com/navy.mil.gov.ua
Title: ВМС ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUkraine
Title: ЗС України

Search URL Search Domain Scan URL

URL: https://sprotyv.mod.gov.ua/
Title: Центр нац. спротиву

Search URL Search Domain Scan URL

URL: https://klubnatura.pl/pages/solidarni-z-ukraina
Title: Допомога в Польщі

Search URL Search Domain Scan URL

URL: https://www.bamf.de/DE/Themen/AsylFluechtlingsschutz/ResettlementRelocation/InformationenEinreiseUkraine/informationen-einreise-ukraine-node.html
Title: Допомога в Німеччині

Search URL Search Domain Scan URL

URL: https://www.czechhomesforukraine.com/uk
Title: Тимчасове житло

Search URL Search Domain Scan URL

URL: https://www.unterkunft-ukraine.de/request
Title: Знайти житло

Search URL Search Domain Scan URL

URL: https://www.facebook.com/752118234860641/posts/7149925781746489/?d=n
Title: Сайти допомоги

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_guest&utm_id=ukrnet
Title: Безкоштовне житло в Україні

Search URL Search Domain Scan URL

URL: https://vogue.ua/article/culture/puteshestviya/kijiv-vilnyus-shcho-maye-znati-kozhen-ukrajinskiy-bizhenec.html
Title: Допомога у Вільнюсі

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium/bizhenci-z-ukrajini-do-latviji-yak-i-de-peretnuti-kordon-otrimati-dopomogu-robotu-ta-de-zhiti-50228296.html
Title: Допомога у Латвії

Search URL Search Domain Scan URL

URL: https://www.migrationsverket.se/English/About-the-Migration-Agency/The-situation-in-Ukraine.html
Title: Допомога в Швеції

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/03/11/247770/
Title: Пошук житла

Search URL Search Domain Scan URL

URL: https://www.ukrainetakeshelter.com/
Title: Розміщення біженців

Search URL Search Domain Scan URL

URL: https://www.immobilienscout24.de/lp/hilfe-fuer-die-ukraine.html
Title: Житло в Німеччині

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/
Title: Прихисток для біженців

Search URL Search Domain Scan URL

URL: https://chytomo.com/dlia-kulturnykh-diiachiv-i-osvitian-dopomoha-i-pratsevlashtuvannia-za-kordonom/
Title: Працевлаштування за кордоном

Search URL Search Domain Scan URL

URL: https://zib.com.ua/ua/151001-timchasoviy_zahist_na_kipri_mozhlivosti_dlya_ukrainciv.html
Title: Допомога на Кіпрі

Search URL Search Domain Scan URL

URL: https://t.me/miUkraune
Title: Міністерство інфраструктури України

Search URL Search Domain Scan URL

URL: https://t.me/uksatse_official
Title: Украерорух

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airportboryspil/
Title: Міжнародний аеропорт “Бориспіль”

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lvivinternationalairport/
Title: Міжнародний аеропорт “Львів”

Search URL Search Domain Scan URL

URL: https://t.me/UkrzalInfo
Title: Укрзалізниця

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Ukravtodor.Gov.Ua
Title: Укравтодор

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uspa.gov.ua
Title: Адміністрація морських портів України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DSBT.UA
Title: Державна служба України з безпеки на транспорті (ДСБТ)

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2022_07_11_manual_3gr_5_1.pdf
Title: ФОП 3-ї групи ЄП-5%

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/manual_declaration_3gr_2.pdf
Title: ФОП ЄП 3-ї групи 2% Звіт за 12/2022

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2022_07_11_manual_3gr_2_1.pdf
Title: ФОП 3-ї групи ЄП 2%

Search URL Search Domain Scan URL

URL: https://trafmag.com/

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=MTU5fDEzODcyfDE4NS4yMTMuMTU1LjE3NHw3MjA4Mjk3MXwxNjc3ODMwOTE3fGUzMWE2OWY4MGU5NWExOWEyZGM0MGQ2ODI5MWVlNTVjfDMzMw==&vid=1551748655213425

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=MTU5fDEzODcyfDE4NS4yMTMuMTU1LjE3NHw1ODE1OTY2NHwxNjc3ODMwOTE3fDlmZmFhMmM1NDI3OWM4MjJjOWYyYTcyNDgzYWM1YjAyfDMzMw==&vid=1551748655213425&pstcnt=4_0
Title: от 4 499 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=MTU5fDEzODcyfDE4NS4yMTMuMTU1LjE3NHw1ODE1MzIwNHwxNjc3ODMwOTE3fDJiNTVlMzRmOGQzNzdlOTRlMjQ0MTk1NDlmYmIxNWVifDMzMw==&vid=1551748655213425&pstcnt=4_0
Title: 3999 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=MTU5fDEzODcyfDE4NS4yMTMuMTU1LjE3NHw1ODE1OTY2MnwxNjc3ODMwOTE3fDE0YmUzM2U3ZjJmNDEwMDg2MGY4YTcyYTlhYTM3ZmZlfDMzMw==&vid=1551748655213425&pstcnt=4_0
Title: от 253 грн

Search URL Search Domain Scan URL

URL: https://phoenix-widget.com/

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/.eJxVj1tqwzAQRbdS_NGv1pH1sGVDKHQJ3YDRYxSbRpajR9qkdO8dJ7RQmAHp3jNXo6-qxGM1VFPOaxp2Oxt8bba-7F5K9mMKJRrYr1OAZf583CQPdi5-b1ZzuxrlVzUflv0agw8jlOqpwqOBlELEZBMi1H9CqqNatke0SlC_qmWB-HZTcOxjtgfI42xxrCVSdUbrXtJOd9pxyi0XgiB295mzjvOegXFN2zjHneVENOj_bjT-AxUnpmGNBWtaS3uH4KTSdIeUEGDa3jjLBG0IVQxAMqM7aolSbYdwnj2kjNGIU0LZM9nqgcgBi3W1FITIFsGSIN5T5TXQpb--T8mdTj6fz-jq25fHfFkBCQtOlWOuvn8ACKZ99A.aHzb00wuLPvXj5hqjAxfEImoVaE

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/.eJx1Ucuu2yAU_JXKi65qG2NscCTrSvcT-gMRj0NME8AXsNuk6r_3xFG7u9LZMDNnhoHf1ZZu1alaSlnzqW0vW8qQXShxS42OvpXXsslbuEMd4h5zca2XOccdgTXFArnc673eHgquLhcZoNZLibV77EiFWAdZGxnC_Ufto4dQ2o7Ssedd-7YVf84Yo2FelwjB_fr6hDwYt_lZr_o4aulX6S5hHqyiHDrew8SogNES4EpRc6gKJD-PREg-MRDWGA1EjHyECYC8fGIoGD-PVFPFpNFad0bbCQioyXJVfauwjwbslvA9dEzQ_Adyk2Qw0TdKZmjesQ-k7weCaz-duUA5O4NrxxW0UpOgXHFlGWWGDQNB2Yv_PP1f0ZfRZ21RuMi8vERcDZYNVlNm-17C0AsQo2ZKdHTi0j5Ti_P4D2iNckpoX5PnfCHihNPzRgxkoAyFW4b0chWPSMP0uC7Zfnz4su_IqqPyudxXQIUBK7dbqf78Bf6JvbU.kHA1Ri4l9M420MAJR9r0PaS8TGg

Search URL Search Domain Scan URL

URL: https://code.nvtk.com/click/?x=Xj9_gsaLk5Tnnvf0OJJTSFyacFMLKela3PQoGZXZesPNHG-9Jkdqtqu8QIm9K-_1VroI8YEnDq3VTKafVfBqXwboO-TeIrY86h7vmpZkKjetUqyIrX9Q7zvmCso2f5jNLWgbLH6PlqF9gK8nPVNCtbB7XiCW_Kq4dxen-e0h0eqvhz2RQhwYD6EtaDuygSGVIbFe5q_AGA-p5gi297J8MiNUmMoj0jpoPG8fESjIPd8tMLV9o3k2RAzEQsPmg7dKkuQyQcqy2Sm0_x6Qtoax6q9vjwzxv7xKEGEtkIqQLB4YbsrOIM8gtQ

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/.eJw9kNtuwyAMhl9lyvXIAUhCerlH2AtUHExCmwAFkiqZ9u6jjTTJF5b_z_5t_xRrmItLMaXk46Wqnm7RJkApXWnm6tjgUHs1mYTSBOgJcLcKidlYZeyIZjNOKaKY-IwiX9wNeefXeefBvnKIFm5oQyYmF4xB0btk9F4Vn4UPTkKMLmRr6bLffyGWgVvlllLwCOUXtxbC97uS255GjZCuRuW2rma8l0IMDPeiF5piqmjb1hk7dSJo3QsmlWoIZrJVslNi6LIu-eK5Ge05qAXNNBCqyMDqgfBeDEQxxjI48TidEO1YKweKhaqZ7HBDeduLrmG44Zq2RGc4mQXyKxafcVxjgupXfNTskoP0JWsb0rzWWyOEcyo7HLbDcZ-ifjyWtG1ZFe-Tr2n3kAkFmq9zKn7_ACKniPc.VVDuq2fwYbfuqnDJ3rM9tP67B6k

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/.eJx1j0lu5DAMRa_S8KJXsUslyZZcgJEbZJELBBqoWOWy5GioTOi7N1NGsgtALcj_-MX_2dR0aU7NXMqWT4eDLwFKZ-LaVXVIMWd_zouHNi5L3VQo723V_uLbIxtbCwXO7bWtS1I-wOG-lvUpx5oMTNscIfi3v1-jFayv62Q2c2uNWjfln8PUAzO9FT13jDrgpD8KRZwUN6pAWqeBSCVGDtJZa4DIQQwwApDdJ4YCoUwD5YMdWc-JckoLOhije0KG5q7ZUjSQc0yY0MQE3c8gd0kFizG1ytA9wGt-vPW49OrtM5Qnb3HpdoDRepRUaKEdp9zyvieI7frvf3_H3I1-y4rgrPK8Q5xSZ7Vx9CgMBaUJPuaUZIIBngAIF79CLmiNOCWUteSr_hB5wmKik2jMjgjWDGl3lR-RhvFjmbN7eVnL9YqqViGgXt43QMKCU_VSmn__AVtDqEw.bstnawmKsOAKSnmR-p0e3VOM2Yo

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/.eJx1j01upDAQha8yYjGrAMZgsFtCI80R5gItUy4aK_4htiHTHeXucdNJdpFqYb_66lW9t2ILpjgVS0prPNW11ReHr7ECb-v7o1690UlDvZfPAa3B0snbLo0uL0bubrtuJaAplbnKMvgYta6WZM2fLdlz9FsAHNfFo9P_f98li0pvdoQVji9Iu8q8cWQgZcenrptbOmMjuehJT6E_qITBjj3hchAd8lkpQML7oUeBSB4-3iV0aexbBQA4CYqKwcwkU43KzsVTsQYPGKMPOSz4gNW3EKsgnfK2mmTE6q90DsO_Q8ljr1pdMJ21ymPHCTBNgtNhGqa5o53qGCMZe_R_3v4V9GH0U9oMLjIunxAXDIQiguc9M1KgTA2y4aLBRilCM5y0xZiydcYpoW1J7vWL8FOudqg4o007ZHCLGB6u_OapE7fnJc4vLzbte-5OR-Rzuq6YCYWz3Ewq3j8AvZ2v5Q.7rmh5kZuLO1U9EuvFrqLRVT2aeQ

Search URL Search Domain Scan URL

URL: https://narnia-ua.space/?utm_source=ukrnet&utm_medium=cpm&utm_content=banner_1

Search URL Search Domain Scan URL

URL: https://narnia.space/?utm_source=ukrnet&utm_medium=cpm&utm_campaign=new_image&utm_content=img_l2
Title: 429 грн

Search URL Search Domain Scan URL

URL: https://mgid.com/

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15444101/i/57452893/0/pp/1/1?h=y-zX4HIzM4Ja8iDvMR-Dg3bPMA2njnl7n04AaZIZmvoCVU04nuhEi2_UUNkOpcA3Cyaj3_eOPyaEebGFmlOkKw**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15505740/i/57452893/0/pp/2/1?h=y-zX4HIzM4Ja8iDvMR-Dg3bJhQtlNz5a6_BzMYyFZxezYOKKsR6hUM2qToqMZL1Y_PXpSHwRAz5TGVFCMSO7hQ**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15493161/i/57452893/0/pp/3/1?h=y-zX4HIzM4Ja8iDvMR-Dg96Kul0BFjm-WmefvxgSeUSPU6y_PIo0Wo8r6MTIXA0rr7qUZMQ3Hhuf1MFtb4J9rg**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15338280/i/57452893/0/pp/4/1?h=y-zX4HIzM4Ja8iDvMR-Dg8S6cas6cYIIMxwe8xVOLzalbLLIJkNnZx7YZ4ncG05L-YlAIr96Of7JBKCHb3qpPA**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/8028200/i/57452893/0/pp/5/1?h=y-zX4HIzM4Ja8iDvMR-Dg6MG01NAZy5h3xMKDkL5SvkwvaYlyPxN7ospeZI5T5Bchgd1M8Gh4f1_5Y3epdyVyg**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14369635/i/57452893/0/pp/6/1?h=y-zX4HIzM4Ja8iDvMR-Dg9fjMVMI0uNkI28Ksf_Ja09o0IpOKhA62xvR-IzaNa9WtOCh5Wto7-_yCx0CdhlCjw**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14409476/i/57452893/0/pp/7/1?h=y-zX4HIzM4Ja8iDvMR-Dg9VPcsHfo-T9_wLmVIZU7kLQVHwbc17KbCOzNWWoV_0UUcUk2pnu_bwTemmB0FVdlg**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/11249008/i/57452893/0/pp/8/1?h=y-zX4HIzM4Ja8iDvMR-Dg3TiX2UeOdBdL_0B4gDGCKRW61Wo3MC-TfP81xYpV63DOcGykb5NjRKOcU2_1yKehw**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/13809692/i/57452893/0/pp/9/1?h=y-zX4HIzM4Ja8iDvMR-Dg7cmvKW7UQXOBMwlpN6XEJ4OkB2myF7CVMxHGHd6LQiCJcUNIG3zP3eS8yXGkAD7qQ**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15388540/i/57452893/0/pp/10/1?h=y-zX4HIzM4Ja8iDvMR-Dg3TqNiPtOIumFi4qWphCuUj5puq11EgmhJUQsD53GtX3e5JkeqIlQiRivX6-oDOZ0w**&rid=9997503a-b99a-11ed-aec3-e43d1a2a96ea&tt=Direct&att=3&cpm=1&prid=1&ct=1&st=60&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: http://adline.kiev.ua/
Title: Реклама на порталі

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/password_recovery
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/reg
Title: Регистрация

Search URL Search Domain Scan URL

URL: https://zakladki.ukr.net/index.php?action=export
Title: Скачати

Search URL Search Domain Scan URL

URL: http://zakladki.ukr.net/
Title: +ukr.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://mail.ukr.net/widget?lang=uk HTTP 303
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Request Chain 96

https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=1d49ac8a-57e9-4b08-85e1-c95bf0678eeb

Request Chain 97

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f58a9f95-4cb0-4753-ae92-e22ff74fcddb

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAGrBiH89-SCeAufkrY5BAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEExUXeC-tpSGWFT71em0ymU&google_cver=1

Request Chain 153

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzczMjk5MTA1NjQ5NTcxMw%3D%3D

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1

Request Chain 155

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAGrBiH89-SCeAufkrY5BAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEExUXeC-tpSGWFT71em0ymU&google_cver=1

Request Chain 157

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzczMjk5MTA1NjQ5NTcxMw%3D%3D

Request Chain 173

https://hal900025.redintelligence.net/request.php?zone=9asfppdpo3te&nw=20&renderingType=javascript&namespace=38cdf3c8fc&subid=&uid=4ee1cf90273be539&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3sFBasBZOKoNM2r3gPLgZPoA6blvaBp_Zqcp8kP8C4QASCI2bOYAWCV4pCCoAfIAQmpApstxEe4zbE-qAMBqgSDAk_QIdHLTzeJ1JJ4R7Rf2rsxCs2PiTM7UBQOF20DF8Zw-5QRDE-TgVf8r10nf34VaNhURUPxxOgCzIsAMSEjW5JIRAIdK3CsEZ5-vLRspa-0nFga3gYcfQCDdf4vJ9JiyC0AVVCLEbEssvcvYuULFqnzsM31vH8IG7VbdEvcMejk8IXtxIZ_T6l6FKB4DWWFUjYwknxsYnXBRoPZFK2pmXivjZv_aWg5JCt8ArZQTBvhg6x6YkZ0ZZvh-c1eujEnf2sGuOn9S1VnTUlo1h3yHEFpUG6XvLXStPt9qR52NJf7rGZO0dIKl6OX6SnyvZuUnh1GyTYLPiAnPUTMUXKfU8weV_rABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB%26sig%3DAOD64_3L6sB2FKEvQqjTjqS8-AlKnPpNzg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-B-Tv4wfUHJOWeVKfmFmescX3rv2irReSdeZkssBv-9NiSY76FW6wqFHubSG70AdOy4kjWbq5m3Dj5P4P_m6Nnr85XgAPrkPgxEWDcWd5RaSKEPseWKg6HleCV7qomJNkCfZNnaEE3tWGGflBBcj8EjZU_fODQ50rD3Ya9Vnboi3LJiif0%26cry%3D1%26dbm_d%3DAKAmf-BtGJ2F9bAg7R3-99TpFWyzo7Bc14QT7bCW4rGa_1hJIkbyNJuALEUmxCrdd39KC0Ck53tqnIIX-7uXSkQQaf4wj9OjshFZRbYAUu80JDlyn_v7M7znAwjJTEhq5vfE2pj12F2O910DAhTixyIqOUiWufWwu5MoNAgeF-VjDz8rFQXEP06BGiKfk0lEg9JmLr-nRmqMBfSmSxDVvyW0UzD5_iuxWWjkk-SqP_XmPrxvq1MYHBdaLO5sB2kfzQyPZhcjBbXzl3BZbBQZGXWFkaX_xf6Fq2tf1145QTJ6w4QtlyGJhtGKgvl7CCwf_2UO_0-uksgvHYZmPtI1onrGIOh3oIDIqO-2t7i2TrKmoRmbcYs_KuM-F994qItJbDYl4FQgdxw7rffYKnTbppmjXuFrDNPIVtQxwsKIZcBf4k3hjoIi50aq6XnsTr1u2H3bjcr5vZE-8nVcMq_Hj90zoJJagibl5f2kKwQRF1urt9Q02IVuXmQ%26adurl%3D&documentReferer=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=3767899033909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=9asfppdpo3te&nw=20&renderingType=javascript&namespace=38cdf3c8fc&subid=&uid=4ee1cf90273be539&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3sFBasBZOKoNM2r3gPLgZPoA6blvaBp_Zqcp8kP8C4QASCI2bOYAWCV4pCCoAfIAQmpApstxEe4zbE-qAMBqgSDAk_QIdHLTzeJ1JJ4R7Rf2rsxCs2PiTM7UBQOF20DF8Zw-5QRDE-TgVf8r10nf34VaNhURUPxxOgCzIsAMSEjW5JIRAIdK3CsEZ5-vLRspa-0nFga3gYcfQCDdf4vJ9JiyC0AVVCLEbEssvcvYuULFqnzsM31vH8IG7VbdEvcMejk8IXtxIZ_T6l6FKB4DWWFUjYwknxsYnXBRoPZFK2pmXivjZv_aWg5JCt8ArZQTBvhg6x6YkZ0ZZvh-c1eujEnf2sGuOn9S1VnTUlo1h3yHEFpUG6XvLXStPt9qR52NJf7rGZO0dIKl6OX6SnyvZuUnh1GyTYLPiAnPUTMUXKfU8weV_rABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB%26sig%3DAOD64_3L6sB2FKEvQqjTjqS8-AlKnPpNzg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-B-Tv4wfUHJOWeVKfmFmescX3rv2irReSdeZkssBv-9NiSY76FW6wqFHubSG70AdOy4kjWbq5m3Dj5P4P_m6Nnr85XgAPrkPgxEWDcWd5RaSKEPseWKg6HleCV7qomJNkCfZNnaEE3tWGGflBBcj8EjZU_fODQ50rD3Ya9Vnboi3LJiif0%26cry%3D1%26dbm_d%3DAKAmf-BtGJ2F9bAg7R3-99TpFWyzo7Bc14QT7bCW4rGa_1hJIkbyNJuALEUmxCrdd39KC0Ck53tqnIIX-7uXSkQQaf4wj9OjshFZRbYAUu80JDlyn_v7M7znAwjJTEhq5vfE2pj12F2O910DAhTixyIqOUiWufWwu5MoNAgeF-VjDz8rFQXEP06BGiKfk0lEg9JmLr-nRmqMBfSmSxDVvyW0UzD5_iuxWWjkk-SqP_XmPrxvq1MYHBdaLO5sB2kfzQyPZhcjBbXzl3BZbBQZGXWFkaX_xf6Fq2tf1145QTJ6w4QtlyGJhtGKgvl7CCwf_2UO_0-uksgvHYZmPtI1onrGIOh3oIDIqO-2t7i2TrKmoRmbcYs_KuM-F994qItJbDYl4FQgdxw7rffYKnTbppmjXuFrDNPIVtQxwsKIZcBf4k3hjoIi50aq6XnsTr1u2H3bjcr5vZE-8nVcMq_Hj90zoJJagibl5f2kKwQRF1urt9Q02IVuXmQ%26adurl%3D&documentReferer=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=3767899033909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 180

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11

213 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ukr.net/
Redirect Chain

http://ukr.net/
https://ukr.net/
https://www.ukr.net/

165 KB
42 KB

52ms
20ms

Document
text/html

104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c09767a91a947340cf78d655cb6eedf27d7345ee509b328bf4920c8031d086cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
cf-cache-status: DYNAMIC
cf-ray: 7a20647e3daf8fe8-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 03 Mar 2023 08:08:36 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7a20647d8d268fe8-FRA
content-type: text/html
date: Fri, 03 Mar 2023 08:08:36 GMT
location: https://www.ukr.net/
server: cloudflare
server-timing: cf-q-config;dur=4.9999998736894e-06,cf-q-config;dur=6.0000002122251e-06,cf-q-config;dur=2.1999999717082e-05,cf-q-config;dur=7.0000005507609e-06
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 214ms
83ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5903420-1

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f352791f037cdd8a2bbb5bd4fc839a2d90c329de393917d66f17bbd56e1094fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Mar 2023 08:08:37 GMT

GET
H2 200 top_links.css
upst.fwdcdn.com/css/1675674104/ 1 KB
757 B 91ms
14ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/1675674104/top_links.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0662c1d714b723d6693cb307b9356304df02b53b1c64a31b96b3c8469db020ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Feb 2023 09:02:03 GMT
server: cloudflare
age: 2156778
etag: W/"63e0c20b-48c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
cf-ray: 7a20647efdca37ca-FRA
expires: Sat, 02 Mar 2024 08:08:36 GMT

GET
H2 200 /
upst.fwdcdn.com/css/ 4 KB
2 KB 99ms
23ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
cf-ray: 7a20647efdce37ca-FRA
expires: Sat, 02 Mar 2024 08:08:36 GMT

GET
H2 200 main.css
upst.fwdcdn.com/css/2/portal/ 44 KB
8 KB 97ms
21ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/2/portal/main.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef67d947b37cfe4ee4400ca823b85690e100cf4b8dad240fd33626e914acbc6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 2607888
etag: "637656b5-2012"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a20647efdd037ca-FRA
content-length: 8210
expires: Sat, 02 Mar 2024 08:08:36 GMT

GET
H2 200 _desktop.js Show response
www.ukr.net/news/ 20 B
210 B 18ms
15ms Script
application/x-javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/news/_desktop.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 07:44:23 GMT
server: cloudflare
age: 1453
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7a20647e7df28fe8-FRA
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 12:08:36 GMT

GET
H2 200 concat.js Show response
upst.fwdcdn.com/js/2/portal/ 166 KB
51 KB 90ms
15ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/2/portal/concat.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 2607886
etag: "637656b5-cc31"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a20647efdd237ca-FRA
content-length: 52273
expires: Sat, 02 Mar 2024 08:08:36 GMT

GET
H2 200 main.js Show response
upst.fwdcdn.com/js/4/portal/ 61 KB
17 KB 97ms
23ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/4/portal/main.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0534aa23fa9d14f16432b0260576c85039be4ec262ae6e682b9a3bdd568fd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 15:45:03 GMT
server: cloudflare
age: 2607784
etag: "63c02aff-430c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a20647efdd337ca-FRA
content-length: 17164
expires: Sat, 02 Mar 2024 08:08:36 GMT

GET
H2 200 zakladki_v2.min.js Show response
zakladki.ukr.net/bookmarks/js/ 104 KB
19 KB 45ms
17ms Script
application/javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 10:42:05 GMT
server: cloudflare
age: 338354
etag: W/"5f366a7d-19e00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7a20647eae188fe8-FRA
expires: Fri, 10 Mar 2023 08:08:36 GMT

GET
H2 200 logo_uade8f83dcb4ec26a6cdc418ebea950e58.gif
upst.fwdcdn.com/temp/holidays/12003/ 37 KB
38 KB 14ms
13ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12003/logo_uade8f83dcb4ec26a6cdc418ebea950e58.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cee3310d05e8a2fc36f027fee3312d63e45c4ae3c93ccb5b9b44424d14b5d644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 08:05:00 GMT
server: cloudflare
age: 159
etag: "6401aa2c-95d8"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a20647f3e1e37ca-FRA
content-length: 38360
expires: Fri, 03 Mar 2023 12:08:37 GMT

GET
H2 200 title_img_uade8f83dcb4ec26a6cdc418ebea950e58.gif
upst.fwdcdn.com/temp/holidays/12003/ 4 KB
4 KB 15ms
12ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12003/title_img_uade8f83dcb4ec26a6cdc418ebea950e58.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72d9c1ac0eb3e6c0be0039872c504d5d13090ad50e1ea73e6b0497453799577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 08:05:00 GMT
server: cloudflare
age: 161
etag: "6401aa2c-e5a"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a20647f6e3e37ca-FRA
content-length: 3674
expires: Fri, 03 Mar 2023 12:08:37 GMT

GET
H2 200 fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 4 KB
4 KB 25ms
22ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Oct 2014 14:11:04 GMT
server: cloudflare
age: 188373
etag: "542eae78-1134"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a20647f6e4037ca-FRA
content-length: 4404
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 5 KB
5 KB 16ms
13ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Oct 2014 10:17:53 GMT
server: cloudflare
age: 188373
etag: "5437b251-134e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a20647f6e4137ca-FRA
content-length: 4942
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 127ms
77ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a20647faca65bdd-FRA

GET
H2 200 hb_300016_4947.js Show response
player.adtcdn.com/prebidlink/466064/ 934 B
800 B 72ms
21ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/466064/hb_300016_4947.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8c8df951027f44a987611e42f1b5bea45b278d09971f9e10da9b463ae300d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Feb 2023 13:53:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 520
etag: W/"63fe0765-3a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpfozOx%2FLGedsUH7bcbOaqbEDAUxqY9jwKcRpibkb55llRYRpagiNc2enOfn2JAV9JvNiiCeUtcYMMTJ3BS82MbPQKDfHpmeiGLKszLHnqrXqi92CtqQ%2Fx90PIsOwHEete4Q1%2BRqvH4SnDW7RWZZgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7a20647fbaeb9142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 08:14:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 242ms
93ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6037740b92ea3788fe4de6edaab4a6b70bc0ff2ba6e3bb5da717fa2d8cf8f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26950
x-xss-protection: 0
server: sffe
etag: "1499 / 476 of 1000 / last-modified: 1677798389"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Mar 2023 08:08:37 GMT

GET
H2 200 wrapper_hb_300016_4947.js Show response
player.adtcdn.com/prebidlink/466064/ 2 KB
1 KB 71ms
20ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/466064/wrapper_hb_300016_4947.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea69d68d743b0eadd9ed3e31518650f86d7b6719e53cf49c8816e002ba5f7109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Feb 2023 13:53:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 520
etag: W/"63fe0765-6ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyQsRiYUyltfj8wawQWbrAoiChMidwkZpWif2HKXl%2FsB4ZlS%2FU5Y9RZ6BAT49bdBC73MMzwEQ1bryqnZb0Tc1Ix00TtNhZYLjUvWpWO%2B%2FyO213YkTMMsU%2FjjGY4Litxp6b%2FqbtjjJN9M3MpuN%2FtpxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7a20647fbaed9142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Mar 2023 08:14:57 GMT

GET
H2 200 test Show response
accounts.ukr.net/public/access/ 2 B
271 B 49ms
6ms XHR
text/plain 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/public/access/test?_=1677830917024
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
x-upstream: 4210.10.20.48:5080
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length: 2

GET
H2

200

https://mail.ukr.net/widget?lang=uk
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

1 KB
1 KB

9ms
7ms

Document
text/html

212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

frvdc-253.fwdcdn.com

Software

nginx /

Resource Hash

1f3ca1b57ab4d820445437676ca6f2e17b2e19dab13a5d590b481a6f9ac82820

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://.ukr.net http://.ukr.net www.ukr.net ukr.net; form-action https://.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://.ukr.net; report-uri /csp-blocked
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://www.ukr.net/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 08:08:37 GMT
expires: Fri, 03 Mar 2023 08:08:36 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-frame-options: ALLOW-FROM https://www.ukr.net/
x-upstream: 4210.10.20.48:5080
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: blob: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
date: Fri, 03 Mar 2023 08:08:37 GMT
expires: Fri, 03 Mar 2023 08:08:36 GMT
location: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
server: nginx

GET
H2 200 5ysrIfrF92 Show response
go.rcvlink.com/ifr/ Frame 0BDB 15 KB
7 KB 113ms
13ms Document
text/html 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Fri, 03 Mar 2023 08:08:37 GMT
etag: W/"63c6f377-3b12"
expires: Sat, 04 Mar 2023 08:08:37 GMT
last-modified: Tue, 17 Jan 2023 19:13:59 GMT
server: nginx

GET
H2 200 v2 Show response
a4p.adpartner.pro/jsunit/jsonp/ 1 KB
893 B 266ms
151ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery30009448588172018806_1677830916991&_=1677830916992
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 6ac5f55fb4b619462667194c03ed545e1cb34996a7848d389781de1ef3682513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show_json/ukrnet/ 491 B
711 B 176ms
96ms Script
text/html 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery30009448588172018806_1677830916993&_=1677830916994

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

87f7786997603d532cdbd960b98952581fa0bfb907ca21d24c8ecc50272d5753

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
strict-transport-security: max-age=15768000, max-age=15768000
content-encoding: gzip
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
content-type: text/html; charset=utf-8

GET
H2 200 grey-pix.gif
upst.fwdcdn.com/img/ 53 B
176 B 15ms
15ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/grey-pix.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 188208
etag: "51b860f4-35"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a20647f9e8437ca-FRA
content-length: 53
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 pinformer4.php Show response
pinformer.sinoptik.ua/ Frame E6B3 6 KB
2 KB 49ms
6ms Document
text/html 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 63267d60a7f073e7a0636e9da5efa125c9dc15853442fdeaba8f54abb925eb6f

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, must-revalidate, proxy-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 Mar 2023 08:08:37 GMT
expires: Fri, 03 Mar 2023 08:09:55 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding

GET
H2 200 ukrnet_ua.html Show response
kinoafisha.ua/widget/ Frame 64A5 376 KB
18 KB 62ms
13ms Document
text/html 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1677830917068
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 70258519e453e4ccc71b84b15fe36fd091d6862cd4db44fbeab0605c41b2c890

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html
date: Fri, 03 Mar 2023 08:08:37 GMT
etag: W/"6401a901-5dfb1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 03 Mar 2023 08:00:01 GMT
server: nginx

GET
H2 200 ukrnet2.js Show response
trafmag.com/ 3 KB
3 KB 96ms
20ms Script
application/json 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://trafmag.com/ukrnet2.js?callback=jQuery30009448588172018806_1677830916995&_=1677830916996

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

001d8f3840ef8189ac4c70cd8f9061c4611b0ee1ed9ef8d77a8250d76db570b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: application/json; charset=utf-8
date: Fri, 03 Mar 2023 08:08:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"

GET
H2 200 ukrnet Show response
api.phoenix-widget.com/api/v2/ 7 KB
7 KB 790ms
625ms Script
application/json 143.244.196.143
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api.phoenix-widget.com/api/v2/ukrnet?callback=jQuery30009448588172018806_1677830916997&_=1677830916998

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.196.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

d8730c58e317288198539343a002e4a4561c1fe389100bacd1c02a95461b0020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
amp-same-origin: true
etag: "122ee758ab604d660454689f466eef2663b5e602"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
content-length: 7153

GET
H2 200 1119189 Show response
servicer.mgid.com/ 8 KB
3 KB 73ms
38ms Script
application/json 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1119189?callback=jQuery30009448588172018806_1677830916999&_=1677830917000
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e647a5ebad7b62d67fb9823cea2c16cd2862f6a658e8211236f8a3ffbae2695f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7a20647ff84b2be2-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 addlink.gif
zakladki.ukr.net/bookmarks/img/ 2 KB
2 KB 15ms
14ms Image
image/gif 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zakladki.ukr.net/bookmarks/img/addlink.gif

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
last-modified: Tue, 20 Aug 2013 02:30:01 GMT
server: cloudflare
age: 338353
etag: "5212d4a9-6dc"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a20647fdf2a8fe8-FRA
content-length: 1756
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/c5/ 1 B
415 B 52ms
6ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/c5/cnt.php?rand=0.10569804399653204&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Fri, 03 Mar 2023 08:08:36 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/aid/portal/ 311 B
701 B 39ms
8ms Script
application/octet-stream 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.9989786247318175&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 743e18d73aa1ebfbf0d0ddb4cc513de8ba5eff4d25276df115d4976d1c7d2f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:37 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Fri, 03 Mar 2023 08:08:36 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/lid/329/ 1 B
415 B 22ms
6ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/lid/329/cnt.php?rand=0.9268478201547814&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Fri, 03 Mar 2023 08:08:36 GMT

GET
H2 204 /
loadercdn.net/ 0
170 B 212ms
54ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?u=f4534e8324e2470e&d=www.ukr.net
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Mar 2023 08:08:37 GMT
server: openresty

GET
H2 200 swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame E6B3 11 KB
3 KB 7ms
6ms Stylesheet
text/css 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 13:04:12 GMT
server: nginx
etag: W/"5f620d4c-2deb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
expires: Sun, 02 Apr 2023 08:08:37 GMT

GET
H2 200 swPortal4.js Show response
pinformer.sinoptik.ua/js/15/ Frame E6B3 115 KB
38 KB 14ms
13ms Script
application/x-javascript 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 14:54:44 GMT
server: nginx
etag: W/"5f622734-1cc1f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000, public
expires: Sun, 02 Apr 2023 08:08:37 GMT

GET
H2 200 t.gif
pinformer.sinoptik.ua/img/ Frame E6B3 43 B
232 B 6ms
6ms Image
image/gif 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/t.gif
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Thu, 23 Oct 2014 10:32:30 GMT
server: nginx
etag: "5448d93e-2b"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 43
expires: Sun, 02 Apr 2023 08:08:37 GMT

GET
H2 200 1_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame E6B3 1 KB
1 KB 9ms
7ms Image
image/jpeg 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/1_0.jpg
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a2af799b642bf2874c60a83411aae8de4768d46d9c150499040a7e93ac8007f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-532"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1330
expires: Sun, 02 Apr 2023 08:08:37 GMT

GET
H2 200 / Show response
www.ukr.net/sinoptik/102925533/ Frame E6B3 0
302 B 17ms
16ms Script
application/x-javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ukr.net/sinoptik/102925533/
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1677830917061
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 3 Mar 2023 08:08:37 UTC
server: cloudflare
etag: "51b98b6a-0"
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges: bytes
cf-ray: 7a2064809fd78fe8-FRA
content-length: 0
expires: Fri, 3 Mar 2023 08:08:37 UTC

POST
H2 200 csp-blocked
accounts.ukr.net/ Frame 4382 2 B
99 B 10ms
6ms Other
text/html 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/csp-blocked
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

x-upstream: 42, 42127.0.0.1:8082
date: Fri, 03 Mar 2023 08:08:37 GMT
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 bundle.css
accounts.ukr.net/widget/login/css/ Frame 4382 11 KB
3 KB 10ms
6ms Stylesheet
text/css 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/css/bundle.css?ea3ffcbf
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 15:45:29 GMT
server: nginx
etag: W/"63f39599-2c24"
content-type: text/css
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Fri, 17 Mar 2023 08:08:37 GMT

GET
H2 200 bundle.js Show response
accounts.ukr.net/widget/login/js/ Frame 4382 161 KB
44 KB 16ms
12ms Script
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/bundle.js?5fb60698
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 3ef95b0e646f1d56615990e7cffa2d7b0719ad83fc0225213c6ce92cc3baabed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 15:45:29 GMT
server: nginx
etag: W/"63f39599-28392"
content-type: application/javascript
x-upstream: 4210.10.20.49:5080
cache-control: max-age=1209600
expires: Fri, 17 Mar 2023 08:08:37 GMT

GET
H2 200 hbw_master_300016_4947.js Show response
player.adtelligent.com/prebidlink/19419/ 124 KB
36 KB 117ms
12ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19419/hbw_master_300016_4947.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/466064/wrapper_hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f3db16e79c3c24f84efe81d36d0b69bd2458cd4c6fb7eb011b50055a4f82d208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 05 Mar 2023 08:08:37 GMT
date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Feb 2023 13:53:41 GMT
server: nginx
etag: W/"63fe0765-1eed9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 0BDB 34 B
237 B 14ms
12ms Script
text/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: c8dca2ede7979878f459d82486f2a0e6a7b4504e9655f1fad4abefacfdcff544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b23
cache-control: private, max-age=315360000
expires: Mon, 28 Feb 2033 10:08:37 +0200

GET
H2 200 hbp_master_300016_4947.js Show response
player.adtelligent.com/prebidlink/19419/ 414 KB
126 KB 120ms
23ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19419/hbp_master_300016_4947.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/466064/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d4f2bd4a1785ff1cdf1ba0c17062f5763bb996c94636dd818c21a0a80274214e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 05 Mar 2023 08:08:37 GMT
date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 14:54:19 GMT
server: nginx
etag: W/"63f8cf9b-67888"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ Frame 64A5 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 start.json Show response
www.ukr.net/ajax/ 70 KB
16 KB 19ms
17ms XHR
application/json 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/ajax/start.json

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e575ebbd5324b0ccde23c13abc7d251fb6187281aab88e53549437d56cb4e33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7a206480c8038fe8-FRA
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 82ms
81ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4fc2e332e1afc0088dcdb2b21e289698611cc66f77dd023d7cc2510e6e119fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Mar 2023 08:08:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
46ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Mar 2023 07:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3067
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Mar 2023 09:17:30 GMT

GET
H2 200 runtime.js Show response
upst.fwdcdn.com/js/ Frame E6B3 408 KB
122 KB 14ms
12ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/runtime.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:47 GMT
server: cloudflare
age: 2607980
etag: "637656b3-1e6e9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a206481386a37ca-FRA
content-length: 124649
expires: Sat, 02 Mar 2024 08:08:37 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/advert/adv/portal/ 1 B
415 B 21ms
8ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.9989786247318175&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.9989786247318175&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Fri, 03 Mar 2023 08:08:36 GMT

GET
H2 200 m_25098enk.jpg
kinoafisha.ua/upload/2023/02/films/9978/ Frame 64A5 20 KB
20 KB 10ms
9ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2023/02/films/9978/m_25098enk.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1677830917068
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0abecb0e7a794cb9736fdcf0290502d583b1b1f9c9727bcf3105732c1afcd0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1677830917068
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Mon, 13 Feb 2023 08:38:06 GMT
server: nginx
etag: "63e9f6ee-4e52"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 20050
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 m_24z4dlkxkrid-iii.jpg
kinoafisha.ua/upload/2021/03/films/9493/ Frame 64A5 19 KB
19 KB 11ms
10ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2021/03/films/9493/m_24z4dlkxkrid-iii.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1677830917068
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: ed5b69df7a0cedfa6fd778dc7775c817cad31c7a264751856a28515e0fcb63a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1677830917068
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Sun, 05 Feb 2023 10:01:06 GMT
server: nginx
etag: "63df7e62-4c68"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 19560
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 m_24wwbjzf.jpg
kinoafisha.ua/upload/2023/01/films/9970/ Frame 64A5 15 KB
15 KB 15ms
15ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2023/01/films/9970/m_24wwbjzf.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1677830917068
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: d5bb37ee51e400498efb05ae4741cd1edac880e523af7db135c79e096e64ff90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1677830917068
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Fri, 20 Jan 2023 20:30:19 GMT
server: nginx
etag: "63caf9db-3bd1"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15313
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 1677830917379.html Show response
www.ukr.net/view/main/96060011,160,322,583,353,1,14,231,38,1,12,26,9,2,48,30,12,1,17,10,24,2,28,26,6,8,2,28,4,15,2,1,13,6,3,3,3,9,2,4,9,1,13,3,4,2,2,8,1,6,11,1,7,1,6,10,1,5,3,5,7,2,1,4,2,2,7,3,5,4,... 0
82 B 16ms
16ms XHR
text/plain 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/view/main/96060011,160,322,583,353,1,14,231,38,1,12,26,9,2,48,30,12,1,17,10,24,2,28,26,6,8,2,28,4,15,2,1,13,6,3,3,3,9,2,4,9,1,13,3,4,2,2,8,1,6,11,1,7,1,6,10,1,5,3,5,7,2,1,4,2,2,7,3,5,4,1,13,3,2,3,4,6,2,1,1,8,10,17,6,2,8,16,1,9,16,40,2,1/1677830917379.html

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/2/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
etag: "51b860f4-0"
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/plain
accept-ranges: bytes
cf-ray: 7a20648199068fe8-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 top_links.png
upst.fwdcdn.com/img/1675674104/ 3 KB
3 KB 12ms
12ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/1675674104/top_links.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1675674104/top_links.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a690815f85836971762e4c78ef87c704992d0559db4114f04089504fab7288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/1675674104/top_links.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Mon, 06 Feb 2023 09:02:03 GMT
server: cloudflare
age: 342366
etag: "63e0c20b-b9d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a206481b8fc37ca-FRA
content-length: 2973
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 395 B
306 B 14ms
12ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 188206
etag: W/"6076e064-18b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 7a206481b90237ca-FRA
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 461 B
351 B 13ms
11ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 188206
etag: W/"6076e064-1cd"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 7a206481b90437ca-FRA
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 dot.svg
upst.fwdcdn.com/img/portal/main/ 650 B
505 B 14ms
13ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 184574
etag: "637656b5-18e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a206481b90537ca-FRA
content-length: 398
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 arrow.svg
upst.fwdcdn.com/img/portal/main/ 233 B
270 B 13ms
12ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 188432
etag: "637656b5-bc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a206481b90c37ca-FRA
content-length: 188
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 / Show response
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 0BDB 3 KB
2 KB 19ms
19ms XHR
application/json 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=tp_Z6NLev2_83hE&ver=230117-2113&w=200&h=0&vw=200&ms=233.1&me=0&ref=&
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 7a0155f44c113e231cc4d530c71b847f41df8740805d4bf605952df7e03fd419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 08:08:37 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type: application/json
hn: b19
cache-control: no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin: *
expires: Fri, 03 Mar 2023 10:08:37 +0200

POST
H2 200 get Show response
accounts.ukr.net/api/v1/cai/browser/ Frame 4382 107 B
423 B 7ms
7ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/cai/browser/get
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?5fb60698
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 41ae8c8dba72eb8ef03025200eedb87c663abf0dea954752f06076d4f2004e95

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

expires: Fri, 03 Mar 2023 08:08:36 GMT
date: Fri, 03 Mar 2023 08:08:37 GMT
server: nginx
content-type: application/json
x-upstream: 4210.10.20.48:5080
cache-control: no-cache
content-length: 107
x-served-by: 127.0.0.1:10000

GET
H2 200 ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame E6B3 149 B
339 B 6ms
6ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-95"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 149
expires: Sun, 02 Apr 2023 08:08:37 GMT

GET
H2 200 term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame E6B3 389 B
579 B 6ms
6ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-185"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 389
expires: Sun, 02 Apr 2023 08:08:37 GMT

GET
H2 200 s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame E6B3 185 B
375 B 6ms
6ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-b9"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 185
expires: Sun, 02 Apr 2023 08:08:37 GMT

GET
H2 200 pubads_impl_2023022701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 57ms
56ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132634
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 09:35:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Feb 2024 15:56:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 179 B
140 B 183ms
80ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8206637f580f211b711d77f8f34a290a215ee805c0cf56dafc5b916cf916ebed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
expires: Fri, 03 Mar 2023 08:08:37 GMT

GET
H2 200 workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 4382 58 KB
17 KB 9ms
8ms Other
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?bf1bf351823ed81051c6
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 597daab5972873ee5a8c46171115b4ee3404e525d6fae13d6bbf31d38328012d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 15:45:29 GMT
server: nginx
etag: W/"63f39599-e602"
content-type: application/javascript
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Fri, 17 Mar 2023 08:08:37 GMT

POST
H2 599 acquire Show response
accounts.ukr.net/api/v1/token/verification/ Frame 4382 27 B
121 B 6ms
6ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?5fb60698
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

x-upstream: 4210.10.20.49:5080
date: Fri, 03 Mar 2023 08:08:37 GMT
server: nginx
content-length: 27
content-type: application/json

GET
H2 200 45b8028f51cf868d0e73d5d628f18bf3
st11.rcvlink.com/2/200/ Frame 0BDB 8 KB
8 KB 49ms
11ms Image
image/webp 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/200/45b8028f51cf868d0e73d5d628f18bf3
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 2c98ed0d6605a50b5d87f61412b46595ed4ae7d1c13b8c2757c6b6d13cf94e36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Fri, 17 Dec 2021 13:32:05 GMT
server: nginx
etag: "61bc9155-6931"
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7986
expires: Thu, 01 Jun 2023 08:08:37 GMT

GET
H2 200 logo160.png
go.rcvlink.com/img/ Frame 0BDB 6 KB
6 KB 12ms
11ms Image
image/png 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/logo160.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Fri, 10 Mar 2023 08:08:37 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame 1EFF 102 B
450 B 204ms
56ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 4d605849b13e4481108ede018c55cf8e76b686b56a5488c9481103d54c4e59f4

Request headers

Content-Type: text/plain;charset=UTF-8
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 html5objects.js Show response
upst.fwdcdn.com/js/ Frame E6B3 555 KB
136 KB 13ms
12ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/html5objects.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:48 GMT
server: cloudflare
age: 2607980
etag: "637656b4-21ee1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a2064830aa837ca-FRA
content-length: 138977
expires: Sat, 02 Mar 2024 08:08:37 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 155 B
422 B 141ms
15ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19419/hbw_master_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8e23566b70f0663a78a9f35790f8016ab84ddc80cd1702c7eaf50a94149c6e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:36 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 155

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
428 B 141ms
15ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=300016&site_id=4947&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=s97hjs.5g&features=81952&vpbv=N126&lifecycle_tte=982
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19419/hbw_master_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:36 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 62ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je3310&_p=744499671&cid=620310996.1677830918&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677830917&sct=1&seg=0&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 68ms
67ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=744499671&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ukr.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACgAI~&jid=450400549&gjid=1935624602&cid=620310996.1677830918&tid=UA-5903420-1&_gid=612064592.1677830918&_r=1&gtm=457e3310&cd1=Unregistered&cd2=n&cd3=0&z=1806046787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/299917/ 6 KB
3 KB 21ms
7ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/299917/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19419/hbp_master_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 46e3f4241f73a697759bc30ce5b177e14ce01ef75cbf4c38a2947414d9fddd6a

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sun, 05 Mar 2023 08:08:37 GMT
date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 12:01:28 GMT
server: nginx
etag: W/"63ff3e98-1986"
content-type: application/json
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 211ms
70ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 186ms
70ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
7 KB 587ms
586ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1893945974100618&correlator=2330781841603307&eid=31072020%2C31072702%2C31072759%2C31071663&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107%7C300x600&ifi=1&adks=2774844501&sfv=1-0-40&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1677830917781&lmt=1677830917&dlt=1677830916864&idt=822&adxs=995&adys=196&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=300x152&msz=300x0&fws=0&ohw=0&ga_vid=620310996.1677830918&ga_sid=1677830918&ga_hid=744499671&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

183eec0fc2a9814e980daea8cbe5315060f9bc8793d3ad36a5cc88b5dcf7b6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6856
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B95A 6 KB
3 KB 264ms
80ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:38 GMT
expires: Sat, 02 Mar 2024 08:08:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
8 KB 488ms
487ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1893945974100618&correlator=1074252072331580&eid=31072020%2C31072702%2C31072759%2C31071663&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x145%7C300x175&ifi=2&adks=216364347&sfv=1-0-40&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1677830917798&lmt=1677830917&dlt=1677830916864&idt=822&adxs=995&adys=196&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=300x152&msz=300x0&fws=0&ohw=0&ga_vid=620310996.1677830918&ga_sid=1677830918&ga_hid=744499671&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf22c69108fa9d393a5993e5c89193a16c2624cbc7690a9627c6ff46af70215f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8504
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
13 KB 329ms
329ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1893945974100618&correlator=1792827185991397&eid=31072020%2C31072702%2C31072759%2C31071663&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250_ad_unit2_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x145%7C300x250&ifi=3&adks=1136368181&sfv=1-0-40&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1677830917807&lmt=1677830917&dlt=1677830916864&idt=822&adxs=995&adys=713&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=300x913&msz=300x0&fws=0&ohw=0&ga_vid=620310996.1677830918&ga_sid=1677830918&ga_hid=744499671&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf7a77a1803d74504aaccbd0fa0f0ee9000dbd6dba6fd004d402ee3a90d20b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13222
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 470ms
470ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1893945974100618&correlator=1947290504344556&eid=31072020%2C31072702%2C31072759%2C31071663&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=4&adks=3603926946&sfv=1-0-40&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1677830917811&lmt=1677830917&dlt=1677830916864&idt=822&adxs=995&adys=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=620310996.1677830918&ga_sid=1677830918&ga_hid=744499671&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56d09aa5a61749d014411c1292621e2654701c52f3699b6ea2ebc9a92ffe2d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13221
x-xss-protection: 0
google-lineitem-id: 6235492969
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424150823
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
37 KB 604ms
603ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1893945974100618&correlator=2854431861445926&eid=31072020%2C31072702%2C31072759%2C31071663&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_brend_resize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C120x600%7C160x600&ifi=5&adks=3371586687&sfv=1-0-40&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1677830917815&lmt=1677830917&dlt=1677830916864&idt=822&adxs=130&adys=89&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=1600x4904&msz=160x-1&fws=512&ohw=0&ga_vid=620310996.1677830918&ga_sid=1677830918&ga_hid=744499671&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c2c16e86e250ce9ee0cd822ddbf18e935b0d1a3735cc64334f67d22dd482707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38270
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E6B3 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 63ms
19ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5903420-1&cid=620310996.1677830918&jid=450400549&gjid=1935624602&_gid=612064592.1677830918&_u=4CDAAUAAAAAAACgAI~&z=1679959579

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Mar 2023 08:08:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon-top.svg
upst.fwdcdn.com/img/portal/main/ 525 B
418 B 14ms
13ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 188206
etag: "637656b5-13e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a2064847c6437ca-FRA
content-length: 318
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 bg-main-static.png
upst.fwdcdn.com/img/ 10 KB
10 KB 12ms
12ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/bg-main-static.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Apr 2020 10:54:06 GMT
server: cloudflare
age: 188114
etag: "5ea80b4e-2962"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a2064847c6537ca-FRA
content-length: 10594
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 favorites.svg
upst.fwdcdn.com/img/portal/main/ 673 B
448 B 13ms
13ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/favorites.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 188113
etag: "637656b5-16d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a2064847c6937ca-FRA
content-length: 365
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 regions-star.svg
upst.fwdcdn.com/img/portal/main/ 830 B
549 B 13ms
13ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 188113
etag: "637656b5-1d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a2064847c7137ca-FRA
content-length: 470
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 currency-bg.gif
upst.fwdcdn.com/img/portal/commercial/ 3 KB
3 KB 13ms
13ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/commercial/currency-bg.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 188113
etag: "637656b5-be5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a2064847c7737ca-FRA
content-length: 3045
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 arrow.svg
www.ukr.net/img/portal/main/ 233 B
316 B 17ms
17ms Image
image/svg+xml 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ukr.net/img/portal/main/arrow.svg

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 338345
content-length: 188
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
etag: "637656b5-bc"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a2064848b9b8fe8-FRA
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H2 200 orakul-sprite.gif
upst.fwdcdn.com/img/ 7 KB
7 KB 14ms
14ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/2/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/2/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:37 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 188113
etag: "51b860f4-1ad2"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7a2064848c7d37ca-FRA
content-length: 6866
expires: Fri, 10 Mar 2023 08:08:37 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 520 B
624 B 15ms
15ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=463288
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19419/hbw_master_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: a2179ad7ea3d46bcbb02f1cc6d31b9f82ad9ed0f4bb62a329b29f9588719eecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:37 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 318

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 188ms
71ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5903420-1&cid=620310996.1677830918&jid=450400549&_u=4CDAAUAAAAAAACgAI~&z=1630669036

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 189ms
73ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5903420-1&cid=620310996.1677830918&jid=450400549&_u=4CDAAUAAAAAAACgAI~&z=1630669036

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 8006
Redirect Chain

https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=1d49ac8a-57e9-4b08-85e1-c95bf0678eeb

0
404 B

210ms
143ms

Document
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=1d49ac8a-57e9-4b08-85e1-c95bf0678eeb
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19419/hbw_master_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Fri, 03 Mar 2023 08:08:38 GMT
Etag: aae332493b3fae74
Server: Adtelligent

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Fri, 03 Mar 2023 08:08:38 GMT
Expires: 0
Location: https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=1d49ac8a-57e9-4b08-85e1-c95bf0678eeb
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f58a9f95-4cb0-4753-ae92-e22ff74fcddb

0
404 B

330ms
144ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f58a9f95-4cb0-4753-ae92-e22ff74fcddb
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 62.149.1.122 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:38 GMT
Server: Adtelligent
Etag: aae332493b3fae74
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f58a9f95-4cb0-4753-ae92-e22ff74fcddb
date: Fri, 03 Mar 2023 08:08:37 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 85ms
15ms Image
text/plain 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Mar 2023 08:08:38 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 container.html Show response
0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7533 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:38 GMT
expires: Sat, 02 Mar 2024 08:08:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302171719000/ Frame 7533 222 KB
61 KB 190ms
47ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Mar 2023 18:39:20 GMT
age: 134958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61847
x-xss-protection: 0
server: sffe
etag: "b91941a2860567a7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 29 Feb 2024 18:39:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 7533 15 KB
5 KB 274ms
130ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Mar 2023 18:39:20 GMT
age: 134958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5237
x-xss-protection: 0
server: sffe
etag: "304dd5725e1eccd8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 29 Feb 2024 18:39:20 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 7533 94 KB
28 KB 279ms
137ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Mar 2023 18:39:20 GMT
age: 134958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28901
x-xss-protection: 0
server: sffe
etag: "8f636c70fc937458"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 29 Feb 2024 18:39:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 7533 5 KB
2 KB 296ms
154ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Mar 2023 18:39:20 GMT
age: 134958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1926
x-xss-protection: 0
server: sffe
etag: "df03f558eda3b320"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 29 Feb 2024 18:39:20 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 7533 40 KB
13 KB 298ms
156ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Mar 2023 18:39:20 GMT
age: 134958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12954
x-xss-protection: 0
server: sffe
etag: "e0426f4a93046162"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 29 Feb 2024 18:39:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7533 4 KB
1 KB 186ms
70ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 06:09:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7533 3 KB
3 KB 228ms
112ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:11:58 GMT
x-content-type-options: nosniff
server: cafe
age: 68200
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Fri, 03 Mar 2023 13:11:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7533 344 B
474 B 168ms
52ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 16:18:57 GMT
x-content-type-options: nosniff
server: cafe
age: 56981
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 03 Mar 2023 16:18:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7533 0
0 88ms
87ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZECNBasBZJCtNdyU3gOK_IyIBavejP1upZSBwf0QjoGe1Z84EAEg55_DmQFgleKQgqAHoAHB-LTSA8gBCakCmy3ER7jNsT7gAgCoAwHIAwqqBIACT9DhgNVXsH5XuUXxTY1vJvSldym1yyr5BKaK1NzmlVUHHTnIVyNVxfZkWMPw9j2K2mXWL7p8M6YVurVsBQh--oNKjGSEcwM5kK2v7KlMMJgkmxAMkhK3y4agi5tsJ7SlK4_SmAyxGftYWN93s2mLAh24irseOzSgHcYXtRDbU-PmvrXRE9dpN1I0JSej9n2QIOp989odXr3pynkGs3wWDIfgVNL_uSe2v3-y5eIeSHDweCbxUb7HZFAyfGtjLerY5fkarEhdZwRz5MdwieBf2BgTk0YXol3f11Xv-40DKvnngGbZHT5sE9SGzifvcxiD4sZgPovW5wS0AfE3-H01p8AEqpSwxJ8E4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6eHyy2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCgsBLSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDYgUBNAVAZgWAYAXAbIXHwodCAASFHB1Yi0yOTIzNTc3MzY1NDY4NDc2GN-2kAE&sigh=cw9ARvuqII8&uach_m=[UACH]&cid=CAQSTADUE5ymCVLHh4qnVIgL1_t-_gXBhEB5sLBGnIlB_ZU75IhBPGwmRBaWlIFHrzllTAAsmjK7P9ALqMSmvCYklDK2fJTXNYZ28m3OMwkYAQ&template_id=5000
Requested by: Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 container.html Show response
0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDA7 6 KB
3 KB 47ms
46ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:38 GMT
expires: Sat, 02 Mar 2024 08:08:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F787 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:38 GMT
expires: Sat, 02 Mar 2024 08:08:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDA7 0
0 100ms
100ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstc9l1g6-IprtiS-e9TESNfHXVxLNot03r9QJK2yF4pWi8X-QaU5fnvjNRD88EoIcy1ma7W2eLNiS4FWSc_iMTsNQHdWbC1-8BNwQirmzjltXKSyFliMkX7HuPDtT0HMQL8ar3-9fPb0OfpdF2eYQ5D9TKeSdKr1YKR-zzCwX96Kg5TzKzK-GhgCpbsna-fF3w1hglylNsjlieNbhUdpZVN4qq86_YsJxBWae97c7YffUGeD8RKhnTe-PMdXImBQcgEY_sBG9SZ8Uvd_-s2UxB3a4SFYhtvK3dEKtDoGYN07_fjsscSLkhRjV7SREpr5s2Sf_Rtrmw0rdC5d5ZKa7Fzuw&sai=AMfl-YTBJbtekSnc588EE-VEzcgefqBNBid2Lk9g6EpXtKdZI5-seP_ashu5lYrNvGGgDJcJu2TcbFP0Aartf0vBydjaU0EDTVeazZQ14xLXZDwGTlA7CC4ZAoXxB9a8NsmpyHuV7SiEIrsrH5Vm-wOL&sig=Cg0ArKJSzLa_9pVqLXu4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame CDA7 3 KB
1 KB 87ms
53ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDA7 158 KB
49 KB 209ms
93ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H2 200 9079703061588353657
tpc.googlesyndication.com/simgad/ Frame CDA7 31 KB
31 KB 87ms
54ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9079703061588353657

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25d9ad1f92ea26da099cf88951b17b0ff5c1aa4d43f42a81c772a6006401fc8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 22:00:03 GMT
x-content-type-options: nosniff
age: 209315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31287
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 12:46:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Feb 2024 22:00:03 GMT

GET
DATA 200
OK truncated
/ Frame CDA7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25c2d66a858e4edfd21d500c3ac8ecf9188e066aac333a938d81e2be72e884e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7DDE 624 B
285 B 200ms
82ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2mbvGATAB&v=APEucNWuCpMkGISj66gCxw-4NPJyqEoN4XTWf4G3izNE9drIcsWyc5Ay57xxuap0R8PzDzBOjsp9gwfWDkatprRhxMaQm4NHNz0AVCHvtKBIl-pk9803-761LRhrOuJVcRW_rbKUKj9X5wnFZajXwWU7kb5ku_g1EWoZqtzAolXRisi0IAFlxZo

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 72A1 78 KB
27 KB 242ms
114ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 72A1 3 KB
1 KB 63ms
53ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 72A1 20 KB
9 KB 55ms
46ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72A1 158 KB
48 KB 253ms
162ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72A1 42 B
401 B 206ms
79ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNg4bVFl0YStD0eS5ULkikrZ1gRpyaDVRpDHqk7pq3uTJFJMlLbrBLQl7N3ImIxcNv-3xbPBC020uOpbM6v4GiBgnPzlRlXuL5qaAZy8mQ5p9p-c0

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72A1 0
56 B 207ms
80ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8615929786391062201&x=1&ct=77

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E1AE 6 KB
3 KB 50ms
49ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:38 GMT
expires: Sat, 02 Mar 2024 08:08:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4F89 624 B
577 B 122ms
82ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COuMnQEQwqudARii09jfATAB&v=APEucNUJcHAqxlvYEwKG0vzZf8WZyDCJwMpqvaub7-J95K23KaERCFnbf4qhz8HEZSfrYu8uWYGz61XtfWwBryGzeMb4Q3BNoPW33tEuBovp8SIVwCNsVqHtAyZ-pPPs75Lm7HwFV_uXuuKQiwiBgGVHT2bXEOr67YNEhyH7Xmdomfs08GVrWM0

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E1AE 78 KB
27 KB 209ms
157ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1AE 42 B
107 B 131ms
80ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSe2NalJzximlOyJIr4iyelKZWLmWT5tHaEuwcsKgE4FrLWlfBQ1dECHKb05CzlD7f5qakWvJAymPK2abW4nq9d9WxRp70Cb4fDZRRqwCbXH7mhSM

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1AE 0
58 B 130ms
79ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7180019677964639866&x=1&ct=76

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E1AE 3 KB
1 KB 58ms
55ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame E1AE 20 KB
8 KB 51ms
48ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1AE 158 KB
48 KB 213ms
198ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H3 200 container.html Show response
0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D259 6 KB
3 KB 47ms
47ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:38 GMT
expires: Sat, 02 Mar 2024 08:08:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12353510024708185062/ Frame 7533 160 KB
160 KB 48ms
47ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12353510024708185062/14763004658117789537

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5927ee37f74d47a0524f67697afb94f4400b89774361af47eefb2be11947ab98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:12:02 GMT
x-content-type-options: nosniff
age: 161796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164010
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 16:12:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 11:12:02 GMT

GET
DATA 200
OK truncated
/ Frame 7533 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7533 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95cd109cfabadd98a288e292222a4d89b13c803f9d859ab03d3cb0346c3a2600

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7533 10 KB
10 KB 174ms
59ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 10:40:45 GMT
x-content-type-options: nosniff
age: 77273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 10:40:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7533 15 KB
16 KB 162ms
47ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 68082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:13:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7533 16 KB
16 KB 208ms
95ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:57:30 GMT
x-content-type-options: nosniff
age: 141068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:57:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D259 2 KB
608 B 73ms
72ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 06:09:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D259 2 KB
818 B 65ms
65ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D259 0
0 91ms
90ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNa0LBasBZPj6NI3Q3gPixYQwvZz2om-kxteu4hC77vWk2TIQASDnn8OZAWCV4pCCoAegAdy0gdcDyAEJqQKbLcRHuM2xPuACAKgDAcgDywSqBIoCT9CaDX6YqEhSqrlcqq_3rG77eyukGvvqdeh3ZNT415-eeqGqQlho0L8pzWzPOmxE-60XHcXp87CQdWd1PR4AMhDuoHmfHyB-Zu_GhVLjuhhIFDtJvxaAESYo6FpUWEVw2eCIqBs_D_Howdc_Kti3_B7RjSA-WgYbKnLa_ahh_43QQ7501HWbQc85SGjw3a2EYccwbQeO9HqmijC1escJojhHtf3FxRejbZP9MhXYjNRckaGzPXXCSg2y27gi5N6RSlSmTIA7iauu6oGReLd-7TXpQhzDQWzXXN7BeaGztoZMmkIC1i4M6rOtBTpj9IPTDXIoKrvM-_oqhlS-PJzlcaub_7dSrxTDTM_ABIqbsJiTBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfuj9I-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEM_THNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BML0BUBgBcBshcfCh0IABIUcHViLTI5MjM1NzczNjU0Njg0NzYY37aQAQ&sigh=6Wxsu4Ih6NY&uach_m=[UACH]&cid=CAQSTADUE5ymfefIHMgtxo4rXTFxPdWKvLywmZpdVOIVeNd1uNhGuSw22MK6GcAhryQGgrL3vOs9wSW_-Ofa2CyUPG2191mjriKF_3SBrekYAQ&template_id=494
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame D259 22 KB
9 KB 64ms
63ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D259 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D259 20 KB
8 KB 68ms
67ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D259 158 KB
48 KB 151ms
150ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:38 GMT

GET
H2 200 32a90be408c9c7ee7210a0b41533c7d1.js Show response
www.gstatic.com/mysidia/ Frame D259 34 KB
14 KB 163ms
48ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32a90be408c9c7ee7210a0b41533c7d1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97216833c4b179d99561e8d7690aca967286ef9e6c61180b9d1a2fbd24ef8d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 03:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14300
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 03:22:31 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D259 45 KB
45 KB 226ms
93ms Image
image/jpeg 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRVTQcaR6A1kVW_3x6oXg_1-_62OwWK6odyXJPCh9jx6AfhhGTpkOmAmE_HRBg&usqp=CAI

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d3f06cffaf76db2a0e802bd907f02c6d80d529065a35a10f4c2782ca731c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:19:28 GMT
x-content-type-options: nosniff
age: 154150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45619
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 05:04:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 29 Feb 2024 13:19:28 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D259 47 KB
48 KB 182ms
47ms Image
image/jpeg 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTtSKqfk9LYLaDqxsolHLYs-qfczkYKwf-oNah6odZfzDmZfzyM2TU5hce60Qc&usqp=CAI

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e7b97c1c154ce71ca89290432898cbc63917f515abf005313d02b3c08fe783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:19:28 GMT
x-content-type-options: nosniff
age: 154150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48392
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:26:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 29 Feb 2024 13:19:28 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D259 23 KB
23 KB 179ms
47ms Image
image/jpeg 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS21yV1DidaQnY5-Ud2-A0IyEU6vwzqlrQahJils__LN3MX6_3uVTV5fRbWpJY&usqp=CAI

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c461afdc95491daf25023fe0812970d0026315287849445593a3b72cfa4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:05:17 GMT
x-content-type-options: nosniff
age: 169401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23330
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 19:19:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 29 Feb 2024 09:05:17 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D259 35 KB
35 KB 236ms
102ms Image
image/png 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTnEL51yKxe9NdLlSMV-HlIc8thbnsQMIefLeSjlqx6hzkQCZDY&usqp=CAI

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a7c9bfff36e87bb68180c0885df81fe1ef167d5b6b484c740bac894fa4ac064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:45:30 GMT
x-content-type-options: nosniff
age: 213788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36129
x-xss-protection: 0
last-modified: Wed, 15 Nov 2017 15:07:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Feb 2024 20:45:30 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4F89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COuMnQEQwqudARii09jfATAB&v=APEucNUJcHAqxlvYEwKG0vzZf8WZyDCJwMpqvaub7-J95K23KaERCFnbf4qhz8HEZSfrYu8uWYGz61XtfWwBryGzeMb4Q3BNoPW33tEuBovp8SIVwCNsVqHtAyZ-pPPs75Lm7HwFV_uXuuKQiwiBgGVHT2bXEOr67YNEhyH7Xmdomfs08GVrWM0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 08:08:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4F89
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAGrBiH89-SCeAufkrY5BAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COuMnQEQwqudARii09jfATAB&v=APEucNUJcHAqxlvYEwKG0vzZf8WZyDCJwMpqvaub7-J95K23KaERCFnbf4qhz8HEZSfrYu8uWYGz61XtfWwBryGzeMb4Q3BNoPW33tEuBovp8SIVwCNsVqHtAyZ-pPPs75Lm7HwFV_uXuuKQiwiBgGVHT2bXEOr67YNEhyH7Xmdomfs08GVrWM0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 08:08:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4F89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEExUXeC-tpSGWFT71em0ymU&google_cver=1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEExUXeC-tpSGWFT71em0ymU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COuMnQEQwqudARii09jfATAB&v=APEucNUJcHAqxlvYEwKG0vzZf8WZyDCJwMpqvaub7-J95K23KaERCFnbf4qhz8HEZSfrYu8uWYGz61XtfWwBryGzeMb4Q3BNoPW33tEuBovp8SIVwCNsVqHtAyZ-pPPs75Lm7HwFV_uXuuKQiwiBgGVHT2bXEOr67YNEhyH7Xmdomfs08GVrWM0

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 08:08:38 GMT
AN-X-Request-Uuid: 3a259856-6379-4a3c-b2ad-0a44b37b78a3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.174; 185.213.155.174; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEExUXeC-tpSGWFT71em0ymU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4F89
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzczMjk5MTA1NjQ5NTcxMw%3D%3D

170 B
232 B

103ms
103ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzczMjk5MTA1NjQ5NTcxMw%3D%3D

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Mar 2023 08:08:38 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.174; 185.213.155.174; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 14ce83ef-f541-49af-910d-8a2830eece91
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzczMjk5MTA1NjQ5NTcxMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7DDE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2mbvGATAB&v=APEucNWuCpMkGISj66gCxw-4NPJyqEoN4XTWf4G3izNE9drIcsWyc5Ay57xxuap0R8PzDzBOjsp9gwfWDkatprRhxMaQm4NHNz0AVCHvtKBIl-pk9803-761LRhrOuJVcRW_rbKUKj9X5wnFZajXwWU7kb5ku_g1EWoZqtzAolXRisi0IAFlxZo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 08:08:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7DDE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAGrBiH89-SCeAufkrY5BAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2mbvGATAB&v=APEucNWuCpMkGISj66gCxw-4NPJyqEoN4XTWf4G3izNE9drIcsWyc5Ay57xxuap0R8PzDzBOjsp9gwfWDkatprRhxMaQm4NHNz0AVCHvtKBIl-pk9803-761LRhrOuJVcRW_rbKUKj9X5wnFZajXwWU7kb5ku_g1EWoZqtzAolXRisi0IAFlxZo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 08:08:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbnsEkJ0o8SS8iwXP2d3Ro&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7DDE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEExUXeC-tpSGWFT71em0ymU&google_cver=1

43 B
1 KB

13ms
13ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEExUXeC-tpSGWFT71em0ymU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2mbvGATAB&v=APEucNWuCpMkGISj66gCxw-4NPJyqEoN4XTWf4G3izNE9drIcsWyc5Ay57xxuap0R8PzDzBOjsp9gwfWDkatprRhxMaQm4NHNz0AVCHvtKBIl-pk9803-761LRhrOuJVcRW_rbKUKj9X5wnFZajXwWU7kb5ku_g1EWoZqtzAolXRisi0IAFlxZo

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 08:08:38 GMT
AN-X-Request-Uuid: ef20e32e-073a-4134-ae55-40a1c4af34e4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.174; 185.213.155.174; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEExUXeC-tpSGWFT71em0ymU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7DDE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzczMjk5MTA1NjQ5NTcxMw%3D%3D

170 B
243 B

70ms
70ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzczMjk5MTA1NjQ5NTcxMw%3D%3D

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Mar 2023 08:08:38 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.174; 185.213.155.174; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2a141eaa-3ab1-41c4-b4c8-731994cc9140
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMzczMjk5MTA1NjQ5NTcxMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDA7 0
0 83ms
82ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc6YLrmI2eOo0-vsfdbjBoo2oKe6Te2FhVKEr1HmtXWGe2S09ZAJK4cRoOMU73lHpw86ifU7paPi2k84w122d1CPR0NbjDBwvDml3aveorj1Rs9TwORK5q-uEACvnvRlmKIScgw5c7ajkS53HGpCJfmugm-Mhx5dOKdDbwj_HVdteNwosPjhYaNwcPZr7_RYIaJ7lIChP6ie0xSrM6kxNSii6CfvRNuEi_zEzwlS_-xgr0rGyTlJRkbrcyQ21xDgFxQIrrnxuj0oW69Yn7suxdRF8EyYGSGDz03M21o9MSZ1_ewEx3jK3Tli9dGNWfUWLgyWyBFpA4L7TYFQKws64gXLMR&sai=AMfl-YQs8ar9jxAC4gawkNqAxpDL8VhaHHmPXT7UdM4cxJaKEyIqbaxUq-XqF6GvknNMB6rvS-YkbTS5RHBTMUlfd-vyTRAdus7mqErRqw6YAV9b8Q8RUihCcJ_6PBTbztjwm2p-Gb_WHpsLakGsGxpo&sig=Cg0ArKJSzLInylyC7gT-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Mar 2023 08:08:38 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72A1 0
56 B 79ms
78ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2348473453981&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72A1 0
56 B 78ms
78ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2348473453981&version=m202301230201&ct=77&x=1&cor=8615929786391063000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 72A1 15 KB
11 KB 99ms
96ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1oeSgM_pkblgRb6TCtLL-bMcstiescIUrsvobGYpkrOt3o-hanrTbwdkqWTOnGB7f3mIqC1VDQfu7rtqKg2BXm-_EW_tbcQIKloTxxha6bnmZlVCVMZYS6LBVc0KspMSmTqOmoLkjd3PP2wy3tVw7bU_VElciysqkBGK-BcZgA9PAeOM&cry=1&dbm_d=AKAmf-AsIUiH6cLw4PkNANYptKtFvRlwM9QBS8M5WBeK_Ed2P1Ryir0PF3R8El8oZMd8UgQkWlLtjoIwplFCHR1C7nb8c7jjouymf2nMHrHdC1-aL6aI6X0Ob3hA_5Yln2QWJBL3-9tLQ4QhhKj9NH3YnqnOdPTx7AjJpbNMYn18PvLi5roAqnVNgltHRNgmCS8iVmmFJhX4jNJ6orFmN6WY87jQSCdI1kA_mjAmxdMakoLasqCoeqGODh3gj-MQtF4smLI6xSavnJIl9vf4gYx_JyybQ1LxbMysmyV0L6kxrWG-75sMxxomNI7DTuEit7seJfUohVgs43dLHtZmZjWWdXVQV67kispAJ7y2tTUrXqgSSBX9dZa244nz5F2SIf76aPUk0TxWCShZmSUE2FLvp4xUpdgS14B8coauo6WpunYOBf14f8Yqdl7_rL-VkcuM2XJjDXkb9EbewbIWug25cEzjeVq7nRQybgrWoapWIO2qi0NW3MWFxV8H0i-W7Rf_ExNWVd2dm1Yfvpnr7565zPai9EyC8QRe5R8NXvNo-oXFtje4G4TMOCtsQopmBbUUJSPNBQxSTt9WwU7lPnXKxicaHUhtvL-Jd7Pu2ssPTFCZDgUmA5VTlqfW-bxWMosSqMSzbCgwyGmkHN34O6uiZEOCK-C81Yi2V_wYH83D0B8CFfRR0MLRyd7AfKADgUz3vyfhoHDFI2zTOZXS2eQHpf-h1yUEIm-SQ5cNqAuggh3AIcM4tGz5Iw82EhHoFu1hqWILxBH41Mia9BzmxGIloyixVOtxanbytAVLxGnWlxl9RVrSNsJIYpsiY-KsvGDfV4xpbm7IiHCqfTIrjxhwaDIqcjE01QEIzvysIyracoT_yjtbChAp5FdshMBDY0h1sOqXAk8TLLGaOi_kRKDJJ_66Ej3McCgi8rB2Jhmr4Bv2Qe-Afjf4OfudFub8fTH_blVBLyenAZ3_EPt2Ze-qMmMkywF8WqOGVLHzD-WEuvDTSw9KDbobc5roC6MAzlGg4vG_h6Ixo2MLBhnXfBqNFBRP452EGpqWqEW7-VrdV2gtKib6gV1IEPl5RlPFXQD8N-m6VElR1ZaOAMZV15PZeBATXOOcGinbeivlQPGtO_fI1esiedcnfX3KmRcrUjJGBeFeneFM0blmq7CS6KSfc33TUUbDAAHoFf-aoVX1TJg6V4ZHkca74_CD0oTGKe5xeTXFeI4qQGrzhHbIZiwMFMYZo3sPKe3_KeF1xikAGQdXxe7ryA33GkSn5GgMpiMcO-N3oWESpQpF9PZp4qjGN7LkIsIxr3BUN3TXsUIJlmwUYIW6wGiaQH6FdFSWQIZlX__vrWiQqkN5WSX-YrNADjrS4yISc9YerH3HMzJn_W78nitVJYJtNxbICTQsi3j9oVVyprFRMoX09PXPJWe3Tq8ME6XU1xxX7nIfLkEtmPbR7vi2ztizODDmBTI4iNOQ9ndS9rXh8GJ4QiZ9JAGrheHUyzTOIVCGHSgwvnuCKD9q_2BS0r0VYMKMQxA_IQrz-bYlwCor18EddDzw9CviLSfV3HnKmI25aoWOI066VHN3bikT28jD-WF-x5-ptv2VR0aVAsjLo5mbVxHW07MfQcl_9JI046_QUlcVNjPmhtVqAd9JJhMJ60I55tt3FzBjz58tc0fFeerwp_C0E_E7ocTvUpXm93ty-MkL-uT5XZ_0W1gWF03HUX7OTGElWM4NULM3tOpAvMSsT5awAi7-1TYr9tXz5rjUtNe92zIc2XoaKJ8nSZ88mrd9lgmJb4Y0fE57s0xalIepzyg_GX3lgRQAa_SobofqKbzEYTr7O1hF2wpzhCaUKlc3t8xq_PXrkBV4j6bVdB8UNJvytWpdtLFy0UjspxHohYz9H6fQLGpWa_9BC9L_apZUWG6pgyVPRy-cp0MQXOTbo7APNviBe-8tU1L612_S8TiuxxbyCpdAtq-5VS5lfofnR6S-X-wqMHupfZJRp1kpMyajagqkWXG2vVUjAyyy8hD1hOx2n-3UfjUgwgdBHKWZoSkt2zAdCnBbbbddxv1tx85MDINbLtM5IlQMlFwO4-OReBIxSJDB02YD8uBeLQXdqXawyf6jQett0Cy9T1tBW_ZIQQtGNgdoz7t39s4SbG_Rk2UiqQP1FYehqOJrF9mrNfXEusvgzTs7COfoyvjK3bgNeokqjeM9pWcoG6fJGpQNk0AyxvRch5yVB9wuJjP5t3R73KxMwzpzwSmNjnQ_UNC_YjgBRop9CeBNDRqS6MbLPqbaM98GCIVL9gDr-RCBwdU2xJwYgdq7fet5U1e1bO_moMwj2NljtQxlofl6j-501XHCmCUE9pwGTclgR1U6Y8P4CzMEF2mJSGCV2LBNd71QcaHCPNziu-7pb9xbLr5YtB1nt7yK0vgXfKZQdoWkR9xHx_tVBuV-dv9f8mgcKP5bJGHiEYy4Y0LH9I30OWIc7vkFIik1v8EVMUdz4Lo1EbhbLhtxkU5z6T-kqo3raWa_N00VaLzqAttYRfbpyOMBYBWcyiFEoVnRtp1MSNPN_gU6k7OmC-TonriqMoJAcd0lwnjwKKsV8b9bAbg1vmXWJr3jO5HdKMHOQTtM803BcgsD2LtYjEGMqJMfoVh1xEX6xHts_aIlAV5CelnDkytFjobJiego-1XoEM2yYrp6Q09PEHaAEbkrG0WhV3R5PVSWH6T9qIu6aGBex4LJRqWURTgfp1Q3G2MMzpxYCV9aNFavxYJ4TMELhB7_1frbxtdnF-U64KHjViO_R4eh0w3JeyOZggQtLrjcxECPNuPtBTYj65-inf6Biid3_kwEQqO7TCl5MDf1xWZXZMgdUSClkDeT_S-sX4uIoflNOLyX9sV6UfIJ_XEynlKSHU2QU6-hy9ieSwl2YOSiPpGO9_wZdl5J4tDd9u5Zwi95OhNM4Jr5lWGjJCmyqkmRcv_ckgsbuozPs8DG34a-dVseWl1hqoKvt0hqOfABoSpxVj_VRVt0AuHjyxI1Kc_tEImnAM7X4bIHZdN1ft5AlEat3wl2R-T5UsONOUrqiwE1epGSaf2PKcCLF52uTnDS8wJGg_M2O5H4zhth9By5dVkjyDK7Rr7ud4QVdNAK7_9BCqmuZMj_bj6TIA33sdRU-6PVwkbpt85sXQTF4g-9a_oFGxvmvSZhr9uPKr3M_yzxAYdm7nwp6euFxY6iAAWxugdIazDRejEqXOIeIO8Sx6QX8SKKwq1roUWrk7LpGKItR7qYX3UeoZGafQvsDDJ9b5-NuTLeaxvnsDaNfVMIWtcib-Y9BWtk9fpZ0fzVZoFExkKIBZ177tgXlXLou98JKvn21l9QztF4vgsZzDbf6IBBcZAq6_amygUuLW93QQTgGdzwz548IuraTqitbOGCcIgULNW_Krk4LQNWFYdLUWarY1Y77BtPw07ah2gPDGxqGqJBggIYhGvooZuPrJIfuQIBt9uC6VgK1sfNZvZVonrcSSvx-bVis8pRIaSBklfxM3TyU1iCAUzmmy2SnOe7iV_0CHxiZX8SXXlSphogP5Dg_lxYrIU4vERyOZ7SYEpXsHVr1YXi6hI-AprLJyHSpDtI_U26mjGkIQybvBsvSQMxm2sKUsPmcXkxiVSS9Omhs-onyupbT3HCCBl-X5Z1wpRoT_BU7YWqL3pEICeeTK03xgnymoErBiVpHiw1pCIlBKs94_iHTO7DZlUKRCRPGlLuvSQRo6BSXSHhiasE8I5zFA61QqnbX5MFun6s9NFYhzxnZBe95gw_HmhV55nsLknXgM8OqBpyWLuM7siHsKEcoWOEK9Y-OK_U8u2r4GSb_1YnPED129VK9Wluwc7lab8n_0KOgi-S5Lrosd8jrFeV9PnuqPsq8jR9iKjR6PNhKC9j0Qq_Vf3xdrd2SaVJ&cid=CAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=8615929786391063000&adk=2988274607&idt=268&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df411a0d8b3689834cc91c8fd272f81dfe94cc9af2dc7c22c37814b0c50667c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11421
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D259 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31587668ae60de85ca0d9a3bf1a2395440df060b3746498133b218df64a107f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1AE 0
56 B 79ms
78ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9131249392559&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1AE 0
56 B 78ms
78ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9131249392559&version=m202301230201&ct=76&x=1&cor=7180019677964640000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E1AE 83 KB
35 KB 104ms
104ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BksEsiHo_xFNMCiv1OSD8q-PmVO3pvrbksDw4icNNEGvLI2-Vjl2ClPX8aKxeWnKkub7WtJ-LmtQ5RpsHH5OEwv-n9Zw&cry=1&dbm_d=AKAmf-BVa3fnZFBHCBCssNQ7WLIFlX7GMXfSOZN6PvACNykHPocQhAyhHWYkWaIUQd06B8KMJZJbUCbpGsPqlO-0EuBIVX8vcME921OX1TGAuidQOOPg9HrDRfWoL_CKOp2vNr_fbOy3wEsTH__ppDj_TcaBB16EEtMKOcM1fZg-CcpnKdyJ7UWz5cFCmdLGdxvqzgPL9bEYqHtXCP1on_zyZgIJ2Z14aFA0SoMAag7GsDGoBvXY9Mkwka6XO8zOw2QoSLCgqltxBemeSmB0YpBTNegSAaPHtCl2WCKVIKa3s5jywZr_Iaxrs-eQIEs83z4u2XJJxlyzwuigvD40U1tYSV0jCT4JZePhf8A6ysrmQULG4-HDx4yRvjha1EJzBYqzkqm6gzyOdNCSqrflK3l5SxXlsw4I7xzVajdJXB95kPRHPhVHGZKHvMImAMtRkqq4Tg4XiwtWdc6sucD10CbojtSKSut4OPfFXbW-MXhdt5lmD8MQxAlI-oE92S2COzgCfYEeRJzSNSkDJkHqp5H41CFOyrly2E_Fu8TDOL6ZS9OFUfd_eJ5fxNnZBx0tzdnOeFeKez-SMxWTIs7qgRGsT3nAUcaZTibBk0pmsx-0r5kNnSXqCP0ghZxspk2bU9k5NLx21xekVMTQnrQOki7G4u0q6RWBLh7iGq7SlhfR0E-SA0MzBwlF4Bv7G681JckFowhGRdacyrKmG1ZdtMP_rMfiV0OSoch03gHFWba5T3yXRYdACtV9bO1MnjYX1Ycu99PY4vD-HIEKkC_fuX7wv5Gm-WPqlHL2-ZY4xEo72mMsPu_JvjeGz1mCRBZsEfQw5MSnURY1aexx0jqOX_qoNZVtidtK8-6Z_GZx9CHao4OXldSDVgSAJlpbLUP1RoprocXlK-2COa__qwg68dXATJZIIiw4w4utzPlO6IW_u2QAOYqvMY1EsTFLwDDvbIJlMrH9aSK-mg6GFXSYr55uY4EwfiQ9A1BkkCuTfOkqmhQUUdF3GsOLXdlmQUG83nqyixmmORc4PTMoTf1Dvkk5dl66MC05fnVBZlfhghJF9OIdUtceVvrtod4EjVHj7ETi-87EyJ4YKeGHRxB8ViLL5sHKPoEWkNbPPES3sOzLZ__hCiH_aU3ndXJZQ9qf8Sk18xOOpfzKhCi6cKqykEVGRS1L2d3b5TfmFltpycolHOS6-fo97oOkRKdPDG9q_TWia2qGEWRQGupk0ptwbM6OXcmP9mbRvPSjnZrVbcFo9fjSApv6yIpqTiFIu1OdHZohFxIgqbWzrxg6qQnN5c_yFu3otNUdqyiWsQwY06vzqZU5-yfpmVFBnLiHMXSQC0F2jg6TmbHz936A0-kaDMuNlXbuOVxsBhfVFS8oBEAJ1q8CbHuVZR9jnTTvvpNXGU_qglmJ3W-q6m4zVoG3g1JPnfu0mhAJJxfKfc-FFv_EUOijihn62oNr1mBS0BFyeUjdkMFhFsWYMNccjA20WiM4Jux1kqO9sLH-gS0CEXlsMjU78MOeiXk9T6DfxqFZBxa3helQzuSWPCU_49fuHsKsK9LKpR6BRJ77FbMSkZ3vcXxx9iOc2zANne7Gxjl5gVD47CtrcNndLfM92ZKKoDZBEhWs4xGvVtsDSIrsfTB-BIox45lHRxfEae3lBSEPSfy-UWsAX0Opo6EQVVTvjV4HZR1obRk_OMHrJc1TjqDhGQsH-_Utw4IYDRHHterJPGzDMawC-e2Vim7m5DQ3gKHwyHYI_qCxk7Rx53oLW1_QTns8BQQxx8HhbWW-SxNGGxn7JikZHw6CqYpCSa8dz5iSC1SFtW5xa1dzOLRYEY_mDtpP12SeH5vRCePx6fgz7PN5AoAGQ-pFQef38q5U8tbIXJe5Ioio-AyC2gJ5qkuxvpM5VPzxe9dEUs_XKp_SaXNA5fIA9qmZCpc5DB6y3IBvYeRqYjNksscIaKZO42gjd4CaZCNGciCdcRbDBwnYl-GGA5hv-54RgBJ0QHV9T5xuzPPFgJV12kmDATmQY27X3ZYSVF3ut2XU6pt7NeuoUDqNlaxmtkzn8KqZaN2GIk6Ri1F_8pX5J3WdaXoEecnErFc9jEquOXoGSOsGu54QOD_J9RxUnZPkNGYQwNT8ePGHKUGNHNRdK5Opx4f3JcJVxVcAl3EkNIKukfg9Ma0oDEvHvScAtTqc4Dft8C3IcJgI-C491Y8SbfaCJOEOftBGyV-kRuWUhWbdnGj_xbGwUu-QM4qDV-PjqeyV6lDkW5r2_smq44arYFmmGYpNrFZscF9OGRiVEKpjqparAhTf_NDWIcvUJGdMl3f-5i2Iwh9PHANtubPqeLKg4YPQE_DJLNuCBLNg83JNCzAQ-liGKb62FlgL6v8LhFHxP2OdRaCAfu1Mmtp5bofTj6sFKx80M1QVATGE067YUmk2OeYVHmstUPkacneWZaUo_9QazDqrsQzz-6wFTYkcNf-o2Ucfwngwayi0TmyFjYDh7fkMXN1JUyWYjtmaOraC2QeMhq-XiArEixrqbhq9P3xGqBNo_ZfZwPpmOYHviqoD3aznacRgcGIcdvjrVX8GaKBnyaTtemQiwI8SMy4WtjZjJUYwE0m9XPhU-PZT9TXFMbwzffbolNBRqCOakDrXXfGcB2n8FI7BV4e4tBr0PtEhBNQii5ORiEERimJcrfDbM7jOEz-KktUtMAXo-ycjUeYQT1OBQF2bCTMVkimEqsuBdwF___9tfCUsXyviX9Xk8CMiqAAumoRWQf93Mg_KRCOjuPkDhS_Vo1O_SjpUXdCftx_l6jZnKyFoGNY3Mq8UjHGwr9mYJ99XlMK6zcSsteVoJzbQ3nX8YW2L80ChGSL98GMoNs1Z0N-x6zFtFeWg5ogycQj_SUdCghQ2TEmz0fFFTpn7Mm07wb0j0YziWY-P2qP3opsV7WAKPPYANocP5ovD_7jk4KzfKeOXpM95wRvS7KwfFTi_a2hmwGm2oDd_25FZ-nHMyJ3rAu6HO7uMOQTpeUzlahG-TRRI28-FNpO5egr1JHPFIdvCX8nTWCFEOInpWTnOnUf_CIkYc_mDQXRu8Cs2syIz13TXAaN77kYBExD4Udfqn4vuPJkaLAo6HclK42b833sepFxefrJ5BjvRYFVbpNQAKzZALs4uyYKO3d9wJy9H5yYrhOBE9j5aEddKy1PgdtxzOCh6AiDISlFVigKXIx6MUQaEUMyMJBlvPkwPMlYlTJCi-1_m0wW0Udt7ZbmJKkdERQuQjMcBxAlbAwsS_mheXJm_ZfqOoSaT5u-RMWxv5WIdMhxOLYXQnY_bdeKt4CQsj3IYezA2fPA2oQRsQA8vGzTqS3X3ivBfIMUku11kGl6WtBlEXkHbHYxCyENrP0GnWudNZ_fu8anao8ICfGJTuyLI4N0gKeyGJpnXe1f02JeQHCYiOtufAL06j3Qz1vrPr7NRgwi1ha8cr5d6Dk19IYUTHuKcwV_czQR7To1qmEcTAAqj-R3DimaQRWrv5-DIxR_AYX9FIFUHSVHmIieldVcHDOYtR0Rko0l34aH7FEdHKX9C2iB_iwQI_OoLdYMEweeXGC_q0HdhgOsINFzjqjhiT3eRPzWRwXW7n3LlREXdcg&cid=CAQSTADUE5ymWX1f0_VzPp4Q28S6Q7Fxjg0ukbMPwI7WH0mZQx_aaFcONSbytV53Wq7Z1SusZNjIq5u2PUQTkRas8GnG4Hw-u1_DRPe_L7YYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=7180019677964640000&adk=943508955&idt=233&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acdc48e2c6ddd6b4c3e59bfeab8c7985fc2b343b678df4db6a8e26a6331c066a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36220
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 72A1 41 KB
15 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1oeSgM_pkblgRb6TCtLL-bMcstiescIUrsvobGYpkrOt3o-hanrTbwdkqWTOnGB7f3mIqC1VDQfu7rtqKg2BXm-_EW_tbcQIKloTxxha6bnmZlVCVMZYS6LBVc0KspMSmTqOmoLkjd3PP2wy3tVw7bU_VElciysqkBGK-BcZgA9PAeOM&cry=1&dbm_d=AKAmf-AsIUiH6cLw4PkNANYptKtFvRlwM9QBS8M5WBeK_Ed2P1Ryir0PF3R8El8oZMd8UgQkWlLtjoIwplFCHR1C7nb8c7jjouymf2nMHrHdC1-aL6aI6X0Ob3hA_5Yln2QWJBL3-9tLQ4QhhKj9NH3YnqnOdPTx7AjJpbNMYn18PvLi5roAqnVNgltHRNgmCS8iVmmFJhX4jNJ6orFmN6WY87jQSCdI1kA_mjAmxdMakoLasqCoeqGODh3gj-MQtF4smLI6xSavnJIl9vf4gYx_JyybQ1LxbMysmyV0L6kxrWG-75sMxxomNI7DTuEit7seJfUohVgs43dLHtZmZjWWdXVQV67kispAJ7y2tTUrXqgSSBX9dZa244nz5F2SIf76aPUk0TxWCShZmSUE2FLvp4xUpdgS14B8coauo6WpunYOBf14f8Yqdl7_rL-VkcuM2XJjDXkb9EbewbIWug25cEzjeVq7nRQybgrWoapWIO2qi0NW3MWFxV8H0i-W7Rf_ExNWVd2dm1Yfvpnr7565zPai9EyC8QRe5R8NXvNo-oXFtje4G4TMOCtsQopmBbUUJSPNBQxSTt9WwU7lPnXKxicaHUhtvL-Jd7Pu2ssPTFCZDgUmA5VTlqfW-bxWMosSqMSzbCgwyGmkHN34O6uiZEOCK-C81Yi2V_wYH83D0B8CFfRR0MLRyd7AfKADgUz3vyfhoHDFI2zTOZXS2eQHpf-h1yUEIm-SQ5cNqAuggh3AIcM4tGz5Iw82EhHoFu1hqWILxBH41Mia9BzmxGIloyixVOtxanbytAVLxGnWlxl9RVrSNsJIYpsiY-KsvGDfV4xpbm7IiHCqfTIrjxhwaDIqcjE01QEIzvysIyracoT_yjtbChAp5FdshMBDY0h1sOqXAk8TLLGaOi_kRKDJJ_66Ej3McCgi8rB2Jhmr4Bv2Qe-Afjf4OfudFub8fTH_blVBLyenAZ3_EPt2Ze-qMmMkywF8WqOGVLHzD-WEuvDTSw9KDbobc5roC6MAzlGg4vG_h6Ixo2MLBhnXfBqNFBRP452EGpqWqEW7-VrdV2gtKib6gV1IEPl5RlPFXQD8N-m6VElR1ZaOAMZV15PZeBATXOOcGinbeivlQPGtO_fI1esiedcnfX3KmRcrUjJGBeFeneFM0blmq7CS6KSfc33TUUbDAAHoFf-aoVX1TJg6V4ZHkca74_CD0oTGKe5xeTXFeI4qQGrzhHbIZiwMFMYZo3sPKe3_KeF1xikAGQdXxe7ryA33GkSn5GgMpiMcO-N3oWESpQpF9PZp4qjGN7LkIsIxr3BUN3TXsUIJlmwUYIW6wGiaQH6FdFSWQIZlX__vrWiQqkN5WSX-YrNADjrS4yISc9YerH3HMzJn_W78nitVJYJtNxbICTQsi3j9oVVyprFRMoX09PXPJWe3Tq8ME6XU1xxX7nIfLkEtmPbR7vi2ztizODDmBTI4iNOQ9ndS9rXh8GJ4QiZ9JAGrheHUyzTOIVCGHSgwvnuCKD9q_2BS0r0VYMKMQxA_IQrz-bYlwCor18EddDzw9CviLSfV3HnKmI25aoWOI066VHN3bikT28jD-WF-x5-ptv2VR0aVAsjLo5mbVxHW07MfQcl_9JI046_QUlcVNjPmhtVqAd9JJhMJ60I55tt3FzBjz58tc0fFeerwp_C0E_E7ocTvUpXm93ty-MkL-uT5XZ_0W1gWF03HUX7OTGElWM4NULM3tOpAvMSsT5awAi7-1TYr9tXz5rjUtNe92zIc2XoaKJ8nSZ88mrd9lgmJb4Y0fE57s0xalIepzyg_GX3lgRQAa_SobofqKbzEYTr7O1hF2wpzhCaUKlc3t8xq_PXrkBV4j6bVdB8UNJvytWpdtLFy0UjspxHohYz9H6fQLGpWa_9BC9L_apZUWG6pgyVPRy-cp0MQXOTbo7APNviBe-8tU1L612_S8TiuxxbyCpdAtq-5VS5lfofnR6S-X-wqMHupfZJRp1kpMyajagqkWXG2vVUjAyyy8hD1hOx2n-3UfjUgwgdBHKWZoSkt2zAdCnBbbbddxv1tx85MDINbLtM5IlQMlFwO4-OReBIxSJDB02YD8uBeLQXdqXawyf6jQett0Cy9T1tBW_ZIQQtGNgdoz7t39s4SbG_Rk2UiqQP1FYehqOJrF9mrNfXEusvgzTs7COfoyvjK3bgNeokqjeM9pWcoG6fJGpQNk0AyxvRch5yVB9wuJjP5t3R73KxMwzpzwSmNjnQ_UNC_YjgBRop9CeBNDRqS6MbLPqbaM98GCIVL9gDr-RCBwdU2xJwYgdq7fet5U1e1bO_moMwj2NljtQxlofl6j-501XHCmCUE9pwGTclgR1U6Y8P4CzMEF2mJSGCV2LBNd71QcaHCPNziu-7pb9xbLr5YtB1nt7yK0vgXfKZQdoWkR9xHx_tVBuV-dv9f8mgcKP5bJGHiEYy4Y0LH9I30OWIc7vkFIik1v8EVMUdz4Lo1EbhbLhtxkU5z6T-kqo3raWa_N00VaLzqAttYRfbpyOMBYBWcyiFEoVnRtp1MSNPN_gU6k7OmC-TonriqMoJAcd0lwnjwKKsV8b9bAbg1vmXWJr3jO5HdKMHOQTtM803BcgsD2LtYjEGMqJMfoVh1xEX6xHts_aIlAV5CelnDkytFjobJiego-1XoEM2yYrp6Q09PEHaAEbkrG0WhV3R5PVSWH6T9qIu6aGBex4LJRqWURTgfp1Q3G2MMzpxYCV9aNFavxYJ4TMELhB7_1frbxtdnF-U64KHjViO_R4eh0w3JeyOZggQtLrjcxECPNuPtBTYj65-inf6Biid3_kwEQqO7TCl5MDf1xWZXZMgdUSClkDeT_S-sX4uIoflNOLyX9sV6UfIJ_XEynlKSHU2QU6-hy9ieSwl2YOSiPpGO9_wZdl5J4tDd9u5Zwi95OhNM4Jr5lWGjJCmyqkmRcv_ckgsbuozPs8DG34a-dVseWl1hqoKvt0hqOfABoSpxVj_VRVt0AuHjyxI1Kc_tEImnAM7X4bIHZdN1ft5AlEat3wl2R-T5UsONOUrqiwE1epGSaf2PKcCLF52uTnDS8wJGg_M2O5H4zhth9By5dVkjyDK7Rr7ud4QVdNAK7_9BCqmuZMj_bj6TIA33sdRU-6PVwkbpt85sXQTF4g-9a_oFGxvmvSZhr9uPKr3M_yzxAYdm7nwp6euFxY6iAAWxugdIazDRejEqXOIeIO8Sx6QX8SKKwq1roUWrk7LpGKItR7qYX3UeoZGafQvsDDJ9b5-NuTLeaxvnsDaNfVMIWtcib-Y9BWtk9fpZ0fzVZoFExkKIBZ177tgXlXLou98JKvn21l9QztF4vgsZzDbf6IBBcZAq6_amygUuLW93QQTgGdzwz548IuraTqitbOGCcIgULNW_Krk4LQNWFYdLUWarY1Y77BtPw07ah2gPDGxqGqJBggIYhGvooZuPrJIfuQIBt9uC6VgK1sfNZvZVonrcSSvx-bVis8pRIaSBklfxM3TyU1iCAUzmmy2SnOe7iV_0CHxiZX8SXXlSphogP5Dg_lxYrIU4vERyOZ7SYEpXsHVr1YXi6hI-AprLJyHSpDtI_U26mjGkIQybvBsvSQMxm2sKUsPmcXkxiVSS9Omhs-onyupbT3HCCBl-X5Z1wpRoT_BU7YWqL3pEICeeTK03xgnymoErBiVpHiw1pCIlBKs94_iHTO7DZlUKRCRPGlLuvSQRo6BSXSHhiasE8I5zFA61QqnbX5MFun6s9NFYhzxnZBe95gw_HmhV55nsLknXgM8OqBpyWLuM7siHsKEcoWOEK9Y-OK_U8u2r4GSb_1YnPED129VK9Wluwc7lab8n_0KOgi-S5Lrosd8jrFeV9PnuqPsq8jR9iKjR6PNhKC9j0Qq_Vf3xdrd2SaVJ&cid=CAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=8615929786391063000&adk=2988274607&idt=268&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:11:58 GMT

GET
H/1.1 200
OK 9asfppdpo3te Show response
hal9000.redintelligence.net/zone/ Frame 72A1 11 KB
4 KB 63ms
12ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/9asfppdpo3te?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3sFBasBZOKoNM2r3gPLgZPoA6blvaBp_Zqcp8kP8C4QASCI2bOYAWCV4pCCoAfIAQmpApstxEe4zbE-qAMBqgSDAk_QIdHLTzeJ1JJ4R7Rf2rsxCs2PiTM7UBQOF20DF8Zw-5QRDE-TgVf8r10nf34VaNhURUPxxOgCzIsAMSEjW5JIRAIdK3CsEZ5-vLRspa-0nFga3gYcfQCDdf4vJ9JiyC0AVVCLEbEssvcvYuULFqnzsM31vH8IG7VbdEvcMejk8IXtxIZ_T6l6FKB4DWWFUjYwknxsYnXBRoPZFK2pmXivjZv_aWg5JCt8ArZQTBvhg6x6YkZ0ZZvh-c1eujEnf2sGuOn9S1VnTUlo1h3yHEFpUG6XvLXStPt9qR52NJf7rGZO0dIKl6OX6SnyvZuUnh1GyTYLPiAnPUTMUXKfU8weV_rABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB%26sig%3DAOD64_3L6sB2FKEvQqjTjqS8-AlKnPpNzg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-B-Tv4wfUHJOWeVKfmFmescX3rv2irReSdeZkssBv-9NiSY76FW6wqFHubSG70AdOy4kjWbq5m3Dj5P4P_m6Nnr85XgAPrkPgxEWDcWd5RaSKEPseWKg6HleCV7qomJNkCfZNnaEE3tWGGflBBcj8EjZU_fODQ50rD3Ya9Vnboi3LJiif0%26cry%3D1%26dbm_d%3DAKAmf-BtGJ2F9bAg7R3-99TpFWyzo7Bc14QT7bCW4rGa_1hJIkbyNJuALEUmxCrdd39KC0Ck53tqnIIX-7uXSkQQaf4wj9OjshFZRbYAUu80JDlyn_v7M7znAwjJTEhq5vfE2pj12F2O910DAhTixyIqOUiWufWwu5MoNAgeF-VjDz8rFQXEP06BGiKfk0lEg9JmLr-nRmqMBfSmSxDVvyW0UzD5_iuxWWjkk-SqP_XmPrxvq1MYHBdaLO5sB2kfzQyPZhcjBbXzl3BZbBQZGXWFkaX_xf6Fq2tf1145QTJ6w4QtlyGJhtGKgvl7CCwf_2UO_0-uksgvHYZmPtI1onrGIOh3oIDIqO-2t7i2TrKmoRmbcYs_KuM-F994qItJbDYl4FQgdxw7rffYKnTbppmjXuFrDNPIVtQxwsKIZcBf4k3hjoIi50aq6XnsTr1u2H3bjcr5vZE-8nVcMq_Hj90zoJJagibl5f2kKwQRF1urt9Q02IVuXmQ%26adurl%3D
Requested by: Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: aead53d4c423ba91075481163b63e9e72ce556a645f662687335ecec5011a2fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4060
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D259 20 KB
20 KB 47ms
46ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:14:41 GMT
x-content-type-options: nosniff
age: 50037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 18:14:41 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E1AE 106 KB
37 KB 175ms
47ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Origin: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 14:11:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/ Frame E1AE 8 KB
3 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BksEsiHo_xFNMCiv1OSD8q-PmVO3pvrbksDw4icNNEGvLI2-Vjl2ClPX8aKxeWnKkub7WtJ-LmtQ5RpsHH5OEwv-n9Zw&cry=1&dbm_d=AKAmf-BVa3fnZFBHCBCssNQ7WLIFlX7GMXfSOZN6PvACNykHPocQhAyhHWYkWaIUQd06B8KMJZJbUCbpGsPqlO-0EuBIVX8vcME921OX1TGAuidQOOPg9HrDRfWoL_CKOp2vNr_fbOy3wEsTH__ppDj_TcaBB16EEtMKOcM1fZg-CcpnKdyJ7UWz5cFCmdLGdxvqzgPL9bEYqHtXCP1on_zyZgIJ2Z14aFA0SoMAag7GsDGoBvXY9Mkwka6XO8zOw2QoSLCgqltxBemeSmB0YpBTNegSAaPHtCl2WCKVIKa3s5jywZr_Iaxrs-eQIEs83z4u2XJJxlyzwuigvD40U1tYSV0jCT4JZePhf8A6ysrmQULG4-HDx4yRvjha1EJzBYqzkqm6gzyOdNCSqrflK3l5SxXlsw4I7xzVajdJXB95kPRHPhVHGZKHvMImAMtRkqq4Tg4XiwtWdc6sucD10CbojtSKSut4OPfFXbW-MXhdt5lmD8MQxAlI-oE92S2COzgCfYEeRJzSNSkDJkHqp5H41CFOyrly2E_Fu8TDOL6ZS9OFUfd_eJ5fxNnZBx0tzdnOeFeKez-SMxWTIs7qgRGsT3nAUcaZTibBk0pmsx-0r5kNnSXqCP0ghZxspk2bU9k5NLx21xekVMTQnrQOki7G4u0q6RWBLh7iGq7SlhfR0E-SA0MzBwlF4Bv7G681JckFowhGRdacyrKmG1ZdtMP_rMfiV0OSoch03gHFWba5T3yXRYdACtV9bO1MnjYX1Ycu99PY4vD-HIEKkC_fuX7wv5Gm-WPqlHL2-ZY4xEo72mMsPu_JvjeGz1mCRBZsEfQw5MSnURY1aexx0jqOX_qoNZVtidtK8-6Z_GZx9CHao4OXldSDVgSAJlpbLUP1RoprocXlK-2COa__qwg68dXATJZIIiw4w4utzPlO6IW_u2QAOYqvMY1EsTFLwDDvbIJlMrH9aSK-mg6GFXSYr55uY4EwfiQ9A1BkkCuTfOkqmhQUUdF3GsOLXdlmQUG83nqyixmmORc4PTMoTf1Dvkk5dl66MC05fnVBZlfhghJF9OIdUtceVvrtod4EjVHj7ETi-87EyJ4YKeGHRxB8ViLL5sHKPoEWkNbPPES3sOzLZ__hCiH_aU3ndXJZQ9qf8Sk18xOOpfzKhCi6cKqykEVGRS1L2d3b5TfmFltpycolHOS6-fo97oOkRKdPDG9q_TWia2qGEWRQGupk0ptwbM6OXcmP9mbRvPSjnZrVbcFo9fjSApv6yIpqTiFIu1OdHZohFxIgqbWzrxg6qQnN5c_yFu3otNUdqyiWsQwY06vzqZU5-yfpmVFBnLiHMXSQC0F2jg6TmbHz936A0-kaDMuNlXbuOVxsBhfVFS8oBEAJ1q8CbHuVZR9jnTTvvpNXGU_qglmJ3W-q6m4zVoG3g1JPnfu0mhAJJxfKfc-FFv_EUOijihn62oNr1mBS0BFyeUjdkMFhFsWYMNccjA20WiM4Jux1kqO9sLH-gS0CEXlsMjU78MOeiXk9T6DfxqFZBxa3helQzuSWPCU_49fuHsKsK9LKpR6BRJ77FbMSkZ3vcXxx9iOc2zANne7Gxjl5gVD47CtrcNndLfM92ZKKoDZBEhWs4xGvVtsDSIrsfTB-BIox45lHRxfEae3lBSEPSfy-UWsAX0Opo6EQVVTvjV4HZR1obRk_OMHrJc1TjqDhGQsH-_Utw4IYDRHHterJPGzDMawC-e2Vim7m5DQ3gKHwyHYI_qCxk7Rx53oLW1_QTns8BQQxx8HhbWW-SxNGGxn7JikZHw6CqYpCSa8dz5iSC1SFtW5xa1dzOLRYEY_mDtpP12SeH5vRCePx6fgz7PN5AoAGQ-pFQef38q5U8tbIXJe5Ioio-AyC2gJ5qkuxvpM5VPzxe9dEUs_XKp_SaXNA5fIA9qmZCpc5DB6y3IBvYeRqYjNksscIaKZO42gjd4CaZCNGciCdcRbDBwnYl-GGA5hv-54RgBJ0QHV9T5xuzPPFgJV12kmDATmQY27X3ZYSVF3ut2XU6pt7NeuoUDqNlaxmtkzn8KqZaN2GIk6Ri1F_8pX5J3WdaXoEecnErFc9jEquOXoGSOsGu54QOD_J9RxUnZPkNGYQwNT8ePGHKUGNHNRdK5Opx4f3JcJVxVcAl3EkNIKukfg9Ma0oDEvHvScAtTqc4Dft8C3IcJgI-C491Y8SbfaCJOEOftBGyV-kRuWUhWbdnGj_xbGwUu-QM4qDV-PjqeyV6lDkW5r2_smq44arYFmmGYpNrFZscF9OGRiVEKpjqparAhTf_NDWIcvUJGdMl3f-5i2Iwh9PHANtubPqeLKg4YPQE_DJLNuCBLNg83JNCzAQ-liGKb62FlgL6v8LhFHxP2OdRaCAfu1Mmtp5bofTj6sFKx80M1QVATGE067YUmk2OeYVHmstUPkacneWZaUo_9QazDqrsQzz-6wFTYkcNf-o2Ucfwngwayi0TmyFjYDh7fkMXN1JUyWYjtmaOraC2QeMhq-XiArEixrqbhq9P3xGqBNo_ZfZwPpmOYHviqoD3aznacRgcGIcdvjrVX8GaKBnyaTtemQiwI8SMy4WtjZjJUYwE0m9XPhU-PZT9TXFMbwzffbolNBRqCOakDrXXfGcB2n8FI7BV4e4tBr0PtEhBNQii5ORiEERimJcrfDbM7jOEz-KktUtMAXo-ycjUeYQT1OBQF2bCTMVkimEqsuBdwF___9tfCUsXyviX9Xk8CMiqAAumoRWQf93Mg_KRCOjuPkDhS_Vo1O_SjpUXdCftx_l6jZnKyFoGNY3Mq8UjHGwr9mYJ99XlMK6zcSsteVoJzbQ3nX8YW2L80ChGSL98GMoNs1Z0N-x6zFtFeWg5ogycQj_SUdCghQ2TEmz0fFFTpn7Mm07wb0j0YziWY-P2qP3opsV7WAKPPYANocP5ovD_7jk4KzfKeOXpM95wRvS7KwfFTi_a2hmwGm2oDd_25FZ-nHMyJ3rAu6HO7uMOQTpeUzlahG-TRRI28-FNpO5egr1JHPFIdvCX8nTWCFEOInpWTnOnUf_CIkYc_mDQXRu8Cs2syIz13TXAaN77kYBExD4Udfqn4vuPJkaLAo6HclK42b833sepFxefrJ5BjvRYFVbpNQAKzZALs4uyYKO3d9wJy9H5yYrhOBE9j5aEddKy1PgdtxzOCh6AiDISlFVigKXIx6MUQaEUMyMJBlvPkwPMlYlTJCi-1_m0wW0Udt7ZbmJKkdERQuQjMcBxAlbAwsS_mheXJm_ZfqOoSaT5u-RMWxv5WIdMhxOLYXQnY_bdeKt4CQsj3IYezA2fPA2oQRsQA8vGzTqS3X3ivBfIMUku11kGl6WtBlEXkHbHYxCyENrP0GnWudNZ_fu8anao8ICfGJTuyLI4N0gKeyGJpnXe1f02JeQHCYiOtufAL06j3Qz1vrPr7NRgwi1ha8cr5d6Dk19IYUTHuKcwV_czQR7To1qmEcTAAqj-R3DimaQRWrv5-DIxR_AYX9FIFUHSVHmIieldVcHDOYtR0Rko0l34aH7FEdHKX9C2iB_iwQI_OoLdYMEweeXGC_q0HdhgOsINFzjqjhiT3eRPzWRwXW7n3LlREXdcg&cid=CAQSTADUE5ymWX1f0_VzPp4Q28S6Q7Fxjg0ukbMPwI7WH0mZQx_aaFcONSbytV53Wq7Z1SusZNjIq5u2PUQTkRas8GnG4Hw-u1_DRPe_L7YYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=7180019677964640000&adk=943508955&idt=233&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 19:14:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame E1AE 28 KB
11 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 19:45:03 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EB4B 22 KB
8 KB 47ms
47ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 64600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:11:58 GMT
expires: Fri, 01 Mar 2024 14:11:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame 72A1
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=9asfppdpo3te&nw=20&renderingType=javascript&namespace=38cdf3c8fc&subid=&uid=4ee1cf90273be539&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=9asfppdpo3te&nw=20&renderingType=javascript&namespace=38cdf3c8fc&subid=&uid=4ee1cf90273be539&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

91ms
69ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=9asfppdpo3te&nw=20&renderingType=javascript&namespace=38cdf3c8fc&subid=&uid=4ee1cf90273be539&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3sFBasBZOKoNM2r3gPLgZPoA6blvaBp_Zqcp8kP8C4QASCI2bOYAWCV4pCCoAfIAQmpApstxEe4zbE-qAMBqgSDAk_QIdHLTzeJ1JJ4R7Rf2rsxCs2PiTM7UBQOF20DF8Zw-5QRDE-TgVf8r10nf34VaNhURUPxxOgCzIsAMSEjW5JIRAIdK3CsEZ5-vLRspa-0nFga3gYcfQCDdf4vJ9JiyC0AVVCLEbEssvcvYuULFqnzsM31vH8IG7VbdEvcMejk8IXtxIZ_T6l6FKB4DWWFUjYwknxsYnXBRoPZFK2pmXivjZv_aWg5JCt8ArZQTBvhg6x6YkZ0ZZvh-c1eujEnf2sGuOn9S1VnTUlo1h3yHEFpUG6XvLXStPt9qR52NJf7rGZO0dIKl6OX6SnyvZuUnh1GyTYLPiAnPUTMUXKfU8weV_rABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB%26sig%3DAOD64_3L6sB2FKEvQqjTjqS8-AlKnPpNzg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-B-Tv4wfUHJOWeVKfmFmescX3rv2irReSdeZkssBv-9NiSY76FW6wqFHubSG70AdOy4kjWbq5m3Dj5P4P_m6Nnr85XgAPrkPgxEWDcWd5RaSKEPseWKg6HleCV7qomJNkCfZNnaEE3tWGGflBBcj8EjZU_fODQ50rD3Ya9Vnboi3LJiif0%26cry%3D1%26dbm_d%3DAKAmf-BtGJ2F9bAg7R3-99TpFWyzo7Bc14QT7bCW4rGa_1hJIkbyNJuALEUmxCrdd39KC0Ck53tqnIIX-7uXSkQQaf4wj9OjshFZRbYAUu80JDlyn_v7M7znAwjJTEhq5vfE2pj12F2O910DAhTixyIqOUiWufWwu5MoNAgeF-VjDz8rFQXEP06BGiKfk0lEg9JmLr-nRmqMBfSmSxDVvyW0UzD5_iuxWWjkk-SqP_XmPrxvq1MYHBdaLO5sB2kfzQyPZhcjBbXzl3BZbBQZGXWFkaX_xf6Fq2tf1145QTJ6w4QtlyGJhtGKgvl7CCwf_2UO_0-uksgvHYZmPtI1onrGIOh3oIDIqO-2t7i2TrKmoRmbcYs_KuM-F994qItJbDYl4FQgdxw7rffYKnTbppmjXuFrDNPIVtQxwsKIZcBf4k3hjoIi50aq6XnsTr1u2H3bjcr5vZE-8nVcMq_Hj90zoJJagibl5f2kKwQRF1urt9Q02IVuXmQ%26adurl%3D&documentReferer=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=3767899033909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 895d2c1ad53533ec3c73d8dd128a7e3ccf41e0a50e8bc3d35577122e636fbef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 08:08:39 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 72475300037255004444980012252025
Connection: close
Content-Length: 953
Expires: Fri, 03 Mar 2023 08:08:39 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 08:08:39 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=9asfppdpo3te&nw=20&renderingType=javascript&namespace=38cdf3c8fc&subid=&uid=4ee1cf90273be539&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3sFBasBZOKoNM2r3gPLgZPoA6blvaBp_Zqcp8kP8C4QASCI2bOYAWCV4pCCoAfIAQmpApstxEe4zbE-qAMBqgSDAk_QIdHLTzeJ1JJ4R7Rf2rsxCs2PiTM7UBQOF20DF8Zw-5QRDE-TgVf8r10nf34VaNhURUPxxOgCzIsAMSEjW5JIRAIdK3CsEZ5-vLRspa-0nFga3gYcfQCDdf4vJ9JiyC0AVVCLEbEssvcvYuULFqnzsM31vH8IG7VbdEvcMejk8IXtxIZ_T6l6FKB4DWWFUjYwknxsYnXBRoPZFK2pmXivjZv_aWg5JCt8ArZQTBvhg6x6YkZ0ZZvh-c1eujEnf2sGuOn9S1VnTUlo1h3yHEFpUG6XvLXStPt9qR52NJf7rGZO0dIKl6OX6SnyvZuUnh1GyTYLPiAnPUTMUXKfU8weV_rABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB%26sig%3DAOD64_3L6sB2FKEvQqjTjqS8-AlKnPpNzg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-B-Tv4wfUHJOWeVKfmFmescX3rv2irReSdeZkssBv-9NiSY76FW6wqFHubSG70AdOy4kjWbq5m3Dj5P4P_m6Nnr85XgAPrkPgxEWDcWd5RaSKEPseWKg6HleCV7qomJNkCfZNnaEE3tWGGflBBcj8EjZU_fODQ50rD3Ya9Vnboi3LJiif0%26cry%3D1%26dbm_d%3DAKAmf-BtGJ2F9bAg7R3-99TpFWyzo7Bc14QT7bCW4rGa_1hJIkbyNJuALEUmxCrdd39KC0Ck53tqnIIX-7uXSkQQaf4wj9OjshFZRbYAUu80JDlyn_v7M7znAwjJTEhq5vfE2pj12F2O910DAhTixyIqOUiWufWwu5MoNAgeF-VjDz8rFQXEP06BGiKfk0lEg9JmLr-nRmqMBfSmSxDVvyW0UzD5_iuxWWjkk-SqP_XmPrxvq1MYHBdaLO5sB2kfzQyPZhcjBbXzl3BZbBQZGXWFkaX_xf6Fq2tf1145QTJ6w4QtlyGJhtGKgvl7CCwf_2UO_0-uksgvHYZmPtI1onrGIOh3oIDIqO-2t7i2TrKmoRmbcYs_KuM-F994qItJbDYl4FQgdxw7rffYKnTbppmjXuFrDNPIVtQxwsKIZcBf4k3hjoIi50aq6XnsTr1u2H3bjcr5vZE-8nVcMq_Hj90zoJJagibl5f2kKwQRF1urt9Q02IVuXmQ%26adurl%3D&documentReferer=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=3767899033909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 03 Mar 2023 08:08:39 +0100

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 919D 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 20:40:34 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E1AE 41 KB
15 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:11:58 GMT

GET
DATA 200
OK truncated
/ Frame E1AE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2e9d2ea04dae4e5e70c5df96d6e2879be526c3e00f4a89cf4100fdd67537958

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame EB4B 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 20:40:34 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3E36 22 KB
8 KB 47ms
47ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 64601
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:11:58 GMT
expires: Fri, 01 Mar 2024 14:11:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adv.office-partner.de/ Frame 4379 930 B
931 B 199ms
17ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=9asfppdpo3te&nw=20&renderingType=javascript&namespace=38cdf3c8fc&subid=&uid=4ee1cf90273be539&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3sFBasBZOKoNM2r3gPLgZPoA6blvaBp_Zqcp8kP8C4QASCI2bOYAWCV4pCCoAfIAQmpApstxEe4zbE-qAMBqgSDAk_QIdHLTzeJ1JJ4R7Rf2rsxCs2PiTM7UBQOF20DF8Zw-5QRDE-TgVf8r10nf34VaNhURUPxxOgCzIsAMSEjW5JIRAIdK3CsEZ5-vLRspa-0nFga3gYcfQCDdf4vJ9JiyC0AVVCLEbEssvcvYuULFqnzsM31vH8IG7VbdEvcMejk8IXtxIZ_T6l6FKB4DWWFUjYwknxsYnXBRoPZFK2pmXivjZv_aWg5JCt8ArZQTBvhg6x6YkZ0ZZvh-c1eujEnf2sGuOn9S1VnTUlo1h3yHEFpUG6XvLXStPt9qR52NJf7rGZO0dIKl6OX6SnyvZuUnh1GyTYLPiAnPUTMUXKfU8weV_rABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB%26sig%3DAOD64_3L6sB2FKEvQqjTjqS8-AlKnPpNzg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-B-Tv4wfUHJOWeVKfmFmescX3rv2irReSdeZkssBv-9NiSY76FW6wqFHubSG70AdOy4kjWbq5m3Dj5P4P_m6Nnr85XgAPrkPgxEWDcWd5RaSKEPseWKg6HleCV7qomJNkCfZNnaEE3tWGGflBBcj8EjZU_fODQ50rD3Ya9Vnboi3LJiif0%26cry%3D1%26dbm_d%3DAKAmf-BtGJ2F9bAg7R3-99TpFWyzo7Bc14QT7bCW4rGa_1hJIkbyNJuALEUmxCrdd39KC0Ck53tqnIIX-7uXSkQQaf4wj9OjshFZRbYAUu80JDlyn_v7M7znAwjJTEhq5vfE2pj12F2O910DAhTixyIqOUiWufWwu5MoNAgeF-VjDz8rFQXEP06BGiKfk0lEg9JmLr-nRmqMBfSmSxDVvyW0UzD5_iuxWWjkk-SqP_XmPrxvq1MYHBdaLO5sB2kfzQyPZhcjBbXzl3BZbBQZGXWFkaX_xf6Fq2tf1145QTJ6w4QtlyGJhtGKgvl7CCwf_2UO_0-uksgvHYZmPtI1onrGIOh3oIDIqO-2t7i2TrKmoRmbcYs_KuM-F994qItJbDYl4FQgdxw7rffYKnTbppmjXuFrDNPIVtQxwsKIZcBf4k3hjoIi50aq6XnsTr1u2H3bjcr5vZE-8nVcMq_Hj90zoJJagibl5f2kKwQRF1urt9Q02IVuXmQ%26adurl%3D&documentReferer=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=3767899033909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 03 Mar 2023 08:08:39 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 10 Mar 2023 08:08:39 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

activityi;dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11 Show response
5994599.fls.doubleclick.net/ Frame 63D9
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11?

390 B
325 B

87ms
86ms

Document
text/html

142.251.208.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11?

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f6.1e100.net

Software

cafe /

Resource Hash

0024e6c5180ed81c0136128403615c311a7d088323cb8bae219caae5256f943e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:39 GMT
expires: Fri, 03 Mar 2023 08:08:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame B840 4 KB
2 KB 34ms
12ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=72475300037255004444980012252025&a=7e0b1c1d
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=9asfppdpo3te&nw=20&renderingType=javascript&namespace=38cdf3c8fc&subid=&uid=4ee1cf90273be539&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3sFBasBZOKoNM2r3gPLgZPoA6blvaBp_Zqcp8kP8C4QASCI2bOYAWCV4pCCoAfIAQmpApstxEe4zbE-qAMBqgSDAk_QIdHLTzeJ1JJ4R7Rf2rsxCs2PiTM7UBQOF20DF8Zw-5QRDE-TgVf8r10nf34VaNhURUPxxOgCzIsAMSEjW5JIRAIdK3CsEZ5-vLRspa-0nFga3gYcfQCDdf4vJ9JiyC0AVVCLEbEssvcvYuULFqnzsM31vH8IG7VbdEvcMejk8IXtxIZ_T6l6FKB4DWWFUjYwknxsYnXBRoPZFK2pmXivjZv_aWg5JCt8ArZQTBvhg6x6YkZ0ZZvh-c1eujEnf2sGuOn9S1VnTUlo1h3yHEFpUG6XvLXStPt9qR52NJf7rGZO0dIKl6OX6SnyvZuUnh1GyTYLPiAnPUTMUXKfU8weV_rABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgGYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB%26sig%3DAOD64_3L6sB2FKEvQqjTjqS8-AlKnPpNzg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-B-Tv4wfUHJOWeVKfmFmescX3rv2irReSdeZkssBv-9NiSY76FW6wqFHubSG70AdOy4kjWbq5m3Dj5P4P_m6Nnr85XgAPrkPgxEWDcWd5RaSKEPseWKg6HleCV7qomJNkCfZNnaEE3tWGGflBBcj8EjZU_fODQ50rD3Ya9Vnboi3LJiif0%26cry%3D1%26dbm_d%3DAKAmf-BtGJ2F9bAg7R3-99TpFWyzo7Bc14QT7bCW4rGa_1hJIkbyNJuALEUmxCrdd39KC0Ck53tqnIIX-7uXSkQQaf4wj9OjshFZRbYAUu80JDlyn_v7M7znAwjJTEhq5vfE2pj12F2O910DAhTixyIqOUiWufWwu5MoNAgeF-VjDz8rFQXEP06BGiKfk0lEg9JmLr-nRmqMBfSmSxDVvyW0UzD5_iuxWWjkk-SqP_XmPrxvq1MYHBdaLO5sB2kfzQyPZhcjBbXzl3BZbBQZGXWFkaX_xf6Fq2tf1145QTJ6w4QtlyGJhtGKgvl7CCwf_2UO_0-uksgvHYZmPtI1onrGIOh3oIDIqO-2t7i2TrKmoRmbcYs_KuM-F994qItJbDYl4FQgdxw7rffYKnTbppmjXuFrDNPIVtQxwsKIZcBf4k3hjoIi50aq6XnsTr1u2H3bjcr5vZE-8nVcMq_Hj90zoJJagibl5f2kKwQRF1urt9Q02IVuXmQ%26adurl%3D&documentReferer=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.ukr.net&random=3767899033909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7f4ac58cf98f42cdbb8459f9ff69b60c986bc9685093de2a41cacf23cc2191eb

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1550
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Mar 2023 08:08:39 GMT
Expires: Fri, 03 Mar 2023 08:08:39 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 72A1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8512b225c61582ae6f1f22ee7b4ec772327099061f16bbafde82e2e6f6e3baa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame B840 0
150 B 34ms
12ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=72475300037255004444980012252025&a=2a5d7441&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=72475300037255004444980012252025&a=7e0b1c1d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=72475300037255004444980012252025&a=7e0b1c1d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:39 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 link.html Show response
track.webgains.com/ Frame B840 1 KB
2 KB 139ms
67ms Script
text/html 18.132.62.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3272825&wgcampaignid=99582&js=1&clickref=72475300037255004444980012252025&viewref=72475300037255004444980012252025&nw=1&cp=349185468
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=72475300037255004444980012252025&a=7e0b1c1d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.62.60 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-62-60.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f2b87472175a73c2455627f81b4e86c38c9663a298a6ab52806b5ce49a6004ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:39 GMT
last-modified: Fri, 03 Mar 2023 08:08:39 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 03 Mar 2023 08:09:39 GMT

GET
DATA 200
OK truncated
/ Frame B840 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9952578787551990323/ Frame 21A4 117 KB
22 KB 145ms
49ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9952578787551990323/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67d11426ac28cf74cc9b8da2c7fff4e7c3f0784186931f65eacbc4a133e8cb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 181431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22780
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 05:44:48 GMT
expires: Thu, 29 Feb 2024 05:44:48 GMT
last-modified: Fri, 27 Jan 2023 13:08:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E1AE 0
0 220ms
91ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJCZNk--zOkcMog3JOebuR9kUCZOL-67FXhQrPkvLY2oyRxHdWU3XLudm_Ee2dGGdzF54POAooTMEV1Zs-_WiqVKL_PJEkHvVA11s2vBfUS0GESrRbVzMfzbaJQK1CujCTJ0OZLrUeeK1tfjb8g_yjyc6ATaJR_XeosXJiFZSG_f5aJksPCOInH2CUj0yCei-U6E-Zi3RHofAr_ov93i1XuDCrgxaBP4nwuytc95DbGbK9hVhaTKHGshmFJYvgX8srJnTKeyfluCAAf_MSrmuSD2pEvXKeeMPrT6z7zIV1oacXD2uiMad6GXQapCR-3jXMNuoHn0Hl_1_uPnhZ1hVuYSPhHtCv7-MRNksJDINTYfOFXkRGtUM4qaRCL77F5y4Ajyeq2mzr0ZGKzr7rBO-Vaqi8b9VaFdyUFrk11lRocCUz72f7bOYx8JRoWf5LdOkUHQijlEz7vuxx8xGEYZhHweh7Nc309sz4ty2a7XNYBOZ25WUgMhVUmqriujrrKVDur7q1x3xqxvzY17JSAUPCRnnO8yPZpD1TJ-U73VR7WRUyI4VKNpM2cmrLc1ryYPG_JBBs5ZkSEBMdQoNY92OrlKkNObSfl2PtcrWZ_K6mZ57b566yJgb1x_p9tabqt8NPzt-dpNpC0CzzJgFU3Hk9ZkHhVe23ClVr3xLh65yOgg5sLJDlh9JUHGd7hJsZV3B4oorrX5SFHO8YoVxGfSAl2_WnrCHHm77xV75ZvtXot5NA858XZ-lzr7xiy0qgR2_jfGpU9qs_WYrzj19NekDst0_D1SCWYxZTlkP6n14jNzyQ8cyoql-JrDLYjk8DKpuGZrKFmML8KCaM4o4akJziuwYaXVVAKWPyaYHc1aETcJgf4a33IfMjxOi-n0xYxrWQRtSFaolRejfeEhw7JUABLhU_n8MdsMQll_-7I3tSNpLCOBzEA7u659iUrt61L8zkzMehHi5u4BeMTksKgdqMY_iNqIgTptV43yA87gZo719pS4-hNpHjfGgj5bQ6z1l_zlGmgsEufvZqjVlG9Aj4VvGzcScYAiaRP0IabYoz7Jb8lmxg7Sn4htP8n_Jb3B5ok6YRvDtvJd9sU-U3H_QLIxUYAaeIpVUO6lB2tgaz2mNmaUeRuEaPfzYXIgZV8Eo8FXFW7iP2b62WQdch0dt8Jyfk-zXWNHS5v5joOjeRZIfn72qGLDlEs0HfTczoaESFmDa6yKBCQoZzz4J_sLy8bDO6XTGajKH2MJ7q_URDtKHDV6zOCclIpmG9ygA0Wt4NkRcsDGPRymWMRHD0YV7jJ0BZCfo6p8ZjLg&sai=AMfl-YSnfaAKSk52EDzUPpJPiNrQjvorN8V8bKwt-z6ODkjqIhCLdZ2qSi3aZz6-QjiJSCcjYUNUkvjmDwYRWqik9ynlW8POc7-0feirW7WpU7BHJpECHoCxdqhzfsv09oUZPN4PUL74t3rSxaLgsz5huRK1IRVfAbouSTSPkFI9UYeM6pAGcousswoZTCgpd_aaB-Z4fwTc480iaGdNNZ0ZQ7CcN6UaelLyShVFrQM6eVYlsE6O3m_dlVGWpU9wKXGbZgl2PbtnXoczvvrpCCNWQBSQaCDiGQJQlyzV&sig=Cg0ArKJSzNUEOwxY8qfjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=275&cbvp=1&cstd=271&cisv=r20230301.91524&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Mar 2023 08:08:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Mar 2023 08:08:39 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E36 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 20:40:34 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 4379 105 KB
40 KB 71ms
70ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67f1b254d0db2b74059a5094c9f042092cb45704d47268908c7f8474cb2c34bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41436
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Mar 2023 08:08:39 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B840 85 KB
31 KB 103ms
19ms Script
application/javascript 18.66.15.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3272825&wgcampaignid=99582&js=1&clickref=72475300037255004444980012252025&viewref=72475300037255004444980012252025&nw=1&cp=349185468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-19.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 02:08:29 GMT
content-encoding: gzip
via: 1.1 62f2a061e41be90ceddd231b5157117c.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 21611
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: FgE8hgIgTOWQmdBigPiFE3NM8loYlkiOTqIli1LY5DCO-mz1qAxw6A==

GET
H2 200 link.html
track.webgains.com/ Frame B840 26 KB
26 KB 68ms
68ms Image
image/gif 18.132.62.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=99582&viewref=72475300037255004444980012252025&wglinkid=3272825
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=72475300037255004444980012252025&a=7e0b1c1d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.62.60 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-62-60.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 35dd29f4e09c0bdd0042cfdda75652b5f1b09b0251e4356220eeee54c95d71b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:39 GMT
last-modified: Fri, 03 Mar 2023 08:08:39 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 03 Mar 2023 08:09:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 21A4 9 KB
754 B 71ms
70ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:300,500&display=swap&subset=latin-ext

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9952578787551990323/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c0f42c60ffb89e2bbdf8ddbb3a792e0ba6cd3b15692a71c0ebf4b261ae4455e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 08:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 06:13:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 08:08:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB4B 0
20 B 81ms
81ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQYkcBqsBZIbnLomGjuwPq-qLmAcAAAAAOAHgBAI&bg=!FhWlFUHNAAbv3-2Ez987ADkAdvg8WgktH-g-SyfudiLu3ubujGWgiAdI5UUW7lzrhOgDahsUYKvS2vKeYDD3f-HdM2yK1uwDMxcCAAAAklIAAAADaAEHmQNCID_TyTDdvi9NwAcHM0Z20dC293tvAq1tyLCegjuBHaeLX0ZpHqTfEF0HjAFEl1kupEpgBsOabJcPG07hV5QQ-8WOJjL4WssYR1pPVxhumqspbA_-D951b2yI_lbYGsoZ0F3bfSwyQHgwRTPwUfVZqphKi5LPRYWQOVDs-f0jIfVRldci42U45YhmkyhgoEPL_hOC-V8XNi6V9_b2WOU-Ke8nvDyb7J65q5Cta_SgNugRDFwwhJQk3TYwAW-A_t9oRyX5mQDJVRV0R5Y2D8iRRwYw2Y4A-0VmBZcOhgKCIEfGmmb0H9eht-R4CuPJqQF6ei8ksFViMsJ9HEvoSOX9Teozj8IuO34fNkzHETtx6Nh0gKtowBwdLHk6OJtYXPmRO-UJWsjaEv_Y197s0TC3wG4EwQkwtqe4jBBFEoa5p8SRa5tp_xyJM051_Uz_Q_ppTHLubC81vc6RBS5YpGO3SuWA4yk-8_eyXRly-A_eI5ljge-oFG3lfoCqLyTpgheFjyJaHtHUD-KF41UOlq4Uj6kvLO2K-ugLG4itGlo364AH0gKE6WrVtF0KVxXsbvIzDkQi8wfODD0GURc2DRprg1fmvX8NaBc8151Jy1ddJ7Ei2nFoLoU-wnYAJ6pkFaAHkZYZ2Z4g2vsi7X-etFiaGvh6wtgGLCS2_hyk07l6sDJdmmsSRNV97Q-sd8ksbLcRH0I2nf-6TCgjqb5obZwOl3TGrTZlloWGJ0MJXW7mdNprdH9NdT3DA5eka6cvSF2F2ORkjjv7tCQp1Uxbaq1cOwlKmsjYNC8i-Wro7NPF_mzN3pazmUIdycd8BKvyR9WYYY5JHvQHpNkkGULaoUs9fihe65nBPnaWlk6lxQMvxhL8suj_9E5i2poD3UIzinEdZIfVtLErPrj_6_fJiw0NUNJnEIby2fWNhjx8bnk-oI2NKBB_c6ys4ugnL1nMC1P0ocB4wQcYch2NSQrZsKB4QJaX0KD_7bA-gcEktZF6nwBvSR2FGzQ6XYQaH7_u9ATW6Ix8VzdnJ5f6Lgit4_8MN-MUodNGrQe3gnD7iMlB3NhH7X-6oAkWSXaTFBxW7dcogs1U2uGG63h0nf-g1vdlTxuW

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 21A4 29 KB
10 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9952578787551990323/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9952578787551990323/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 11:42:13 GMT

GET
H2 200 dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11
adservice.google.com/ddm/fls/z/ Frame 63D9 42 B
262 B 82ms
81ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGfwJ-nv_0CFaMhewodF7UFww;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9202599485803.11?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ Frame 21A4 32 KB
32 KB 73ms
72ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:300,500&display=swap&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:19:54 GMT
x-content-type-options: nosniff
age: 67725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32860
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:19:54 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 21A4 15 KB
15 KB 47ms
47ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:300,500&display=swap&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 66488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:40:31 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 21A4 16 KB
16 KB 54ms
54ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:300,500&display=swap&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:57:30 GMT
x-content-type-options: nosniff
age: 141069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:57:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E36 0
20 B 82ms
82ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_x_YBqsBZOnWMuiKjuwPgY2a2AUAAAAAOAHgBAI&bg=!nZ6lnsrNAAbv3-2Ez987ADkAdvg8WoAwPe8Rvg8pV-2kCIOrj0nIRDvhJGseW7huDwGiDpMeTfrRvGanCRslJmnC9QBhKKejx8sCAAAAmlIAAAAEaAEHmQMBKOTAkP9FNl2msdC30rOEOuXeg_K1a09gUmPqqMmkFguSmupnKN2sszv54Ci7drkB4mGsjfCBDYjCE_RI_JUuh7pqmzt9ATtPr_xYeYaQStd5KdnAWuV_1DdJEd7Xcrvx_CqieSJI1FtfqCggRHnk5_swttIvucNACEQ9iUyTDSX7pcc84rwTFkAsnfWLrpzqFon1Q7Fs_s9pXb_wjqBl5Zy8s9VyrKD-rSpUybMwdHputt3Gz7VSE80CfEmBByvxZ8Yj5ly7jOFtbRfKlhUrsUlHW51H3C6bWBJu6A0o7L_qiwD4DwKIpo9n5GWLsGPIoOMfmGohzh2Kxsz6dmQJzGcmRUq-NJnY5TNdJlK2i5HiniVI4a7fERMWnlJpEg8SlNqSgNWQGIdFwxgzd-a-3gmmWtmu59JTls118fLoHaHutbZbi281Cgof1ZB-OXssFF5NiQotBOl07gX4XVJkici6edXEImvGFMBjU83fIv3mmScVYOYl3FYEZXcR5SnirQs0ZYvo7o6faZkpZclwmU6DAvjL2THi99GWlRys33s112fsUDZtzTEk3B8LVqrPSLowjlagMgD0z6isvPFFBJHcEy3gY52CPn7BuAARUymxyIV-Koj5ehkIRTaXBefUgIswWTOqo3KKj3JjAiVCwd-46wdb2vH_7Xz19oBhhUYZdAeUKMFupKNohKLvQTSHqtym2nM9qik5d2tGoE7ACd71pcWugf8NOVsSOPCme6mwwpQWa2F1SG0RF_xFNjOMasie27GFDxnH6jwYD-NcDDD5QWo7rL_g24aNja9MIjxBZvJnV6Kk1EaoOYtpS8vvGLeTxVQGP6D0TuLe3t3XZpbvX9KSRlgoG-8PDarh88oZzCnQkZuPwTzqwfI5h0vb6EQ9SbFWu9MnxC_ncKPQb5xDF_w0qLI5WPFbU753Yet0XNzeIM7m6sjHKOqjFcTNRK4SMAIONuwUAooSV-i4HRNPP0ZV2Lilp2ixVBoyjJyI4P-U-efxN6wdbW-_vgbeug

Requested by

Host: 0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
URL: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/9952578787551990323/ Frame 21A4 5 KB
2 KB 48ms
47ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9952578787551990323/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9952578787551990323/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67466685b72195c7eab43d096fecd72f5855ceef51477f029e88306f8743e430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9952578787551990323/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 23:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1737
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 13:08:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 23:37:20 GMT

GET
H3 200 300x250_frau.png
s0.2mdn.net/sadbundle/9952578787551990323/ Frame 21A4 208 KB
208 KB 50ms
50ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9952578787551990323/300x250_frau.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9952578787551990323/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a088376bd6de98cab3d09f19493c720e44bcebd0b0d169037d726ff801531f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9952578787551990323/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:07:57 GMT
x-content-type-options: nosniff
age: 68442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213030
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 13:08:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 13:07:57 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E1AE 0
0 83ms
82ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJCZNk--zOkcMog3JOebuR9kUCZOL-67FXhQrPkvLY2oyRxHdWU3XLudm_Ee2dGGdzF54POAooTMEV1Zs-_WiqVKL_PJEkHvVA11s2vBfUS0GESrRbVzMfzbaJQK1CujCTJ0OZLrUeeK1tfjb8g_yjyc6ATaJR_XeosXJiFZSG_f5aJksPCOInH2CUj0yCei-U6E-Zi3RHofAr_ov93i1XuDCrgxaBP4nwuytc95DbGbK9hVhaTKHGshmFJYvgX8srJnTKeyfluCAAf_MSrmuSD2pEvXKeeMPrT6z7zIV1oacXD2uiMad6GXQapCR-3jXMNuoHn0Hl_1_uPnhZ1hVuYSPhHtCv7-MRNksJDINTYfOFXkRGtUM4qaRCL77F5y4Ajyeq2mzr0ZGKzr7rBO-Vaqi8b9VaFdyUFrk11lRocCUz72f7bOYx8JRoWf5LdOkUHQijlEz7vuxx8xGEYZhHweh7Nc309sz4ty2a7XNYBOZ25WUgMhVUmqriujrrKVDur7q1x3xqxvzY17JSAUPCRnnO8yPZpD1TJ-U73VR7WRUyI4VKNpM2cmrLc1ryYPG_JBBs5ZkSEBMdQoNY92OrlKkNObSfl2PtcrWZ_K6mZ57b566yJgb1x_p9tabqt8NPzt-dpNpC0CzzJgFU3Hk9ZkHhVe23ClVr3xLh65yOgg5sLJDlh9JUHGd7hJsZV3B4oorrX5SFHO8YoVxGfSAl2_WnrCHHm77xV75ZvtXot5NA858XZ-lzr7xiy0qgR2_jfGpU9qs_WYrzj19NekDst0_D1SCWYxZTlkP6n14jNzyQ8cyoql-JrDLYjk8DKpuGZrKFmML8KCaM4o4akJziuwYaXVVAKWPyaYHc1aETcJgf4a33IfMjxOi-n0xYxrWQRtSFaolRejfeEhw7JUABLhU_n8MdsMQll_-7I3tSNpLCOBzEA7u659iUrt61L8zkzMehHi5u4BeMTksKgdqMY_iNqIgTptV43yA87gZo719pS4-hNpHjfGgj5bQ6z1l_zlGmgsEufvZqjVlG9Aj4VvGzcScYAiaRP0IabYoz7Jb8lmxg7Sn4htP8n_Jb3B5ok6YRvDtvJd9sU-U3H_QLIxUYAaeIpVUO6lB2tgaz2mNmaUeRuEaPfzYXIgZV8Eo8FXFW7iP2b62WQdch0dt8Jyfk-zXWNHS5v5joOjeRZIfn72qGLDlEs0HfTczoaESFmDa6yKBCQoZzz4J_sLy8bDO6XTGajKH2MJ7q_URDtKHDV6zOCclIpmG9ygA0Wt4NkRcsDGPRymWMRHD0YV7jJ0BZCfo6p8ZjLg&sai=AMfl-YSnfaAKSk52EDzUPpJPiNrQjvorN8V8bKwt-z6ODkjqIhCLdZ2qSi3aZz6-QjiJSCcjYUNUkvjmDwYRWqik9ynlW8POc7-0feirW7WpU7BHJpECHoCxdqhzfsv09oUZPN4PUL74t3rSxaLgsz5huRK1IRVfAbouSTSPkFI9UYeM6pAGcousswoZTCgpd_aaB-Z4fwTc480iaGdNNZ0ZQ7CcN6UaelLyShVFrQM6eVYlsE6O3m_dlVGWpU9wKXGbZgl2PbtnXoczvvrpCCNWQBSQaCDiGQJQlyzV&sig=Cg0ArKJSzNUEOwxY8qfjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=752&vt=11&dtpt=477&dett=3&cstd=271&cisv=r20230301.91524&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Mar 2023 08:08:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 196ms
99ms XHR
application/json 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddf8cc0fb3bc0fd3fcd741c986e1f21cf62fa17ef8bcab6de1fc8a9852cca50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11126
x-xss-protection: 0

POST
H2 204 rum Show response
www.ukr.net/cdn-cgi/ 0
192 B 13ms
12ms XHR
text/plain 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Fri, 03 Mar 2023 08:08:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ukr.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a2064906d6f8fe8-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 150ms
150ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 08:08:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D259 42 B
64 B 83ms
82ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX7BmXjXtodxinnNc4qh4zg_C-i797_nFGwjkabZFHq9eMruadWSXaps7R-aEhEh-dVLr-l92AifSYRyGwNzFG2NpPQqO-EDHW9A3QrJplXMUWNS5OoJQLVx8zuMUq4FHI2d0U4Q&sai=AMfl-YQneq-ZVAEZPUaQy1BLUsyjNmkkT-G6l13zQIcbyg35qEXke2RUjG0IPcbMwd7F07nlL089RBZKAnWdCw4VBkHu8_j8L6xN2UDn78q6xoivJbO6puqbAKiUk9DY-658uBL1FIHzJo_BbW4lfA&sig=Cg0ArKJSzGf5jFq46C4nEAE&cid=CAQSTADUE5ymfefIHMgtxo4rXTFxPdWKvLywmZpdVOIVeNd1uNhGuSw22MK6GcAhryQGgrL3vOs9wSW_-Ofa2CyUPG2191mjriKF_3SBrekYAQ&id=lidar2&mcvt=1002&p=89,130,689,290&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3371586687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677830918473&rpt=496&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E1AE 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKs_didW4dUHMUDlIbfpeonDpJrCvfh41g9UXa3IE1MI2Sb1Y_OLLvtpcyq6ZEN9ELZgC7aatu33qeW7AWNRQ5AED-p_CIVm8Nju-9jpzV7oOU5-tqzGfBJbFw_yI0CJsIYvA7MQ&sai=AMfl-YTyYONFgiOGu7-YWtDE4gfHw_ew8E-2jibYPQS_E8lODFyjwTe5ID1cfrAytcyrYvfr09HiSCTzm2LDjqu7-ayli6KohCey3A1DNq32_MNYU3Yq55Q-5CL-GK5MURqbFcpePmW0D_LzNzHWUg&sig=Cg0ArKJSzFgBhacrJ17XEAE&cid=CAQSTADUE5ymWX1f0_VzPp4Q28S6Q7Fxjg0ukbMPwI7WH0mZQx_aaFcONSbytV53Wq7Z1SusZNjIq5u2PUQTkRas8GnG4Hw-u1_DRPe_L7YYAQ&id=lidar2&mcvt=1125&p=196,995,446,1295&mtos=1125,1125,1125,1125,1125&tos=1125,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2774844501&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677830918391&rpt=628&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 72A1 42 B
64 B 84ms
83ms Fetch
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfKr0qy8T33B18SoZURp4zodvBDmUdlvukz1w1oVt1nupDQuVKlXX7RndDF7VDKNB8dD2OE5VyXRE0iBA2s0A8lhIZkpTNWOp6Hil_84h3rff0uvimYPwP-86b&sai=AMfl-YR9UdE8ZHQBKqw3eIAzeOg1rgESPwAZiqJDRQDFeVzPZtMy9HSsS0DFwefyD3ukrEaVk0TxnKZPj0z4zN9xv0KNYRFRAKB6KcHFkGffPxfc5Zp5T593LnT_ndpgncGA_UTe2mPVhlYYZPDM&sig=Cg0ArKJSzOiDggdDmFahEAE&cid=CAQSSwDUE5ym1teIRvVJAIX2LHK90zzgKPPUxERDae8kCNojCRQ5wEdyGD5hJ9Hs8F__gK1xgQTz2aO_i6rE3xLo4p3pKe5WEVoS4LxWkBgB&id=lidar2&mcvt=1035&p=456,995,506,1295&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=216364347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677830918369&rpt=788&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37E2 13 KB
5 KB 49ms
47ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 64603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:11:57 GMT
expires: Fri, 01 Mar 2024 14:11:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CC23 783 B
972 B 79ms
78ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b35cbb95efea242406e6b0b6c23c9c55dcca2fad6ab1023ebb87811dadc7b008

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O3HZJg-XGChrMOZE-3A7NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-O3HZJg-XGChrMOZE-3A7NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:08:40 GMT
expires: Fri, 03 Mar 2023 08:08:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame B840 0
150 B 35ms
12ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=72475300037255004444980012252025&a=2a5d7441&vb=v
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=72475300037255004444980012252025&a=7e0b1c1d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=72475300037255004444980012252025&a=7e0b1c1d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:08:40 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B840 16 B
232 B 60ms
60ms Fetch
application/json 35.178.57.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.178.57.200 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-178-57-200.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hal900025.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Mar 2023 08:08:40 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 107ms
19ms Preflight 35.178.57.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.57.200 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-57-200.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hal900025.redintelligence.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 03 Mar 2023 08:08:40 GMT
server: nginx

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 37E2 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 20:40:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CC23 0
0 79ms
79ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022701&jk=1893945974100618&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 37E2 0
10 B 47ms
46ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?noYWRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:08:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72A1 0
20 B 79ms
78ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2348473453981&version=m202301230201&ct=77&x=1&cor=8615929786391063000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1AE 0
20 B 79ms
78ms Ping
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9131249392559&version=m202301230201&ct=76&x=1&cor=7180019677964640000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
82ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022701&jk=1893945974100618&bg=!np2lncnNAAbv3-2Ez987ADkAdvg8WnRojOT0HCLzFpENERDubWbMazTiaQdJR6DZRnyy6fgYP9I67CrgG_fOGR0OGbOrPshVWUwCAAAAdFIAAAADaAEHmQKeTxFyK4wlTLkdeMR7OlhdXF1YGpUoQxKPYTqNbOLXZ2dbhygtFgL6W9dDQ8qpfwrfHZ40PdxBF_Xu4LAeSfvQ7Prv0fgjGV5Lot7JKW_q41WQOEOea6lS4eU5kSGp0HR_0uNfnEHCRxTX7vQ8H0PiEYoP6aa1FByOQ7Ih0h8fOzK85x4nkKlORBVlOFaBQpNwI-QMpbSnjsuuVx-MNRRli2Fq2t32dJnk-cbjIuUOHstxXbzuqR1PZKdLUa9zZXmNa1lyym5q-NKL1VJTQ7dwz0KP_OPsZJ8ugNznr9d7kWmoHCN7LoV2OKkPoqI8napeHKGJLwQJt8SS1A5riz1-93lBs_nKDa_aeim3ABiBWOHbFOO15jl3EvHZOevXzsjV3KyXAorwryUUVfvHdYAAoEGx5PVtDp9SedvBW_pF0LHaDlmvuwWGV3Gh9OvNhq_33EGAKkELhZxUIpm4XzU2PTdZMyJiIW5Z8hhTivYCmp7cWUvh7flJLOTDIzS_F93zwr3TyrJto61oMiF4H3qCrwJ-x5U29O8d6rQIUj_Knm8StjOm0U5T1IaaSR5QBxRntCHl0S3Q8OLmaC0TGJ1ndo9psWPPrAA0KAaFciEKtCVpuKlCDAuZs2_58pol1XYiCx4CibImlj07ZVyoTY-7s1NvGE0QWcAm31Pzs9AkFDroDbXo6bgYVWOn3-ljTh3hVt_0y3ScdihF5a4o50MIaCrEnfRetFEe63084ifdrEt8iCURi0ZYI1o0d9XrcOGLNFGndwl9Dh1qY5HCQqzM41Kq1PMNibcyyJMIULtNllughkgdI_JB7f4Z3MAwA0yYi5z4cyhCdoZxI9Qw_f3z6qClzaTfkcnbPc2R2utgtw6g9bjFlaNYH-F4jwH4JQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 20ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je3310&_p=744499671&cid=620310996.1677830918&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Fwww.ukr.net%2F&sid=1677830917&sct=1&seg=1&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_ee=1&ep.page_path=%2F&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 08:08:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

296 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukr.net/	1970-01-20 10:03:52	Name: __cf_bm Value: 3rtJBLK8Fb.qxzhwitX5AMeSuQwE4x0N.i_hd2VNjS8-1677830916-0-AZfaP0i6kZs/k3fZ1XWrY0sq/2MzOVsKUHfBpCgtw+dV/l0nd6U9HIs40HPFeVgpf4NVqoNgk9RJFiU3Td8MkHs=
.ukr.net/	1970-01-20 18:49:26	Name: un_lang Value: ua
.ukr.net/	1970-01-20 18:49:26	Name: un_news_region Value: 9
.ukr.net/	1970-01-20 18:49:26	Name: snr Value: 9
.ukr.net/	1970-01-20 18:49:26	Name: scr Value: 9
.ukr.net/	1970-01-20 18:49:26	Name: sfr Value: 9
.ukr.net/	1970-01-20 18:49:26	Name: uid Value: Cj1tBGQBqwSwg2EUCBzOAg==
.fwdcdn.com/	1970-01-20 10:03:52	Name: __cf_bm Value: 8bgG3Jp19zLSin9Pspb.Vh_LSJ5YdfJ4OamzmYhgB1M-1677830916-0-AcLoRyX9ZTWy7c06PKyftSonrHXfWM4oSGjE3xfBuB0WAM/YGNNhi9di8oL77sJR1n0ZymmNe9/CwH4rZEWc+6s=
.ukr.net/	1970-01-20 18:49:26	Name: tracknew Value: 1677830917912519.1677830917.1
.mgid.com/	1970-01-20 10:03:52	Name: __cf_bm Value: XcPlVmeWjA6IyKrcjHh3AEAV88SYgrGGk_tvQ9U1pSE-1677830917-0-AcvPuQ6tnGPwdurlr6Lil82Q3cqeO0YgN1SBAjY02FS8/A4E1qLNmKDh5E2XheAIN38qbxDItaLxp7MLHCOnrME=
www.ukr.net/	1970-01-20 16:48:50	Name: cbtYmKname Value: f4534e8324e2470e
m.mixadvert.com/	1970-01-20 10:03:51	Name: 9682fa8e65bb27b72b24797cb923b48a Value: 444319
m.mixadvert.com/	1970-01-20 10:05:17	Name: 50b12a1be38d2feaa5865bfd0c75616d Value: 1
.ukr.net/	1970-01-20 18:49:26	Name: pcity Value: 102925533
loadercdn.net/	1970-01-20 19:39:50	Name: vui Value: 2cf6458f97f14690b6d48576d326447c
.ukr.net/	1970-01-20 18:49:26	Name: fuelId Value: 4
accounts.ukr.net/	1970-01-20 19:39:50	Name: clapid Value: hN9gfQAAAACjoYhFV-GwXXZURg8TVXpg6mgUFHDdHdHcScZamx5ndQ:6mW1R8Xq70r2D2mx4PUnXZis169TDkAz_D6iu1yv6QQ
.go.rcvlink.com/	1970-01-20 19:39:50	Name: cache Value: tp_Z6NLev2_83hE
.ukr.net/	1970-01-20 19:39:50	Name: _ga_75WQ2FHNW7 Value: GS1.1.1677830917.1.1.1677830917.0.0.0
.ukr.net/	1970-01-20 19:39:50	Name: _ga Value: GA1.2.620310996.1677830918
.ukr.net/	1970-01-20 10:05:17	Name: _gid Value: GA1.2.612064592.1677830918
.ukr.net/	1970-01-20 10:03:50	Name: _gat_gtag_UA_5903420_1 Value: 1
www.ukr.net/	1970-01-20 10:47:02	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ukr.net/	1970-01-20 18:49:26	Name: _pubcid Value: b9a71165-d97d-41b1-963f-e68749aef5f4
a4p.adpartner.pro/	1970-01-20 11:30:14	Name: apuid Value: f58a9f95-4cb0-4753-ae92-e22ff74fcddb
.admanmedia.com/	1970-01-20 10:24:00	Name: admtr Value: 1d49ac8a-57e9-4b08-85e1-c95bf0678eeb
.admanmedia.com/	1970-01-20 10:24:00	Name: ac_r Value: CS160
.adtelligent.com/	1970-01-20 11:33:07	Name: vmuid Value: aae332493b3fae74
.adtelligent.com/	1970-01-20 11:33:07	Name: a307558 Value: f58a9f95-4cb0-4753-ae92-e22ff74fcddb
.adtelligent.com/	1970-01-20 11:33:07	Name: a737612 Value: 1d49ac8a-57e9-4b08-85e1-c95bf0678eeb
.doubleclick.net/	1970-01-20 19:25:26	Name: IDE Value: AHWqTUnENsKg2sX5jkcMSaEw7QgwEUa7kxThdy7IykLOimO-vxYy0k-Hs6uknJVmYTI
.ukr.net/	1970-01-20 19:25:26	Name: __gads Value: ID=d21ba720a1bf0a91:T=1677830917:S=ALNI_MZuStFnE6twZ5VeqYXMnyy1s4CZvQ
.ukr.net/	1970-01-20 19:25:26	Name: __gpi Value: UID=00000bbdc9ceb939:T=1677830917:RT=1677830917:S=ALNI_MZP4L7l6eXTqjhdWvD-uVqZQlnQsQ
.adnxs.com/	1970-01-20 12:13:26	Name: uuid2 Value: 3423732991056495713
.casalemedia.com/	1970-01-20 18:49:26	Name: CMID Value: ZAGrBiH89-SCeAufkrY5BAAA
.casalemedia.com/	1970-01-20 12:13:26	Name: CMPS Value: 1116
.casalemedia.com/	1970-01-20 12:13:26	Name: CMPRO Value: 1116
.adnxs.com/	1970-01-20 12:13:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb9Z^>*S!1yIE`fS1ueD1W-044)d+]Uer(O9jx]FWV9qqTV4D['V'GNcI@1f[DDH$u.29RFMZ9T5_m!wwS?)eE#6
.redintelligence.net/	1970-01-20 12:13:26	Name: 8lcfmzhxc8d6_uid Value: f726dbe6e63fa7ce
.office-partner.de/	1970-01-20 19:39:50	Name: source Value: {"webgains_webgains":{"timestamp":1677830919493,"clickCookie":false}}

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.ukr.net/api/v1/token/verification/acquire Message: Failed to load resource: the server responded with a status of 599 ()
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0eb955ec78a642e5c9272114a468f172.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a4p.adpartner.pro
accounts.ukr.net
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.phoenix-widget.com
api.webgains.io
cdn.ampproject.org
cm.g.doubleclick.net
counter.ukr.net
cs.admanmedia.com
dsum-sec.casalemedia.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
kinoafisha.ua
loadercdn.net
m.mixadvert.com
mail.ukr.net
pagead2.googlesyndication.com
pinformer.sinoptik.ua
player.adtcdn.com
player.adtelligent.com
region1.google-analytics.com
s.znctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
st11.rcvlink.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.adtelligent.com
tpc.googlesyndication.com
track.webgains.com
trafmag.com
ukr.net
upst.fwdcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ukr.net
zakladki.ukr.net
104.18.8.128
104.18.9.128
136.243.84.74
138.201.63.157
138.201.84.245
142.250.180.194
142.250.201.194
142.251.208.102
143.244.196.143
147.135.189.55
18.132.62.60
18.66.15.19
185.187.81.41
185.80.39.216
185.89.210.244
193.200.65.2
2001:4860:4802:32::36
212.42.73.60
212.42.75.249
212.42.75.253
212.42.76.151
212.42.83.135
216.52.2.6
2606:4700:1::6813:844e
2606:4700::6810:3865
2606:4700::6812:509
2a00:1450:400d:803::2002
2a00:1450:400d:803::2006
2a00:1450:400d:803::200e
2a00:1450:400d:806::2001
2a00:1450:400d:806::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:808::2008
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2004
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9c
2a06:98c1:3121::c
2a0b:4d07:401::1
2a0c:5c81:5142::2
35.178.57.200
45.133.44.3
51.83.220.94
62.149.1.122
80.77.87.161
001d8f3840ef8189ac4c70cd8f9061c4611b0ee1ed9ef8d77a8250d76db570b9
0024e6c5180ed81c0136128403615c311a7d088323cb8bae219caae5256f943e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
0662c1d714b723d6693cb307b9356304df02b53b1c64a31b96b3c8469db020ae
06e7b97c1c154ce71ca89290432898cbc63917f515abf005313d02b3c08fe783
0abecb0e7a794cb9736fdcf0290502d583b1b1f9c9727bcf3105732c1afcd0a6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
162c461afdc95491daf25023fe0812970d0026315287849445593a3b72cfa4a3
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
183eec0fc2a9814e980daea8cbe5315060f9bc8793d3ad36a5cc88b5dcf7b6a8
1c0f42c60ffb89e2bbdf8ddbb3a792e0ba6cd3b15692a71c0ebf4b261ae4455e
1f3ca1b57ab4d820445437676ca6f2e17b2e19dab13a5d590b481a6f9ac82820
25c2d66a858e4edfd21d500c3ac8ecf9188e066aac333a938d81e2be72e884e1
25d9ad1f92ea26da099cf88951b17b0ff5c1aa4d43f42a81c772a6006401fc8c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2c98ed0d6605a50b5d87f61412b46595ed4ae7d1c13b8c2757c6b6d13cf94e36
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
31587668ae60de85ca0d9a3bf1a2395440df060b3746498133b218df64a107f5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35dd29f4e09c0bdd0042cfdda75652b5f1b09b0251e4356220eeee54c95d71b3
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
3ef95b0e646f1d56615990e7cffa2d7b0719ad83fc0225213c6ce92cc3baabed
41ae8c8dba72eb8ef03025200eedb87c663abf0dea954752f06076d4f2004e95
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
46e3f4241f73a697759bc30ce5b177e14ce01ef75cbf4c38a2947414d9fddd6a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d605849b13e4481108ede018c55cf8e76b686b56a5488c9481103d54c4e59f4
4fc2e332e1afc0088dcdb2b21e289698611cc66f77dd023d7cc2510e6e119fe5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56d09aa5a61749d014411c1292621e2654701c52f3699b6ea2ebc9a92ffe2d4b
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
5927ee37f74d47a0524f67697afb94f4400b89774361af47eefb2be11947ab98
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
597daab5972873ee5a8c46171115b4ee3404e525d6fae13d6bbf31d38328012d
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63267d60a7f073e7a0636e9da5efa125c9dc15853442fdeaba8f54abb925eb6f
67466685b72195c7eab43d096fecd72f5855ceef51477f029e88306f8743e430
67d11426ac28cf74cc9b8da2c7fff4e7c3f0784186931f65eacbc4a133e8cb1e
67f1b254d0db2b74059a5094c9f042092cb45704d47268908c7f8474cb2c34bf
6ac5f55fb4b619462667194c03ed545e1cb34996a7848d389781de1ef3682513
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
70258519e453e4ccc71b84b15fe36fd091d6862cd4db44fbeab0605c41b2c890
743e18d73aa1ebfbf0d0ddb4cc513de8ba5eff4d25276df115d4976d1c7d2f88
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
7a0155f44c113e231cc4d530c71b847f41df8740805d4bf605952df7e03fd419
7f4ac58cf98f42cdbb8459f9ff69b60c986bc9685093de2a41cacf23cc2191eb
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
8206637f580f211b711d77f8f34a290a215ee805c0cf56dafc5b916cf916ebed
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8512b225c61582ae6f1f22ee7b4ec772327099061f16bbafde82e2e6f6e3baa0
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
87f7786997603d532cdbd960b98952581fa0bfb907ca21d24c8ecc50272d5753
895d2c1ad53533ec3c73d8dd128a7e3ccf41e0a50e8bc3d35577122e636fbef8
8a7c9bfff36e87bb68180c0885df81fe1ef167d5b6b484c740bac894fa4ac064
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8c2c16e86e250ce9ee0cd822ddbf18e935b0d1a3735cc64334f67d22dd482707
8e23566b70f0663a78a9f35790f8016ab84ddc80cd1702c7eaf50a94149c6e41
93a690815f85836971762e4c78ef87c704992d0559db4114f04089504fab7288
95cd109cfabadd98a288e292222a4d89b13c803f9d859ab03d3cb0346c3a2600
97216833c4b179d99561e8d7690aca967286ef9e6c61180b9d1a2fbd24ef8d7e
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9df411a0d8b3689834cc91c8fd272f81dfe94cc9af2dc7c22c37814b0c50667c
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a088376bd6de98cab3d09f19493c720e44bcebd0b0d169037d726ff801531f20
a2179ad7ea3d46bcbb02f1cc6d31b9f82ad9ed0f4bb62a329b29f9588719eecd
a2af799b642bf2874c60a83411aae8de4768d46d9c150499040a7e93ac8007f2
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a72d9c1ac0eb3e6c0be0039872c504d5d13090ad50e1ea73e6b0497453799577
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acdc48e2c6ddd6b4c3e59bfeab8c7985fc2b343b678df4db6a8e26a6331c066a
aead53d4c423ba91075481163b63e9e72ce556a645f662687335ecec5011a2fc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35cbb95efea242406e6b0b6c23c9c55dcca2fad6ab1023ebb87811dadc7b008
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c09767a91a947340cf78d655cb6eedf27d7345ee509b328bf4920c8031d086cd
c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f
c8dca2ede7979878f459d82486f2a0e6a7b4504e9655f1fad4abefacfdcff544
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cee3310d05e8a2fc36f027fee3312d63e45c4ae3c93ccb5b9b44424d14b5d644
cf22c69108fa9d393a5993e5c89193a16c2624cbc7690a9627c6ff46af70215f
cf7a77a1803d74504aaccbd0fa0f0ee9000dbd6dba6fd004d402ee3a90d20b51
d0d3f06cffaf76db2a0e802bd907f02c6d80d529065a35a10f4c2782ca731c16
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
d4f2bd4a1785ff1cdf1ba0c17062f5763bb996c94636dd818c21a0a80274214e
d5bb37ee51e400498efb05ae4741cd1edac880e523af7db135c79e096e64ff90
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
d8730c58e317288198539343a002e4a4561c1fe389100bacd1c02a95461b0020
ddf8cc0fb3bc0fd3fcd741c986e1f21cf62fa17ef8bcab6de1fc8a9852cca50c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2e9d2ea04dae4e5e70c5df96d6e2879be526c3e00f4a89cf4100fdd67537958
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e575ebbd5324b0ccde23c13abc7d251fb6187281aab88e53549437d56cb4e33c
e647a5ebad7b62d67fb9823cea2c16cd2862f6a658e8211236f8a3ffbae2695f
e8c8df951027f44a987611e42f1b5bea45b278d09971f9e10da9b463ae300d67
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7
ea69d68d743b0eadd9ed3e31518650f86d7b6719e53cf49c8816e002ba5f7109
ed5b69df7a0cedfa6fd778dc7775c817cad31c7a264751856a28515e0fcb63a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef67d947b37cfe4ee4400ca823b85690e100cf4b8dad240fd33626e914acbc6c
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f0534aa23fa9d14f16432b0260576c85039be4ec262ae6e682b9a3bdd568fd6f
f2b87472175a73c2455627f81b4e86c38c9663a298a6ab52806b5ce49a6004ac
f352791f037cdd8a2bbb5bd4fc839a2d90c329de393917d66f17bbd56e1094fb
f3db16e79c3c24f84efe81d36d0b69bd2458cd4c6fb7eb011b50055a4f82d208
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6037740b92ea3788fe4de6edaab4a6b70bc0ff2ba6e3bb5da717fa2d8cf8f18
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.ukr.net Open in urlscan Pro 104.18.8.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

213 Requests

95 %HTTPS

48 %IPv6

34 Domains

57 Subdomains

50 IPs

10 Countries

2758 kBTransfer

7121 kBSize

40 Cookies

308 Outgoing links

Page URL History

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ukr.net Open in urlscan Pro
104.18.8.128 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

95 %
HTTPS

48 %
IPv6

34
Domains

57
Subdomains

50
IPs

10
Countries

2758 kB
Transfer

7121 kB
Size

40
Cookies

213 HTTP transactions
9 data transactions