sinoptik.ua Open in urlscan Pro
212.42.76.150 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sinoptik.ua/
Submission Tags: falconsandbox
Submission: On May 05 via api (May 5th 2023, 12:34:46 pm UTC) from US — Scanned from DE

Summary HTTP 163 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 24 domains to perform 163 HTTP transactions. The main IP is 212.42.76.150, located in Ukraine and belongs to UKRNET Kiev, Ukraine, UA. The main domain is sinoptik.ua. The Cisco Umbrella rank of the primary domain is 131573.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 23rd 2022. Valid for: a year.

This is the only time sinoptik.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	212.42.76.150 212.42.76.150	8856 (UKRNET Kiev) (UKRNET Kiev)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	212.42.73.60 212.42.73.60	8856 (UKRNET Kiev) (UKRNET Kiev)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	212.42.82.26 212.42.82.26	8856 (UKRNET Kiev) (UKRNET Kiev)
4	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1 2	185.239.172.77 185.239.172.77	55081 (24SHELLS) (24SHELLS)
1	209.191.163.208 209.191.163.208	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
163	35

33 212.42.76.150 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com

sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sinst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

counter.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.fghtem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.42.82.26 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-26.fwdcdn.com

target.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0c:5c81:5142::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.239.172.77 (United Kingdom) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137	541 KB
31	fwdcdn.com sinst.fwdcdn.com — Cisco Umbrella Rank: 358305	156 KB
16	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 74 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 352	292 KB
11	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 6645 ghb.adtelligent.com — Cisco Umbrella Rank: 6166 sync.adtelligent.com — Cisco Umbrella Rank: 5367	196 KB
10	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com	205 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 292	315 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	196 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	1 KB
4	ukr.net counter.ukr.net — Cisco Umbrella Rank: 205333 target.ukr.net — Cisco Umbrella Rank: 365652	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 420 mug.criteo.com — Cisco Umbrella Rank: 2760	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	205 KB
2	zmctrack.net m.zmctrack.net — Cisco Umbrella Rank: 672986	4 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6386 adservice.google.de — Cisco Umbrella Rank: 9108	939 B
2	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 225698	24 KB
2	sinoptik.ua sinoptik.ua — Cisco Umbrella Rank: 131573	50 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 650	13 KB
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 60134	351 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 608	277 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 28362	258 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	975 B
1	fghtem.com img.fghtem.com — Cisco Umbrella Rank: 427711	67 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 945	601 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 646615	170 B
163	24

	Domain	Requested by
31	sinst.fwdcdn.com	sinoptik.ua sinst.fwdcdn.com
27	pagead2.googlesyndication.com	sinoptik.ua pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
24	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com s0.2mdn.net
9	s0.2mdn.net	sinoptik.ua s0.2mdn.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	sinoptik.ua securepubads.g.doubleclick.net
5	player.adtelligent.com	sinoptik.ua player.adtelligent.com
4	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
4	ghb.adtelligent.com	player.adtelligent.com
3	5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com	1 redirects sinoptik.ua tpc.googlesyndication.com
3	counter.ukr.net	sinoptik.ua counter.ukr.net
3	www.googletagmanager.com	sinoptik.ua www.googletagmanager.com
2	googleads4.g.doubleclick.net	sinoptik.ua
2	gum.criteo.com	1 redirects static.criteo.net
2	sync.adtelligent.com	1 redirects
2	www.gstatic.com	googleads.g.doubleclick.net 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
2	m.zmctrack.net	sinoptik.ua
2	s.znctrack.net	sinoptik.ua
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sinoptik.ua	sinst.fwdcdn.com
1	mug.criteo.com
1	encrypted-tbn0.gstatic.com	5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	t.trafmag.com
1	ap.lijit.com
1	a4p.adpartner.pro	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	img.fghtem.com	sinoptik.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	loadercdn.net	sinoptik.ua
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	sinoptik.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	target.ukr.net	sinoptik.ua
1	region1.google-analytics.com	www.googletagmanager.com
163	41

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua

Subject Issuer	Validity	Valid
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
player.adtelligent.com R3	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.ukr.net Thawte TLS RSA CA G1	`2023-04-29` - `2024-03-29`	a year	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-31` - `2023-09-05`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-04-02` - `2023-07-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
loadercdn.net R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
m.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-10-22` - `2023-10-26`	a year	crt.sh
img.fghtem.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-23` - `2023-10-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://sinoptik.ua/
Frame ID: 87FECBE98B0589808584C036D2A72F7E
Requests: 75 HTTP requests in this frame

Frame: data://truncated
Frame ID: C2D3A449FB155C2ED523080EA1E0AC4F
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 914EA26CE373029BD9F0B1260B6E4E00
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Frame ID: A061E30DAB10B8511EBC39EE5B997E13
Requests: 1 HTTP requests in this frame

Frame: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BE6EA2FC378A765F49061CED5B1E91A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=3728776837&adk=584908562&adf=3972034250&pi=t.ma~as.3728776837&w=300&lmt=1683290079&format=300x250&url=https%3A%2F%2Fsinoptik.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079558&bpp=3&bdt=229&idt=218&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&correlator=6772740547484&frm=20&pv=2&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SGHCyo3Kt1&p=https%3A//sinoptik.ua&dtd=233
Frame ID: B336864FF5D6A0EDA574DFF7068DCE38
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=2252068957&adk=2700207666&adf=35781323&pi=t.ma~as.2252068957&w=300&lmt=1683290079&format=300x250&url=https%3A%2F%2Fsinoptik.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079561&bpp=1&bdt=232&idt=236&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6772740547484&frm=20&pv=1&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=656&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pceWvWRDaa&p=https%3A//sinoptik.ua&dtd=240
Frame ID: 7D260F1DCACC0E179B6EA806CAEFF75F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&adk=1812271804&adf=3025194257&lmt=1683290079&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fsinoptik.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079574&bpp=2&bdt=246&idt=232&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=6772740547484&frm=20&pv=1&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=245
Frame ID: 6F148FCBE97EDC4B898ADCBB2C5C0B9E
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 5D805C8B541B60DA5E0F50565B394277
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 73BA4775565CAF2AEC9504DA05D9BC87
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: 0537103ECE5F489CB66088452201BA88
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: BD33D1BE184F8D1386D82ED1E469E15C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6FACC46AAF41115375FA1B80970B460B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58175607CF8E09A8F2AA8555C578E9BD
Requests: 2 HTTP requests in this frame

Frame: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 114226348B31137BDB7B9EEC051D7B7D
Requests: 15 HTTP requests in this frame

Frame: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 01C32C3E92E08189CB27CE641A7627F3
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNVITwjVYsQCS7tA4BHGqBpy35z0YDhvqAIxouWpuBol9lypE1N7ftXiZd1TPba5hnjcF-5TkeP3NKN_71aZy_oS7l_yGg
Frame ID: D1B53ED159FEEF3386990594D0A26C71
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sinoptik.ua
Frame ID: 9EAECE19E27950F6F3C3A79EF1DB47FB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: C55F048CADF6EDD73E223963E58C2860
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B40E2BBB9BD2E251496E9B8B60F06E9E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250
Frame ID: D935E7288CD9B46666865447F7B689E3
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: E9A213F030C46FCB1B4289FCE570D93F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: A87A2FB86C9C537DF860C52C2F12773F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SINOPTIK: Погода в Украине, подробный прогноз погоды на неделю. Погода сегодня, завтра в Украине и Мире.

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

163
Requests

98 %
HTTPS

69 %
IPv6

24
Domains

41
Subdomains

35
IPs

7
Countries

2232 kB
Transfer

5403 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ua.sinoptik.ua/
Title: українською

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 97

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f0752c85-8081-40b0-b5aa-4b0da29480f2

Request Chain 99

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=76a36089398e5ad6

Request Chain 118

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODKhYSSuwEQ0A8Y9AMyCFYvOuICzsrm HTTP 301
https://tpc.googlesyndication.com/simgad/13745382521274903895

Request Chain 132

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sinoptik.ua&sn=ChromeSyncframe&so=0&topUrl=sinoptik.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=D4NQFHxpMENFSUxzTmJZRFhPZjRhd0JqNGg5dzIrOVlzdXZHcXJQSFU3VFU0WHQwNWhlN09GMStvSDJta2pBZkk2VGlMNXBTcjdwcnA4RnJwbDdibDlseHNvQmJha2FHVzdFWUxMeXZ6cTB0QmhTZUFua3NWamZWSVJGUUhMTDFkWFJCSkpiL2FpZldLd3Z6OHpXT1luM3ZUaXZxVUFIQzBaQ2VOd1krUW5HSDJQSTQ2L2p1anBaTnVseUlyMzNTN281RlBheXJSVTlxYmM4Z1NyWGVESXZpVERRb1lVRTdKRVlJK3FUMDFUMXRKQmhzMDhsRUVneElRa2k1d3ZtaExhSWhCT0dDWlJZRXl3K0ROQVZ2a2ovaWc2Zz09fA&cppv=2

163 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sinoptik.ua/ 49 KB
49 KB 40ms
7ms Document
text/html 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://sinoptik.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv150.fwdcdn.com

Software

nginx /

Resource Hash

eb16d74261529a41fd94f29c9306e27eb3a7506eb5b4b2de994a16a541ff7df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Fri, 05 May 2023 12:34:39 GMT
etag: "7d842f10418b0c08419cccd28be26d5f"
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
x-server-by: sinfe1

GET
H2 200 main.min.css
sinst.fwdcdn.com/css/1346132/ 69 KB
21 KB 23ms
9ms Stylesheet
text/css 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: abeb8fc0556bbe03490f9ac5214b26b27305f16f2dff8a4074c58ca1b059d643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Fri, 05 May 2023 12:34:06 GMT
server: nginx
etag: W/"6454f7be-115ff"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 42ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5903420-6

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbd6bac37b375f53b9909afbbf6a14382c4074b1e8887f22c3ac41f2b5f0bd11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45874
x-xss-protection: 0
last-modified: Fri, 05 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 May 2023 12:34:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 27ms
23ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TPZ50996TL

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45a78ae4f62e0b949026a3880697e35e11b838d5804814ea7086a32d3201a33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 12:34:39 GMT

GET
H2 200 sinoptic-logo.png
sinst.fwdcdn.com/img/newImg/ 3 KB
3 KB 12ms
11ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/sinoptic-logo.png
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 40b29fa3a12d5552c2c97e58385dd8c17a4843c39799714b0d841622f6bbedd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:35:04 GMT
server: nginx
etag: "5448d9d8-ad3"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2771
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 d300.gif
sinst.fwdcdn.com/img/weatherImg/m/ 1 KB
1 KB 9ms
8ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/m/d300.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 3ed0b7fb73bed2cd4327b8755d6c3423db770ff341694760240c80625b412d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:26 GMT
server: nginx
etag: "5448d93a-4e3"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1251
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 d430.gif
sinst.fwdcdn.com/img/weatherImg/m/ 1 KB
1 KB 9ms
7ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/m/d430.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 660253aea63e4315b84053260140fb0cd6ca9f59fe9e039ac5d38445e7e43143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:26 GMT
server: nginx
etag: "5448d93a-47b"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1147
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 d400.gif
sinst.fwdcdn.com/img/weatherImg/m/ 1012 B
1 KB 9ms
7ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/m/d400.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c03801adac8544f55f3029416a051dae582343b18a1609b3f46f08d5a7470978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:26 GMT
server: nginx
etag: "5448d93a-3f4"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1012
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 d100.gif
sinst.fwdcdn.com/img/weatherImg/m/ 935 B
1 KB 9ms
7ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/m/d100.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 124a4b89d27e635e5cf07e093a49e6a84f55f2bf679323f3cffac1619fb8e46c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:26 GMT
server: nginx
etag: "5448d93a-3a7"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 935
expires: Sat, 04 May 2024 12:34:39 GMT

GET
DATA 200
OK truncated
/ Frame C2D3 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 d420.gif
sinst.fwdcdn.com/img/weatherImg/m/ 1 KB
1 KB 8ms
8ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/m/d420.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: e6b86591b160bb0fa78e6b501b05bf34e0adb2526fe4e3aebd947c26ca1171e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:26 GMT
server: nginx
etag: "5448d93a-46a"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1130
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 d410.gif
sinst.fwdcdn.com/img/weatherImg/m/ 1 KB
1 KB 8ms
8ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/m/d410.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 6c50ecf94fd4d9e84de189e78eb8ecfa9092de49c178d0d2c0768ff68221fcdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:26 GMT
server: nginx
etag: "5448d93a-44b"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1099
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 d400.jpg
sinst.fwdcdn.com/img/weatherImg/b/ 3 KB
3 KB 13ms
11ms Image
image/jpeg 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/b/d400.jpg
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 8dd92864f67778ac535beada858b646622eb575ac8aa7dbacb515fe52bcb8c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 02 Feb 2017 14:09:48 GMT
server: nginx
etag: "58933dac-cc8"
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3272
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 n400.gif
sinst.fwdcdn.com/img/weatherImg/s/ 718 B
926 B 12ms
7ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/s/n400.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: d35c6a69b2789a0c5d331ad6d641cfd01b67e8bf66b7b5155442cd3e89302f27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:16 GMT
server: nginx
etag: "5448d930-2ce"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 718
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 d400.gif
sinst.fwdcdn.com/img/weatherImg/s/ 408 B
617 B 8ms
7ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/s/d400.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c0f4d79ee390e9b7e1c14728ca453ebb1d5675210875a87cd74c2b2df220dd19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:16 GMT
server: nginx
etag: "5448d930-198"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 408
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 d300.gif
sinst.fwdcdn.com/img/weatherImg/s/ 507 B
716 B 9ms
8ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/s/d300.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 1c968c90010ddaaa9de1653a2795746f0134a26bd416558d1080d5cb42f21fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:16 GMT
server: nginx
etag: "5448d930-1fb"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 507
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
46 KB 123ms
89ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259ddcf9b6b53cc2930a6ed4b4303f61e55ddcb4b476ec4c032f77e012dc2fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47138
x-xss-protection: 0
server: cafe
etag: 12436660735612981349
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:39 GMT

GET
H2 200 t.gif
sinst.fwdcdn.com/img/ 43 B
250 B 9ms
8ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/t.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:32:30 GMT
server: nginx
etag: "5448d93e-2b"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 43
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 foreca_logo.png
sinst.fwdcdn.com/img/partners/ 666 B
875 B 9ms
8ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/partners/foreca_logo.png
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: cf64b0ee8863e8bb25abefbaf6ae8d7c31f30086fbe11525fea2ac465c388988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:35:00 GMT
server: nginx
etag: "5448d9d4-29a"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 666
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 advertisment.js Show response
sinst.fwdcdn.com/js/1/ 37 B
254 B 7ms
7ms Script
application/x-javascript 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/js/1/advertisment.js
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 82fd9708081911e4116298b429f846f69f117bf6d11b328a81284b545a05b629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Tue, 13 Dec 2016 14:57:22 GMT
server: nginx
etag: "58500c52-25"
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 37
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 lang_ua.js Show response
sinst.fwdcdn.com/js/8/ 4 KB
2 KB 11ms
6ms Script
application/x-javascript 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/js/8/lang_ua.js
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 9f0ec009e4540b54edcc5a9effb9e0568f6ead153cc256fd1105409fe60fa316

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Wed, 13 Dec 2017 10:57:58 GMT
server: nginx
etag: W/"5a3107b6-11d1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 jquery-1.10.0.min.js Show response
sinst.fwdcdn.com/js/1/ 91 KB
32 KB 15ms
11ms Script
application/x-javascript 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/js/1/jquery-1.10.0.min.js
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:35:18 GMT
server: nginx
etag: W/"5448d9e6-16b62"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 ac.js Show response
sinst.fwdcdn.com/js/12/ 14 KB
4 KB 16ms
12ms Script
application/x-javascript 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/js/12/ac.js
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 39f3bd8ddf97088d2c78eb307fbe1c9442d58cf84e1e3b6f946784ee01c141a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Tue, 12 May 2015 12:18:38 GMT
server: nginx
etag: W/"5551ef9e-392c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 jquery.utils.js Show response
sinst.fwdcdn.com/js/2/ 39 KB
12 KB 16ms
12ms Script
application/x-javascript 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/js/2/jquery.utils.js
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 0fa778efead619f143d361dad420f4ab4cd9f683dc2c52a60715985c3b3347e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:35:18 GMT
server: nginx
etag: W/"5448d9e6-9b34"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 common.min.js Show response
sinst.fwdcdn.com/js/13/ 34 KB
11 KB 17ms
13ms Script
application/x-javascript 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/js/13/common.min.js
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 693161e796920145be0e2531bda2cfb207f786ee9ba4691ef51d5a225f975a29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Thu, 03 Jun 2021 11:00:59 GMT
server: nginx
etag: W/"60b8b66b-86c2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 hb_299755_4945.js Show response
player.adtelligent.com/prebidlink/467580/ 912 B
774 B 47ms
9ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/467580/hb_299755_4945.js
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4900033ba306f754fc5fe897632c7a119d7df6d93537f9e53395a11957f03ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Sun, 07 May 2023 12:34:39 GMT
date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
last-modified: Fri, 28 Apr 2023 13:33:57 GMT
server: nginx
etag: W/"644bcb45-390"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
25 KB 148ms
91ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ac19d2a9e5a5b724ea79be242dcb93d0bda59807fa9ae67c758da1ae1c77ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24733
x-xss-protection: 0
server: cafe
etag: 90 / 19482 / m202305010101 / config-hash: 10721095674090082914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:39 GMT

GET
H2 200 wrapper_hb_299755_4945.js Show response
player.adtelligent.com/prebidlink/467580/ 2 KB
1 KB 38ms
9ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/467580/wrapper_hb_299755_4945.js
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 432135d2879d4e465fead6d240c5199db9a345e4afbc95c430fb0e0159207dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Sun, 07 May 2023 12:34:39 GMT
date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
last-modified: Fri, 28 Apr 2023 13:33:57 GMT
server: nginx
etag: W/"644bcb45-6f6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 t.gif
sinst.fwdcdn.com/img/newImg/ 43 B
250 B 9ms
7ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/t.gif
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:35:04 GMT
server: nginx
etag: "5448d9d8-2b"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 43
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 buttonSearch.png
sinst.fwdcdn.com/img/newImg/ 767 B
977 B 13ms
11ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/buttonSearch.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 3f2213c55a0abeb39a530f9a8bba7fda2d55d579e453887e6b883ded90c11ec1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 14 May 2015 13:56:08 GMT
server: nginx
etag: "5554a978-2ff"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 767
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 spr4.png
sinst.fwdcdn.com/img/newImg/ 3 KB
3 KB 11ms
9ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/spr4.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: b3285ef6e9b0591fad2325ef1e32dbd73b141cfb62eb8cfc6088e71609747773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Fri, 08 May 2015 08:52:20 GMT
server: nginx
etag: "554c7944-ae6"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2790
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 tabBg2.png
sinst.fwdcdn.com/img/newImg/ 2 KB
2 KB 11ms
8ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/tabBg2.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: f67e4f110b9daeb25e0698504f69d6316986eeac966fdbf4f43e93e977637da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:35:04 GMT
server: nginx
etag: "5448d9d8-65c"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1628
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 s2-m.png
sinst.fwdcdn.com/img/weatherImg/ 20 KB
20 KB 9ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/s2-m.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 6ad75ab7fe8b62e7f1bc26943f0e917cfac6a401c90a9dc74851547fee06b4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Fri, 08 May 2015 08:52:20 GMT
server: nginx
etag: "554c7944-4ffd"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 20477
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 tabBodyBg.png
sinst.fwdcdn.com/img/newImg/ 120 B
328 B 9ms
6ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/tabBodyBg.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 8148a3c2684cd7dcc6d4fa3fa7d2d69ad3dca1bdc42a267a997dfdc4e1cb2a48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:35:04 GMT
server: nginx
etag: "5448d9d8-78"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 120
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 s2-s.png
sinst.fwdcdn.com/img/weatherImg/ 11 KB
11 KB 10ms
8ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/s2-s.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 1a0dbcb0ab08e9733dca1afd11096a66e52af0ec2dc481c4a9b0923e5aa1ca38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Fri, 08 May 2015 08:52:20 GMT
server: nginx
etag: "554c7944-2d14"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 11540
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 s2-s2.png
sinst.fwdcdn.com/img/weatherImg/ 11 KB
12 KB 14ms
12ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/weatherImg/s2-s2.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 3d16aa8a4f0018441fe34826f5794616fa32c14cb89c6cd46baf4b6fdc7c6aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Fri, 08 May 2015 08:52:20 GMT
server: nginx
etag: "554c7944-2db7"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 11703
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 spr1_1.png
sinst.fwdcdn.com/img/newImg/ 4 KB
4 KB 10ms
8ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/spr1_1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 5e8f8658a79839bee68bc09fa15ce2c283ae2e6709a13e83d2fc1085f1194fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 23 Oct 2014 10:35:04 GMT
server: nginx
etag: "5448d9d8-f6f"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3951
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 bg-flip.png
sinst.fwdcdn.com/img/newImg/ 202 B
410 B 14ms
12ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/bg-flip.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: ab32fc2c865d1767bf0f8570534750c9985aeb06fbbbfd732d89bceecc200a54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Fri, 19 Feb 2016 14:21:50 GMT
server: nginx
etag: "56c724fe-ca"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 202
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H2 200 treasures.png
sinst.fwdcdn.com/img/newImg/ 2 KB
2 KB 13ms
10ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/newImg/treasures.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/1346132/main.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 5121d0698729a06052458d04cbdc5cba98811c2272f699f0b73c18cb6cf2a4be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/1346132/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
x-server-by: sinfe3
last-modified: Thu, 04 Feb 2016 08:24:16 GMT
server: nginx
etag: "56b30ab0-7fd"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2045
expires: Sat, 04 May 2024 12:34:39 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/aid/sinoptik/ 341 B
731 B 42ms
7ms Script
application/octet-stream 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/aid/sinoptik/cnt.php?data=102950159,1860,75&rand=0.13759725707261072&r=&p=https%3A//sinoptik.ua/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4a5ecc9938d55ea8cefea6f7e27a59290d98aa7d57e8d845a4704079c53c1ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 12:34:39 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Fri, 05 May 2023 12:34:38 GMT

GET
H/1.1 200
OK cnt.php
counter.ukr.net/weather/ 1 B
415 B 42ms
8ms Image
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.ukr.net/weather/cnt.php?data=102950159,1860,75&rand=0.2821279973005477&r=&p=https%3A//sinoptik.ua/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 12:34:39 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Fri, 05 May 2023 12:34:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 10:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 7135
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 05 May 2023 12:35:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TPZ50996TL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7fbe9d4809b2a32c25ea493702105497a626c3ba3363d54260522cf88cfc877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81882
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 12:34:39 GMT

GET
H2 200 hbp_master_299755_4945.js Show response
player.adtelligent.com/prebidlink/467580/ 486 KB
153 KB 13ms
13ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/467580/hbp_master_299755_4945.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/467580/hb_299755_4945.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 58a44e856d54c70da11e47fef5c0538ade8a3339d254916cc8c17ec8e832b952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Sun, 07 May 2023 12:34:39 GMT
date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 17:10:46 GMT
server: nginx
etag: W/"64480996-79870"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 hbw_master_299755_4945.js Show response
player.adtelligent.com/prebidlink/x467580/ 115 KB
35 KB 26ms
26ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/x467580/hbw_master_299755_4945.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/467580/wrapper_hb_299755_4945.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d13bf5ebdf1a0dce06bbdaa65104729688996aa18031039950fd66e209f7d0e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Sun, 07 May 2023 12:34:39 GMT
date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
last-modified: Fri, 28 Apr 2023 13:33:57 GMT
server: nginx
etag: W/"644bcb45-1ca6f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 45ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TPZ50996TL&gtm=45je3530&_p=216302467&cid=194539123.1683290079&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683290079&sct=1&seg=0&dl=https%3A%2F%2Fsinoptik.ua%2F&dt=SINOPTIK%3A%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%2C%20%D0%BF%D0%BE%D0%B4%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B9%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E.%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D0%B8%20%D0%9C%D0%B8%D1%80%D0%B5.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TPZ50996TL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sinoptik.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajax.php Show response
sinoptik.ua/ 210 B
682 B 10ms
10ms XHR
application/json 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://sinoptik.ua/ajax.php?events=GetOperaGA,GetLastCities&id=102950159

Requested by

Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/js/1/jquery-1.10.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv150.fwdcdn.com

Software

nginx /

Resource Hash

ca0031dfece53f5cdd9f80d939a534d726e2779ebb393536908679eb68033ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sinoptik.ua/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-server-by: sinfe1
last-modified: Fri, 05 May 2023 12:34:th GMT
server: nginx
content-type: application/json
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame 914E 51 KB
24 KB 156ms
70ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3979f179c73b9f17e21ce8fa05b5c8173c154161eacf3b7e8efd26c5ce64770

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23714
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/advert/adv/sinoptik/ 1 B
415 B 24ms
7ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/advert/adv/sinoptik/cnt.php?data=102950159,1860,75&rand=0.13759725707261072&r=&p=https%3A//sinoptik.ua/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: counter.ukr.net
URL: https://counter.ukr.net/aid/sinoptik/cnt.php?data=102950159,1860,75&rand=0.13759725707261072&r=&p=https%3A//sinoptik.ua/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 12:34:39 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Fri, 05 May 2023 12:34:38 GMT

GET
H/1.1 200
OK /
target.ukr.net/ 0
0 51ms
15ms Image
application/json 212.42.82.26
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.ukr.net/?set=YGZoZGVnbGBlZGBs
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.42.82.26 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-26.fwdcdn.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=216302467&t=pageview&_s=1&dl=https%3A%2F%2Fsinoptik.ua%2F&ul=en-us&de=UTF-8&dt=SINOPTIK%3A%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%2C%20%D0%BF%D0%BE%D0%B4%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B9%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E.%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%D0%B8%20%D0%9C%D0%B8%D1%80%D0%B5.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=568292513&gjid=728960400&cid=194539123.1683290079&tid=UA-5903420-6&_gid=1322092280.1683290080&_r=1&gtm=457e3530&jsscut=1&z=1248443396

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sinoptik.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sinoptik.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 148 B
415 B 180ms
17ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x467580/hbw_master_299755_4945.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d4b47771b42936b8d1fa4da60b4776137b30c02a87dc2ce3dd6554a2e549f36b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 12:34:38 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://sinoptik.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 148

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
428 B 181ms
18ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=299755&site_id=4945&full_page_url=https%3A%2F%2Fsinoptik.ua%2F&adid=ajg9wy.2o&features=81952&vpbv=N135&lifecycle_tte=260
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x467580/hbw_master_299755_4945.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 12:34:38 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://sinoptik.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/ 354 KB
119 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=sinoptik.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

288b11bba514b961dfead849f1bf5376581f0e6b0bf56797e90c6e8b409f454e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122106
x-xss-protection: 0
server: cafe
etag: 4125209129817357271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/ Frame A061 10 KB
5 KB 39ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 11:35:42 GMT
etag: 15057649708203361565
expires: Fri, 19 May 2023 11:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/ 401 KB
124 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

282b1607a57a6bef203e6016dc849f5162dd0ceae9d12296d476344afefffe41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2991
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126853
x-xss-protection: 0
server: cafe
etag: 4617370205818610952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 04 May 2024 11:44:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 304 B
159 B 59ms
42ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sinoptik.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7673290475ab7f8f26b5c3698ca28ebc0eb20d5b5cb60f25b9fc501dd4acdf42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-xss-protection: 0
expires: Fri, 05 May 2023 12:34:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5903420-6&cid=194539123.1683290079&jid=568292513&gjid=728960400&_gid=1322092280.1683290080&_u=YADAAUAAAAAAACAAI~&z=1462299066

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sinoptik.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 May 2023 12:34:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sinoptik.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/299738/ 6 KB
3 KB 24ms
8ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/299738/config.json?cb=https%3A%2F%2Fsinoptik.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/467580/hbp_master_299755_4945.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4649adf2250eaa577d82169cb196f96c45ea5d78e54e684d1cbfddb72202e8b5

Request headers

Referer: https://sinoptik.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sun, 07 May 2023 12:34:39 GMT
date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
last-modified: Thu, 04 May 2023 12:02:21 GMT
server: nginx
etag: W/"64539ecd-198f"
content-type: application/json
access-control-allow-origin: https://sinoptik.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 70ms
46ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5903420-6&cid=194539123.1683290079&jid=568292513&_u=YADAAUAAAAAAACAAI~&z=1259727214

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 77ms
44ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5903420-6&cid=194539123.1683290079&jid=568292513&_u=YADAAUAAAAAAACAAI~&z=1259727214

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 43ms
19ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sinoptik.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 42ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sinoptik.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 177 KB
45 KB 1062ms
1061ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4235314190007076&correlator=4069203100226162&eid=31074368%2C44752586%2C44789879&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=43356090%2Csinoptik_brend_resize%2CSinoptik.ua_Right_Top%2CSinoptik.ua_Right_Bottom%2Csinoptik.ua_abroad_300x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%7C160x600%2C300x250%7C300x400%2C300x250%2C300x600&ifi=4&adks=3775464727%2C3457840064%2C2827321409%2C50584995&didk=414839850~1396272521~636770963~3543836047&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=resorttype%3D0%26city%3D102950159%26country%3D75&sc=1&cookie_enabled=1&abxe=1&dt=1683290079754&lmt=1683290079&dlt=1683290079329&idt=326&adxs=130%2C-9%2C-9%2C994&adys=162%2C-9%2C-9%2C162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsinoptik.ua%2F&frm=20&vis=1&psz=1600x1384%7C0x-1%7C0x-1%7C300x611&msz=160x-1%7C0x-1%7C0x-1%7C300x-1&fws=0%2C2%2C2%2C0&ohw=0%2C0%2C0%2C0&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a27edec8da948c091c294c771c340d0ec6a287b013e1b117b97c66b4801cc14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46202
x-xss-protection: 0
google-lineitem-id: -1,6084158866,4844088224,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138400601276,138248639782,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sinoptik.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE6E 6 KB
3 KB 93ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:39 GMT
expires: Sat, 04 May 2024 12:34:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 /
loadercdn.net/ 0
170 B 236ms
54ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=46a0b58d1bb3e120&d=sinoptik.ua
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 12:34:39 GMT
server: openresty

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 42ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sinoptik.ua&callback=_gfp_s_&client=ca-pub-9597688850300628

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=sinoptik.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

111f07ee0b2a7c259b59a4de353a4d862dc5d4c6b623ec875a0b8722fff600e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B336 91 KB
31 KB 598ms
596ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=3728776837&adk=584908562&adf=3972034250&pi=t.ma~as.3728776837&w=300&lmt=1683290079&format=300x250&url=https%3A%2F%2Fsinoptik.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079558&bpp=3&bdt=229&idt=218&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&correlator=6772740547484&frm=20&pv=2&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SGHCyo3Kt1&p=https%3A//sinoptik.ua&dtd=233

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30358bf10bc3867eb5d36b6bf7926a227ebc04c40e2721dae230b4a92ca3db8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:40 GMT
expires: Fri, 05 May 2023 12:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 z Show response
m.zmctrack.net/ 2 KB
2 KB 130ms
36ms XHR
application/json' 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.zmctrack.net/z?5
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 6c98e9e44629ce300832cebaa0fb6bcbb009fc6197eeaaa7965754ca5da92c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:39 GMT
last-modified: Mon, 28 Oct 2019 14:18:57 GMT
server: openresty
etag: "5db6f8d1-7f6"
content-type: application/json'
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2038

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D26 63 KB
26 KB 569ms
568ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=2252068957&adk=2700207666&adf=35781323&pi=t.ma~as.2252068957&w=300&lmt=1683290079&format=300x250&url=https%3A%2F%2Fsinoptik.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079561&bpp=1&bdt=232&idt=236&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6772740547484&frm=20&pv=1&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=656&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pceWvWRDaa&p=https%3A//sinoptik.ua&dtd=240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6c8d6d25c0e20f83babd84d4ae4d47c41da3ea7b2fdc9dc8bdeac01f26986b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:40 GMT
expires: Fri, 05 May 2023 12:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F14 0
19 B 18ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&adk=1812271804&adf=3025194257&lmt=1683290079&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fsinoptik.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079574&bpp=2&bdt=246&idt=232&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=6772740547484&frm=20&pv=1&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:39 GMT
expires: Fri, 05 May 2023 12:34:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 z Show response
s.znctrack.net/ Frame 5D80 102 B
448 B 36ms
36ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 70aef82d9018b05f27d1117ca69adb08d677316b6cf106ab780d368768a1c560

Request headers

Content-language: eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://sinoptik.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 204 m.gif
img.fghtem.com/640/4b0/2a4d2a826df99ec9/asui.nkoipt/mokscreen/ 0
67 B 135ms
36ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fghtem.com/640/4b0/2a4d2a826df99ec9/asui.nkoipt/mokscreen/m.gif
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 12:34:40 GMT
server: openresty

GET
H2 200 2942083325299824823
tpc.googlesyndication.com/simgad/ Frame 7D26 52 KB
52 KB 59ms
19ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2942083325299824823?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmEJ92OoC_sMTKZbS9Ku16gVUw3bQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=2252068957&adk=2700207666&adf=35781323&pi=t.ma~as.2252068957&w=300&lmt=1683290079&format=300x250&url=https%3A%2F%2Fsinoptik.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079561&bpp=1&bdt=232&idt=236&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6772740547484&frm=20&pv=1&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=656&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pceWvWRDaa&p=https%3A//sinoptik.ua&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d129fec4a2ac1ed561470e4da91be910ae593d5d0b85c26afa3f1d62ae1ca2fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 08:08:21 GMT
x-content-type-options: nosniff
age: 102379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53121
x-xss-protection: 0
last-modified: Thu, 04 May 2023 07:48:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 May 2024 08:08:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 7D26 22 KB
9 KB 50ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 7D26 3 KB
1 KB 51ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 06:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 06:02:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 7D26 19 KB
8 KB 50ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D26 160 KB
49 KB 90ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:40 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 7D26 32 KB
13 KB 60ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

497e63a5579fcb89c02b41883243a33a50b3a21a21c9d30425d1ea925c7b5a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13048
x-xss-protection: 0
server: cafe
etag: 2238672519398939817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 18:00:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B336 2 KB
975 B 54ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=3728776837&adk=584908562&adf=3972034250&pi=t.ma~as.3728776837&w=300&lmt=1683290079&format=300x250&url=https%3A%2F%2Fsinoptik.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079558&bpp=3&bdt=229&idt=218&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&correlator=6772740547484&frm=20&pv=2&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SGHCyo3Kt1&p=https%3A//sinoptik.ua&dtd=233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 11:56:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 12:34:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B336 2 KB
819 B 44ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame B336 22 KB
9 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B336 3 KB
1 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 06:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 06:02:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B336 19 KB
8 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B336 160 KB
49 KB 57ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:40 GMT

GET
H2 200 edd8a89eee97155325ac5eb40edd3aca.js Show response
www.gstatic.com/mysidia/ Frame B336 32 KB
14 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B336 18 KB
18 KB 288ms
13ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSiiFUEk5guMTJGFFpADvqmTDCK4inwUTS_uXiGe0qTagHjcNZ8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

157682250a1fec82507250c865f33591364c0c08df05dd607fd7f2fba7d1bb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:40:25 GMT
x-content-type-options: nosniff
age: 71655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18103
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:16:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 03 May 2024 16:40:25 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B336 17 KB
18 KB 286ms
11ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ5w718BsEKEtvaILBfNpM-0Oc-H1VG-2SFddp_feBvRAPRjIf0bw__g3ng-Xo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d9f4d674e3ce8f17bd0a3ee37aeaa1693f208fd7e3a407ca0f6fd03a682fcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 01 May 2023 19:36:55 GMT
x-content-type-options: nosniff
age: 320265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17739
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 23:15:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 Apr 2024 19:36:55 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B336 41 KB
41 KB 42ms
9ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQOsc8B7BJlpwAmsIifqvGpPxjcTp5AsKCn4yWOFhi6UaRRHO_b&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae9d325a0914e430dadc6bdd81af6fa985a2c238dd6bcb32704b874d2a99232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 09:06:40 GMT
x-content-type-options: nosniff
age: 444480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41915
x-xss-protection: 0
last-modified: Wed, 23 May 2018 14:12:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 29 Apr 2024 09:06:40 GMT

GET
DATA 200
OK truncated
/ Frame B336 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e9ad94c7e26e62b45f48269744adda812b0441950e4ccd5b5c3b8c573b103ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 73BA 143 B
166 B 9ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=2252068957&adk=2700207666&adf=35781323&pi=t.ma~as.2252068957&w=300&lmt=1683290079&format=300x250&url=https%3A%2F%2Fsinoptik.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683290079561&bpp=1&bdt=232&idt=236&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6772740547484&frm=20&pv=1&ga_vid=194539123.1683290079&ga_sid=1683290080&ga_hid=216302467&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=656&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773810%2C44759837%2C44772269%2C44785293%2C44788441%2C44789779&oid=2&pvsid=4235314190007076&tmod=1919347585&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pceWvWRDaa&p=https%3A//sinoptik.ua&dtd=240
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:10:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7D26 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbea06c0ec76e9e4d7d1e10816b160551cdd133e93cf4d9d9f6fdd12670cdae2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 73BA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
24ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:40 GMT
expires: Fri, 05 May 2023 12:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B336 20 KB
21 KB 35ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 05:48:51 GMT
x-content-type-options: nosniff
age: 542749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 05:48:51 GMT

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0537 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 74ms
57ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a983cea20471cb2eb75807eca4a126f527f22e8191e2592584a7e7b72a7fb00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11169
x-xss-protection: 0

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BD33 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 495 B
609 B 19ms
19ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=462855
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x467580/hbw_master_299755_4945.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6fadcb157e1823c0c42256f0b27a0613163d1644d0d3d727545bed11d62a127c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 12:34:39 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://sinoptik.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 303

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f0752c85-8081-40b0-b5aa-4b0da29480f2

43 B
473 B

275ms
91ms

Image
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f0752c85-8081-40b0-b5aa-4b0da29480f2
Protocol: HTTP/1.1
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 12:34:40 GMT
Server: Adtelligent
Etag: 76a36089398e5ad6
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=f0752c85-8081-40b0-b5aa-4b0da29480f2
date: Fri, 05 May 2023 12:34:40 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 1429ms
1071ms Image
text/plain 209.191.163.208
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 05 May 2023 12:34:42 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=76a36089398e5ad6

35 B
351 B

126ms
14ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=76a36089398e5ad6
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 05 May 2023 12:34:41 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=76a36089398e5ad6
Date: Fri, 05 May 2023 12:34:40 GMT
Server: Adtelligent
Etag: 76a36089398e5ad6
Content-Length: 0

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
222 B 18ms
18ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x467580/hbw_master_299755_4945.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sinoptik.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://sinoptik.ua
Date: Fri, 05 May 2023 12:34:40 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 May 2023 12:34:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6FAC 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 09:34:35 GMT
expires: Sat, 04 May 2024 09:34:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5817 783 B
537 B 21ms
20ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9fdf3277bcd2d9343c89c9d1e4fbce8acec51b121204b564d01c934bc82e8a35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zy4XL5HF9bcqZZPHqA-9Rw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-Zy4XL5HF9bcqZZPHqA-9Rw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:40 GMT
expires: Fri, 05 May 2023 12:34:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 63ms
32ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 May 2023 12:34:40 GMT

GET
H2 200 container.html Show response
5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1142 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:39 GMT
expires: Sat, 04 May 2024 12:34:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 01C3 6 KB
3 KB 11ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:39 GMT
expires: Sat, 04 May 2024 12:34:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 1142 2 KB
765 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1142 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHTU13_dUZJLXMfP-7_UP6M244AS63PPFb9Wn94ntEJDaq8emORABINrA8ChgldqIgpgHoAGknMmlAcgBCakCuEm_tTNnsj7gAgCoAwHIA8sEqgTPAU_QiRe5GVdZG1A1TbuK0MzLUDus7YhyzEsNa8qj5OdhKaSu5tzkrNLXCVJv9vPFeJPy4KdR8wI6asNqE9px2kVsiv1_mOANL3zRPEUf8oSGn2qk0-BsoLg41DksAa70M01jkvnpPHR3b1nfz7dx0VwYtnlUaaHMKhYsvAzzdIZekg_d0s9Z_PSOXkIPhWyh-t_lHyPO5Jt1QHI3al8KKmqHw-d1IxhD5IEopWqXfh3GVCnsTxtnMgycUQiuVBSh2Ey3V7tSY-2uhtsn_x2XbMAE4t-S0okE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4f59u4DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEL69C9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgHICwHYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItNTQ0NzA3MTEwMTM2MjYyMxjCmiI&sigh=rXvlBXUp70w&uach_m=[UACH]&cid=CAQSTABygQiDAfIxenTL6HeNFaI-T2t-GcIKQcSmAVRuustm97Fz8a8UxTakPozppncsHi5TTo72jF0NcJwqYRj3z-dzP-Va6X67DsF3zRwYAQ&template_id=494
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 1142 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 1142 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 06:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 06:02:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 1142 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1142 160 KB
49 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:40 GMT

GET
H2 200 edd8a89eee97155325ac5eb40edd3aca.js Show response
www.gstatic.com/mysidia/ Frame 1142 32 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1142 17 KB
17 KB 47ms
9ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTPq8tuaQ_kc6DPIFz0w6eWjoI0ErOIYExG2sMCsCQubr5WothZCuS9xLzsdQ&usqp=CAI

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f81d880cf81c20720fe23fe635dbac0b4088ddd5dffedf3d0d6a7cb7ea6e409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:44:00 GMT
x-content-type-options: nosniff
age: 507040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16944
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 02:53:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Apr 2024 15:44:00 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1142 24 KB
24 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRt95pQs-8D0U7r-RN1AeeYSbkvefLaIjl81pfuIkprtT48IB73tL-BjZ53oG8&usqp=CAI

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdacef4ed8fb925195c9109528574b8514efbf32d935a05023e40bdb384661f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 22:04:26 GMT
x-content-type-options: nosniff
age: 225014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24174
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 12:17:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 May 2024 22:04:26 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1142 18 KB
18 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQyXdXd27UUl7Aj-4fUWTZfOImOlu8fz8JzaAWGA8tcHqzahRDNRVoe_jqVPg&usqp=CAI

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34c85cb1f1bd48e1aaa651181d998165209dd5e61bf869fceec11598b627f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 22:04:16 GMT
x-content-type-options: nosniff
age: 225024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18080
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 03:43:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 May 2024 22:04:16 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1142 21 KB
22 KB 57ms
12ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR5JR8jStqOK4HPbQCQy-TWnhxQ-zPH1nY713CZWxtz5KAbnKV3zLzugNuT-hA&usqp=CAI

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33443a6422def2e17417d1c0f5065b2c7699d4058610a759ab6ea6d423186979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 22:19:52 GMT
x-content-type-options: nosniff
age: 224088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21638
x-xss-protection: 0
last-modified: Sat, 01 Jul 2023 04:09:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 May 2024 22:19:52 GMT

GET
H3

200

13745382521274903895
tpc.googlesyndication.com/simgad/ Frame 1142
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODKhYSSuwEQ0A8Y9AMyCFYvOuICzsrm
https://tpc.googlesyndication.com/simgad/13745382521274903895

26 KB
26 KB

8ms
8ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13745382521274903895

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c67329daa9796667835497d6fb8be3da7b5f7f48db45bafe636706067e17668b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:06:35 GMT
x-content-type-options: nosniff
age: 484085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26841
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 05:33:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 22:06:35 GMT

Redirect headers

date: Fri, 05 May 2023 01:25:25 GMT
x-content-type-options: nosniff
server: cafe
age: 40155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13745382521274903895
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Jun 2023 01:25:25 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D1B5 0
20 B 51ms
48ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNVITwjVYsQCS7tA4BHGqBpy35z0YDhvqAIxouWpuBol9lypE1N7ftXiZd1TPba5hnjcF-5TkeP3NKN_71aZy_oS7l_yGg

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:40 GMT
expires: Fri, 05 May 2023 12:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 01C3 78 KB
27 KB 98ms
95ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01C3 42 B
63 B 46ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ci8jHpIeesOmrslMu1YtCu5ypCPFwywsKSF4OxuI46r80K59jsAjHLR7mklJKM14leXjqzTSVgzOEe1C1JC_cZNKmMObaQve928e0PoGFZaVEHMmA

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01C3 0
20 B 46ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17723774578799417198&x=1&ct=76

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 01C3 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 06:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 06:02:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 01C3 19 KB
8 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01C3 160 KB
49 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5817 0
0 42ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305010101&jk=4235314190007076&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 z Show response
m.zmctrack.net/ 2 KB
2 KB 39ms
39ms XHR
application/json' 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.zmctrack.net/z?5
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 6c98e9e44629ce300832cebaa0fb6bcbb009fc6197eeaaa7965754ca5da92c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:40 GMT
last-modified: Mon, 28 Oct 2019 14:18:57 GMT
server: openresty
etag: "5db6f8d1-7f6"
content-type: application/json'
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2038

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9EAE 15 KB
6 KB 58ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sinoptik.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sinoptik.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 438869
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FAC 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
DATA 200
OK truncated
/ Frame 1142 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aa83d6f71b639d2356b7967eeb4adcafa29e823d5185b2ec7f09fb7444a7294

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C55F 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9EAE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sinoptik.ua&sn=ChromeSyncframe&so=0&topUrl=sinoptik.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=D4NQFHxpMENFSUxzTmJZRFhPZjRhd0JqNGg5dzIrOVlzdXZHcXJQSFU3VFU0WHQwNWhlN09GMStvSDJta2pBZkk2VGlMNXBTcjdwcnA4RnJwbDdibDlseHNvQmJha2FHVzdFWUxMeXZ6cTB0QmhTZUFua3NWamZWSVJGUU...

431 B
653 B

318ms
24ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=D4NQFHxpMENFSUxzTmJZRFhPZjRhd0JqNGg5dzIrOVlzdXZHcXJQSFU3VFU0WHQwNWhlN09GMStvSDJta2pBZkk2VGlMNXBTcjdwcnA4RnJwbDdibDlseHNvQmJha2FHVzdFWUxMeXZ6cTB0QmhTZUFua3NWamZWSVJGUUhMTDFkWFJCSkpiL2FpZldLd3Z6OHpXT1luM3ZUaXZxVUFIQzBaQ2VOd1krUW5HSDJQSTQ2L2p1anBaTnVseUlyMzNTN281RlBheXJSVTlxYmM4Z1NyWGVESXZpVERRb1lVRTdKRVlJK3FUMDFUMXRKQmhzMDhsRUVneElRa2k1d3ZtaExhSWhCT0dDWlJZRXl3K0ROQVZ2a2ovaWc2Zz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7cd94880170f49a764551093732fb02f6b8cb088edd1dcc8297a3beb26edb577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1676486
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=D4NQFHxpMENFSUxzTmJZRFhPZjRhd0JqNGg5dzIrOVlzdXZHcXJQSFU3VFU0WHQwNWhlN09GMStvSDJta2pBZkk2VGlMNXBTcjdwcnA4RnJwbDdibDlseHNvQmJha2FHVzdFWUxMeXZ6cTB0QmhTZUFua3NWamZWSVJGUUhMTDFkWFJCSkpiL2FpZldLd3Z6OHpXT1luM3ZUaXZxVUFIQzBaQ2VOd1krUW5HSDJQSTQ2L2p1anBaTnVseUlyMzNTN281RlBheXJSVTlxYmM4Z1NyWGVESXZpVERRb1lVRTdKRVlJK3FUMDFUMXRKQmhzMDhsRUVneElRa2k1d3ZtaExhSWhCT0dDWlJZRXl3K0ROQVZ2a2ovaWc2Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 329896
content-length: 0
expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01C3 0
20 B 64ms
63ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9726146238244&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01C3 0
20 B 92ms
91ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9726146238244&version=m202301230201&ct=76&x=1&cor=17723774578799417000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 01C3 87 KB
36 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRtcrBAm7Sckb3kuDyvoXFBJBuDBeOnvjyXm9HhhKFp4g5yA14q14G72mMLgH4N0F_kXUVP4Ct7k4033cSN6E7A0qDD4xjV6L0dvy5vQWKZ3EX1kk&cry=1&dbm_d=AKAmf-AxOq58rXB7dKYqvxZ4jUEXPanY6615M_NjegOadP8PJ-fj4vgZm6-xHUFZI6e_qwk2YubtoqwHQxu1QAn6raIikb91MlTt78a8REz6qbcWb3-yW87AUxgdE12k_kMg8tp36gH58QTwSMxqisAgP4DoS-AfzK5JYwVpFYnr7-7ts0mTtnOjkItGAT9jhhZdQJg-0gNm6xl6JGo3l5P1v1SVnJwcD6JOVwx4mbljwYJpRm5NnzXqiEj94fGzWS7RNSK8KjjvjBiNufP1-VKmk9cpRGO92LBj7EfG2j74OeaSqvyiHUBWxXDejI8tZ756tpSoV8HAlPSND3OhQqNNeIUxqbicxXTtCcli_CvBXFJpo5vgI6vvGcBWXgb2M4djrLKuUHdWW7L8W2Pmakct474zn_nnkEnOQF3Fbl3smS3YuRBxKHk95d8a6ICA_eZ4hjxnsYpbb0Raa79r0FiRiZyKnPt_pkSwgXfztLyqxosf9jF9XO37nY9CdJclipCYQ1bwL1goKsUh0Q0vqjEVEx_2PvHHfja3j65iVdoNNfNi-2x_D8ckinQZdsTewWprGFaWkQs6cHKPNHNbOvlK1SzFS7Ks2HTJcG5h_mUuqMp6k_Fgb3kzuCsyn-AkA6vfx3orm7WPwzLXPrWdx_iVsMNPyiV_CiJnlbI-l4djpop2wKU0QhGSsDKqydi0jm8hoSMifBIVLUCLsPvTabSCT-NPymO1Y49xHhZenJH7LB-JN9caQ3nHxuGh3bE7-eRRyCq5GLwhlQtgHUPJ4TuWX2npjlegrLi2Ec9jpFxGt8CuK3KImzIStVJRkvf3ATB6QjWxdGcH7VV_hzqk7G_BYcr2Mi0PVowPX41Qkzypt7A3z1pn7VngRgzD9LsU81q5zIWD-9C8QJiV5h_BAq5nqRDS_cWkkcNZAyyhqGxY8Q33G-240JT11S6YCOiU2DOmYi4KDF1b1IzpPgvAA89asYZizzM5pkwLy4JiYJDOj8KTwgO-Pph21Du9XezDU63jsHZGRYkDNmpj2ZDFpF2oC0RzQfxl25IXYTXb_XFzTi8dr1tyDTfXopm1Vt3icMjvrGjauJTIcT4rrusvllDYvcjLWM6yyBxWHwl2fiMn1s9sN_MPo6mcU-VnwIREPnhNDfge4w_aV_E2JApEc_tKz9Y88HKXtxNVq45orGD8UOwA8j-8v-gilts995317T8AODDjN5FjJF24-w_ObrCYRpQ63Bm6WInTo-JsLJL2Tm4TP789pHSmflwu3bCZCf6MaRcc54eRXwV0mRZdUJ0mNl28b2Hi6E5vjRpRo2WXga3AyiMEYvtbbP0grZ5b9yqlNeVBK-TmSiafPkOyfrMFKh8xSWyEMkXXcWNRUUWw17U0CIHrzdvdxE0PdOaZw5yhnm4F89_YluJpSvlF-CPAxExsNOlW8YcvDv9levvcEGQ5T0S1UETpx-qomgEO-7urJsTs86RzBDONr0z8PhwHqXb6TX6HgLuF5TH4kuQZ3SHuxy7Ge-obS_jyr3MtNLmvcbsfqiVHm1XjVj0AeJoWrIUhkXZvADOYndRuNRSEjbxCFTkLs4kJJUXYMEK-Fj1WYD1yRe7KBZ2mf5rl-lukGAzkeBppWpG4XS6gk-fzr5XDzik3Hr-xfXePrhgedZaMcYnlej_hhXwj3O7KGHAQBt8Yy203-VmHit0ryQWMNShiSBKWMAz3j__0DrZCMnXrlR1Fchbf-9vs0T7cWvSmXhPI__9NGO_rWmSYSeph02zg13Wg3AqIE1obXQKWis1cZlGIcqBFlYTOd9k_pQsW7YmA3CZtBlLbJEIggOsfItpStH7cmBHByEjTgLmFK12_JQSb2eCbhGf7qC3RgV0B9BPGXsAt2hskklcDSY4dLWvfX9Kv_wGDQw17Mdzk2f5WwvwM8uiMmFnbZFNvZnVGggbC83dT10ejTcL3n2rua3Kkhvh-zwpyimZuu3rqFrY49m1xutzkAXiL9BoSskRjgv8aI01EEZQCtJvm1hLiqvDJoLKu0CXQKlXvxyIeyhANzktU2HLxmOrCadfpYGiRl6pQKsYglNr29lf53gLZtK3mvwvK0AU_whm8tKPaMAqCf2FqxVH1RnCknh3xw7CwD8IxsxjtPLRupxJq-1KVUvADGOyLJAYXWylDMqmhqa3O7SGMVi6yOwcZKcllhO_R33AG3bO4HY8iwNCPr5l2cJRtzPd3acTWqzTYuHmRbewMZsRNWi4i8ZlnncvPfd9umU50ga-Um9OkZ1d-1uQsKFRwxOEKtzyM92LAUw-gFweZJU-ufYOanV8ARMQ4Kew3ntmcQ_KJcsOvDqnu8DEcvjY6IMcX6a2FNKPOxfsMdyLZn58AC0-G54YtF1SLDxDw_Nk5El2G6cADMCM_QQMtUBk2rbUXpB7UOXud85BuZxquL6r8rcdISIj9iPjGtm9vi2sNUmCMKNutfxOKeHiZO6HvX7vBUvczGbopL_qc_-qbOdhK7ql6hbnkBLTG_vUE-nDo5MEAtmAd8uu00VVB48hMgWDv2EE5RgsbySy4kBo4xRBd7evxnHaTj_dTQflLddr3j6eugd9SBRi_OgL6VaMusYrBW0CCa_BDjL8KmqdIbwNimiMRity4aSd8uTBuyBH9UqwcmjAk7uhxefVJWN5OXZU01gDXUpRAe4b_N2T57CjgRW7dB9CuLkrzNqIOgtazuQzrVIFI-23EMsFE49DTT_ew8xYzlcNLmEBqu2vS2Cs0-ZWM6lpYt3_n0dMjbLqHf84zWUS4iNxnBVZSUDKuHh9t2FBeiPRpGD9g_5OHuN0YM_2wyqoHBhr1HVQJNcnNKVAtN6kbz6-H8oTf4rS0WyPX4QyhE2ih8ZI6arvwOCJJezlfw24kqBaEoXLFhwCsHaFEVHYMfihOIxAI_ixnmf0dG4m_WeSxlJNoahVzu7Y2nsxdy44Tkc9gqvYxfXfRE0BHhmQa29cX6d-z4OeTQSNzWwuzhmCSruUQlU1Arm5EFu-WQRqFwULe2Sq6BlzP3GtiCQNDA_O5XU53aYCCyvDzq4Tt-uOUW6Zt8c73fHkGe43k5Lwx3jKr-B25T60bu6KKdtwgQKBjh-sNGDWqbo0qHt7p65X-HG5i0aPxFs87A0qxl7ceQrJIPct2PWIKHW1XmkoH8V0el18MdD94ch8UvPDtKPmasx5-thkdvDlgJLnY6HVO-6Sqyw9BAVsQWLm3OXjFPNt16LU5MxV3kYnwzIiWlPd1tO13EITi82czOqIxz1IOu4P1A-7U-6qgnn8csJIjb66zYPQSESgqC7NbviNk92aQFwYS1r-S6psSJ8Q4hrAODpzhGKLWjG0uP9dkCBHzdpMdk7cucSkA89onii5VR427xGGHLAiuZbZkUwwd5JydYT9VJ3gG3wq6pOpKGn61uuzc5syOHpTeMkIk1RnmSfu2nWC_PFStKlrf3cYgac2EOYKMgsM99mMvd4_Kior8GuIg5pkvkq8lMXHsRj4tyav5LYaHSazTEzXJO-Pvk_N-yJBvVJUO_S_Njw9YZrur301S42LQmTqTUODpvFpF9e119xsvVjRaJQfQfhKTiQDd0YhhU9LZDz4-Eu2fPf1gx_Ea2OE0gtumtwvOa7-HLp3ap3RWf3t6fOwxKkNnoAKVeKZlVusKgpF0Pn-H4CF5ZGcS7YbpkVwte7URsgGkktSoqt7axGRLbAHpCDt-rccIm_rctgKCjBWq9DzdDf6AjW785wiw95tZRLkrm0mwCI5MwLUAUUCbopNlDkYQjpkyOHwbFLWIoTTL6YrxAxJh4qPLgtf-IiflMsMK9xJYL2OxE60M9J3kdQCncav50ztClw5V1U2xYF4GDwsdrk_Z5yzJh8JFgTYx4cmx2YrLTT1NKpgIIK0sn-krXmkP5Lhqu9QJC-2nIuHjX1mynQ&cid=CAQSTABygQiDAfIxenTL6HeNFaI-T2t-GcIKQcSmAVRuustm97Fz8a8UxTakPozppncsHi5TTo72jF0NcJwqYRj3z-dzP-Va6X67DsF3zRwYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsinoptik.ua%2F&ds=l&xdt=1&iif=1&cor=17723774578799417000&adk=1033480531&idt=103&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e46c9ea33bf104ecb4016aa7050798cbf5a05f263e9233f6cbec6d2a1031b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36904
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6FAC 0
10 B 30ms
30ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_EhHpA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 01C3 169 KB
60 KB 56ms
9ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd2056d3c5a5f9a087647154dc26dbed362a61b733a6cbc8d9e5330b4f4d4284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
Origin: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60459
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 May 2023 19:16:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame 01C3 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRtcrBAm7Sckb3kuDyvoXFBJBuDBeOnvjyXm9HhhKFp4g5yA14q14G72mMLgH4N0F_kXUVP4Ct7k4033cSN6E7A0qDD4xjV6L0dvy5vQWKZ3EX1kk&cry=1&dbm_d=AKAmf-AxOq58rXB7dKYqvxZ4jUEXPanY6615M_NjegOadP8PJ-fj4vgZm6-xHUFZI6e_qwk2YubtoqwHQxu1QAn6raIikb91MlTt78a8REz6qbcWb3-yW87AUxgdE12k_kMg8tp36gH58QTwSMxqisAgP4DoS-AfzK5JYwVpFYnr7-7ts0mTtnOjkItGAT9jhhZdQJg-0gNm6xl6JGo3l5P1v1SVnJwcD6JOVwx4mbljwYJpRm5NnzXqiEj94fGzWS7RNSK8KjjvjBiNufP1-VKmk9cpRGO92LBj7EfG2j74OeaSqvyiHUBWxXDejI8tZ756tpSoV8HAlPSND3OhQqNNeIUxqbicxXTtCcli_CvBXFJpo5vgI6vvGcBWXgb2M4djrLKuUHdWW7L8W2Pmakct474zn_nnkEnOQF3Fbl3smS3YuRBxKHk95d8a6ICA_eZ4hjxnsYpbb0Raa79r0FiRiZyKnPt_pkSwgXfztLyqxosf9jF9XO37nY9CdJclipCYQ1bwL1goKsUh0Q0vqjEVEx_2PvHHfja3j65iVdoNNfNi-2x_D8ckinQZdsTewWprGFaWkQs6cHKPNHNbOvlK1SzFS7Ks2HTJcG5h_mUuqMp6k_Fgb3kzuCsyn-AkA6vfx3orm7WPwzLXPrWdx_iVsMNPyiV_CiJnlbI-l4djpop2wKU0QhGSsDKqydi0jm8hoSMifBIVLUCLsPvTabSCT-NPymO1Y49xHhZenJH7LB-JN9caQ3nHxuGh3bE7-eRRyCq5GLwhlQtgHUPJ4TuWX2npjlegrLi2Ec9jpFxGt8CuK3KImzIStVJRkvf3ATB6QjWxdGcH7VV_hzqk7G_BYcr2Mi0PVowPX41Qkzypt7A3z1pn7VngRgzD9LsU81q5zIWD-9C8QJiV5h_BAq5nqRDS_cWkkcNZAyyhqGxY8Q33G-240JT11S6YCOiU2DOmYi4KDF1b1IzpPgvAA89asYZizzM5pkwLy4JiYJDOj8KTwgO-Pph21Du9XezDU63jsHZGRYkDNmpj2ZDFpF2oC0RzQfxl25IXYTXb_XFzTi8dr1tyDTfXopm1Vt3icMjvrGjauJTIcT4rrusvllDYvcjLWM6yyBxWHwl2fiMn1s9sN_MPo6mcU-VnwIREPnhNDfge4w_aV_E2JApEc_tKz9Y88HKXtxNVq45orGD8UOwA8j-8v-gilts995317T8AODDjN5FjJF24-w_ObrCYRpQ63Bm6WInTo-JsLJL2Tm4TP789pHSmflwu3bCZCf6MaRcc54eRXwV0mRZdUJ0mNl28b2Hi6E5vjRpRo2WXga3AyiMEYvtbbP0grZ5b9yqlNeVBK-TmSiafPkOyfrMFKh8xSWyEMkXXcWNRUUWw17U0CIHrzdvdxE0PdOaZw5yhnm4F89_YluJpSvlF-CPAxExsNOlW8YcvDv9levvcEGQ5T0S1UETpx-qomgEO-7urJsTs86RzBDONr0z8PhwHqXb6TX6HgLuF5TH4kuQZ3SHuxy7Ge-obS_jyr3MtNLmvcbsfqiVHm1XjVj0AeJoWrIUhkXZvADOYndRuNRSEjbxCFTkLs4kJJUXYMEK-Fj1WYD1yRe7KBZ2mf5rl-lukGAzkeBppWpG4XS6gk-fzr5XDzik3Hr-xfXePrhgedZaMcYnlej_hhXwj3O7KGHAQBt8Yy203-VmHit0ryQWMNShiSBKWMAz3j__0DrZCMnXrlR1Fchbf-9vs0T7cWvSmXhPI__9NGO_rWmSYSeph02zg13Wg3AqIE1obXQKWis1cZlGIcqBFlYTOd9k_pQsW7YmA3CZtBlLbJEIggOsfItpStH7cmBHByEjTgLmFK12_JQSb2eCbhGf7qC3RgV0B9BPGXsAt2hskklcDSY4dLWvfX9Kv_wGDQw17Mdzk2f5WwvwM8uiMmFnbZFNvZnVGggbC83dT10ejTcL3n2rua3Kkhvh-zwpyimZuu3rqFrY49m1xutzkAXiL9BoSskRjgv8aI01EEZQCtJvm1hLiqvDJoLKu0CXQKlXvxyIeyhANzktU2HLxmOrCadfpYGiRl6pQKsYglNr29lf53gLZtK3mvwvK0AU_whm8tKPaMAqCf2FqxVH1RnCknh3xw7CwD8IxsxjtPLRupxJq-1KVUvADGOyLJAYXWylDMqmhqa3O7SGMVi6yOwcZKcllhO_R33AG3bO4HY8iwNCPr5l2cJRtzPd3acTWqzTYuHmRbewMZsRNWi4i8ZlnncvPfd9umU50ga-Um9OkZ1d-1uQsKFRwxOEKtzyM92LAUw-gFweZJU-ufYOanV8ARMQ4Kew3ntmcQ_KJcsOvDqnu8DEcvjY6IMcX6a2FNKPOxfsMdyLZn58AC0-G54YtF1SLDxDw_Nk5El2G6cADMCM_QQMtUBk2rbUXpB7UOXud85BuZxquL6r8rcdISIj9iPjGtm9vi2sNUmCMKNutfxOKeHiZO6HvX7vBUvczGbopL_qc_-qbOdhK7ql6hbnkBLTG_vUE-nDo5MEAtmAd8uu00VVB48hMgWDv2EE5RgsbySy4kBo4xRBd7evxnHaTj_dTQflLddr3j6eugd9SBRi_OgL6VaMusYrBW0CCa_BDjL8KmqdIbwNimiMRity4aSd8uTBuyBH9UqwcmjAk7uhxefVJWN5OXZU01gDXUpRAe4b_N2T57CjgRW7dB9CuLkrzNqIOgtazuQzrVIFI-23EMsFE49DTT_ew8xYzlcNLmEBqu2vS2Cs0-ZWM6lpYt3_n0dMjbLqHf84zWUS4iNxnBVZSUDKuHh9t2FBeiPRpGD9g_5OHuN0YM_2wyqoHBhr1HVQJNcnNKVAtN6kbz6-H8oTf4rS0WyPX4QyhE2ih8ZI6arvwOCJJezlfw24kqBaEoXLFhwCsHaFEVHYMfihOIxAI_ixnmf0dG4m_WeSxlJNoahVzu7Y2nsxdy44Tkc9gqvYxfXfRE0BHhmQa29cX6d-z4OeTQSNzWwuzhmCSruUQlU1Arm5EFu-WQRqFwULe2Sq6BlzP3GtiCQNDA_O5XU53aYCCyvDzq4Tt-uOUW6Zt8c73fHkGe43k5Lwx3jKr-B25T60bu6KKdtwgQKBjh-sNGDWqbo0qHt7p65X-HG5i0aPxFs87A0qxl7ceQrJIPct2PWIKHW1XmkoH8V0el18MdD94ch8UvPDtKPmasx5-thkdvDlgJLnY6HVO-6Sqyw9BAVsQWLm3OXjFPNt16LU5MxV3kYnwzIiWlPd1tO13EITi82czOqIxz1IOu4P1A-7U-6qgnn8csJIjb66zYPQSESgqC7NbviNk92aQFwYS1r-S6psSJ8Q4hrAODpzhGKLWjG0uP9dkCBHzdpMdk7cucSkA89onii5VR427xGGHLAiuZbZkUwwd5JydYT9VJ3gG3wq6pOpKGn61uuzc5syOHpTeMkIk1RnmSfu2nWC_PFStKlrf3cYgac2EOYKMgsM99mMvd4_Kior8GuIg5pkvkq8lMXHsRj4tyav5LYaHSazTEzXJO-Pvk_N-yJBvVJUO_S_Njw9YZrur301S42LQmTqTUODpvFpF9e119xsvVjRaJQfQfhKTiQDd0YhhU9LZDz4-Eu2fPf1gx_Ea2OE0gtumtwvOa7-HLp3ap3RWf3t6fOwxKkNnoAKVeKZlVusKgpF0Pn-H4CF5ZGcS7YbpkVwte7URsgGkktSoqt7axGRLbAHpCDt-rccIm_rctgKCjBWq9DzdDf6AjW785wiw95tZRLkrm0mwCI5MwLUAUUCbopNlDkYQjpkyOHwbFLWIoTTL6YrxAxJh4qPLgtf-IiflMsMK9xJYL2OxE60M9J3kdQCncav50ztClw5V1U2xYF4GDwsdrk_Z5yzJh8JFgTYx4cmx2YrLTT1NKpgIIK0sn-krXmkP5Lhqu9QJC-2nIuHjX1mynQ&cid=CAQSTABygQiDAfIxenTL6HeNFaI-T2t-GcIKQcSmAVRuustm97Fz8a8UxTakPozppncsHi5TTo72jF0NcJwqYRj3z-dzP-Va6X67DsF3zRwYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsinoptik.ua%2F&ds=l&xdt=1&iif=1&cor=17723774578799417000&adk=1033480531&idt=103&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 18:01:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 01C3 28 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de1346a42d1d61f1b1bb581cc38a9a6662570b67fbca3b9d4dd3b36e446b6a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10880
x-xss-protection: 0
server: cafe
etag: 12570010719352825067
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 18:03:21 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 01C3 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
URL: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
DATA 200
OK truncated
/ Frame 01C3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7af02a86197fec7c14855785ade429d6a25d2f4a83cd293799dd3450c13abab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B40E 22 KB
8 KB 11ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 500861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12526237615489777227/ Frame D935 126 KB
34 KB 34ms
17ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd439dee780e622d5406c1d638c455c67796f5ebe6443f0783358981f3f0310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:34:41 GMT
expires: Sat, 04 May 2024 12:34:41 GMT
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 01C3 0
0 87ms
52ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEaBmBTo1DYIwhPRLoM9YtXCWmbDQtZ5ew5EcEODVi7fBKD28llhv_nMrlTUslb6y9LiA5zGQF9b-_7as0ktywksh5nNdiR7k_Wx6GgvuoQs4m0MkMVZT7286E0jHo4h4m_oD2J7Rd_ysRk0gFcUlr40UbMQ9MbGFF-Q69Tqar8oc-Woh_B9xMtX0aFJcF5togRrqxq9hS9GZuxJCG5zjn93FyFd87d3i7Qs6814DBcyx5OKUx_PZSFvve7izB0vULxvKZC0yHFaSEzPpwHHhklY81jhGZ-c3sQyOhAooPqeBG6NuwNwo0fnYnzYu85mi9r1el83ONxd_RusSw_6Dm2nJ5wwaYQdVNlOwAbaLvb06N4duO3KfmzQ5r1ntuGVnChW1b87ywC8uAYqybzr2vQNf82E1g-AUejk3aWx66jdOHOdMIWkYrDVqOPumLsQhpZZLl0ovBRX1kBIjhBO3xVacmaQtqsQbRz9cYyGzhzJ0rcTDfSZTiRtT2K4ItSea2O-BdvKyIkAyF8NmwmNJiDrviSPw7jzBqq91XceS-axEm_yOAl7FZldd0J9Ru3NJhEKHNAjnOCAkTjgSuBgYYdANaGugsMlqlR2TkT1w152vlCtMtVfnm_HXYJNyVLWjLgpjPyYFOVvROZzP7tKfwINu-JdipLCUYdVt23z0LitBSNxEaFrvlBDO9-ifrvaaahqc7MJb8n1goUzvos0e1cbhOKojZO8n_ysQwXKPTIIEfBxhgyd8-bQ2EFi1AJUPzQuVbUPCp9HBC_KcVbeNwJ4CHkpsB8_lBLFOr3dyoWMaHk49BwCieKajkyWTBRL9Y2w-6g2dX3GnsinJaj4d8H4z7O9zpKoibE0lTDs2ZBMax5RvZcQbY0_WF-bVDkka3NaS-a-MXAfY6enXMCYxEKN6db1bHTo04p2zKG7lWeLgFuLy6Efs9_qRrzz8CU6nvJMX_CSSOyLZu60nSHOk35d8T5S8tnxVEIrwkvX4rO7gH4wGgp1opnXTBa-tnXhlR9kbe22EZchRtp5g4aDjuXrmrFXWvGNBohr7irQo_kqt4sD0LrqNsBP5Pv9CVm4YFNOMYF2aFriJBuwkhZHbtaSjS1EhQ7dhPQNQK7wm1Cgb1GCi8cq8EruAryfSqO81cwklaVM6PXTbQmEpVtPA0bf2U_qS6mpFco3hOtde4q0bj2gkUUzI1dHZVVed93ArU6dTwmUcvv_i3mUplDFEM12hHhSp2z-FlJqiSVwoLNLIHSCEjkN8ayz7IXLzEIkqhI7a2Gshln9ctrmjBDF3LVchrXqVua-s81WuU-lCzWjMb6pYJ&sai=AMfl-YTEUynK1oV_fwKHCjTb7QACZDoyDDQ5J7sLx0nXnyfmPSNaTHnVh_oIXdVFiXwb5YjrFo_vQ5dZzZvzmltxcGh8LhFLaQWQyFnsexJjFXX1EJkz8GmhBB9pUarsq64_IjOhogoLcBnsjOm2NsYeADIOpLNmufyiPqtKSjjeEf1RkBBf8VqmsvsnK0BYRUry-xtz0jP77EeWJmKtah6PDNNX4WcEobpvNKG4ss5suk7pAVPcKooYHsVFWpaNhEGEqJiWydVR57o5IlhBEgtlGuyN5thHjfvt-3Q7&sig=Cg0ArKJSzDxZYvgADYwuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=82&cisv=r20230502.13348&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 May 2023 12:34:41 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 05 May 2023 12:34:41 GMT

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B40E 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D935 118 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 08:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 May 2023 08:32:17 GMT

GET
H3 200 GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame D935 37 KB
37 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansText-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:57:15 GMT
x-content-type-options: nosniff
age: 481046
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38296
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 22:57:15 GMT

GET
H3 200 GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame D935 23 KB
23 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansHead-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:41:25 GMT
x-content-type-options: nosniff
age: 489196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23900
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 20:41:25 GMT

GET
H3 200 GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame D935 23 KB
23 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansHead-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:51:24 GMT
x-content-type-options: nosniff
age: 488597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23636
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 20:51:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 01C3 0
0 46ms
46ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEaBmBTo1DYIwhPRLoM9YtXCWmbDQtZ5ew5EcEODVi7fBKD28llhv_nMrlTUslb6y9LiA5zGQF9b-_7as0ktywksh5nNdiR7k_Wx6GgvuoQs4m0MkMVZT7286E0jHo4h4m_oD2J7Rd_ysRk0gFcUlr40UbMQ9MbGFF-Q69Tqar8oc-Woh_B9xMtX0aFJcF5togRrqxq9hS9GZuxJCG5zjn93FyFd87d3i7Qs6814DBcyx5OKUx_PZSFvve7izB0vULxvKZC0yHFaSEzPpwHHhklY81jhGZ-c3sQyOhAooPqeBG6NuwNwo0fnYnzYu85mi9r1el83ONxd_RusSw_6Dm2nJ5wwaYQdVNlOwAbaLvb06N4duO3KfmzQ5r1ntuGVnChW1b87ywC8uAYqybzr2vQNf82E1g-AUejk3aWx66jdOHOdMIWkYrDVqOPumLsQhpZZLl0ovBRX1kBIjhBO3xVacmaQtqsQbRz9cYyGzhzJ0rcTDfSZTiRtT2K4ItSea2O-BdvKyIkAyF8NmwmNJiDrviSPw7jzBqq91XceS-axEm_yOAl7FZldd0J9Ru3NJhEKHNAjnOCAkTjgSuBgYYdANaGugsMlqlR2TkT1w152vlCtMtVfnm_HXYJNyVLWjLgpjPyYFOVvROZzP7tKfwINu-JdipLCUYdVt23z0LitBSNxEaFrvlBDO9-ifrvaaahqc7MJb8n1goUzvos0e1cbhOKojZO8n_ysQwXKPTIIEfBxhgyd8-bQ2EFi1AJUPzQuVbUPCp9HBC_KcVbeNwJ4CHkpsB8_lBLFOr3dyoWMaHk49BwCieKajkyWTBRL9Y2w-6g2dX3GnsinJaj4d8H4z7O9zpKoibE0lTDs2ZBMax5RvZcQbY0_WF-bVDkka3NaS-a-MXAfY6enXMCYxEKN6db1bHTo04p2zKG7lWeLgFuLy6Efs9_qRrzz8CU6nvJMX_CSSOyLZu60nSHOk35d8T5S8tnxVEIrwkvX4rO7gH4wGgp1opnXTBa-tnXhlR9kbe22EZchRtp5g4aDjuXrmrFXWvGNBohr7irQo_kqt4sD0LrqNsBP5Pv9CVm4YFNOMYF2aFriJBuwkhZHbtaSjS1EhQ7dhPQNQK7wm1Cgb1GCi8cq8EruAryfSqO81cwklaVM6PXTbQmEpVtPA0bf2U_qS6mpFco3hOtde4q0bj2gkUUzI1dHZVVed93ArU6dTwmUcvv_i3mUplDFEM12hHhSp2z-FlJqiSVwoLNLIHSCEjkN8ayz7IXLzEIkqhI7a2Gshln9ctrmjBDF3LVchrXqVua-s81WuU-lCzWjMb6pYJ&sai=AMfl-YTEUynK1oV_fwKHCjTb7QACZDoyDDQ5J7sLx0nXnyfmPSNaTHnVh_oIXdVFiXwb5YjrFo_vQ5dZzZvzmltxcGh8LhFLaQWQyFnsexJjFXX1EJkz8GmhBB9pUarsq64_IjOhogoLcBnsjOm2NsYeADIOpLNmufyiPqtKSjjeEf1RkBBf8VqmsvsnK0BYRUry-xtz0jP77EeWJmKtah6PDNNX4WcEobpvNKG4ss5suk7pAVPcKooYHsVFWpaNhEGEqJiWydVR57o5IlhBEgtlGuyN5thHjfvt-3Q7&sig=Cg0ArKJSzDxZYvgADYwuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=114&dett=3&cstd=82&cisv=r20230502.13348&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: sinoptik.ua
URL: https://sinoptik.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 05 May 2023 12:34:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 01C3 7 KB
6 KB 51ms
50ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c210881466ac30828a197b8893b1ea21f33784542b9159d457e16dcc6c9c0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5678
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D935 7 KB
6 KB 64ms
64ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4c6053f69e0dc7f91dd8256e138e90c2c5f9b8f3a98b53f49d959b7f285af56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5765
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/12526237615489777227/ Frame D935 8 KB
8 KB 10ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:15:07 GMT
x-content-type-options: nosniff
age: 487174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8111
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 21:15:07 GMT

GET
H3 200 60015186_20230202011652528_award_logo_300x600_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame D935 2 KB
2 KB 10ms
10ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011652528_award_logo_300x600_default.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66dfd53134d5f32c3f4b280c7e7c7aa4e64600ea3ed8d2e15d4ae3b5ac1e93af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 23:14:45 GMT
x-content-type-options: nosniff
age: 47996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2476
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:16:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 May 2023 23:14:45 GMT

GET
DATA 200
OK truncated
/ Frame D935 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 60015186_20230127032449570_300x600_GV60.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame D935 87 KB
87 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230127032449570_300x600_GV60.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bf5035edfa3644f1e654197f0067bb072e5fb9ccf3f728a20b3191c849a8df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=1yF7XIGRyq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 06:14:43 GMT
x-content-type-options: nosniff
age: 22798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89490
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 11:24:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 May 2023 06:14:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B40E 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYi_44fdUZO_eB5m99u8PheygkAgAAAAAOAHgBAI&bg=!MzClMGTNAAYV_mUANf47ADkAdvg8WgpzLCXJR7QBlXq7eGPyXjq18FrOb-kwJ9yWvEMyRFHpfp4zorwVlXI_QAxm9lgHAJiEmZYCAAAAfVIAAAAFaAEHmQMtLxRkTCBRezQlZr2M-oW5rjE5CBAVcMnunmuRamrQJx_S-wAu7f18pb3b33gwuS1Vi9AZ_42ZArJaMvMjtn1XhPktqi2O00a11Gnijt6C3h4_qOOvmcsIeQkPfUTYYrb9g9Un1n__nnDU_FaevzAwAleZH4CiW9bFnd2NbLqRAfsb0NJ_ZF2sW-ps5VEWQE7p3iVp0dXCw0QeUPlSXQ-GgUuov7fqkTPxEzYHC-oD_HcrQZ0I-dWboYnf2qpFgKdUqzQZtMafQ4vpwQhR53T-CAJ6k7e7BWh3GXO1qHCwxYEMPZ-ogZBSw16AbNT4u4rSsr59tFlv_92iqX5XjrJY-y7rg_-I5Ofwz1w3GHke-9GfnPd7CZmDppm5Biw-0KcsAjzr6FhdLGts35kGUD8Gk5AGtsPBtHUqB4XZcjRfulabLdIW8HePb5eYxhdJHq3f5cnXIbjIXGNMfqa5u9zXi7SNzS0_XdSil5iQeSsJaXqhQLkWbViU8TUqBtu-IDy_MKES1IRPV_sFdWB-GUMXzLQgFcu9bmmvcZo0GDMcykQwY5B2GByabyigJWjuQZGzjQL2IugRBqM0me4nvMK80rmkSt51A9jv3aJgpapa_hdKIhEVxhSVZ6bWU2sICAu4nUL_3Ku7d7T4owz2UlFJK1QyXkz7l1vcKKwAFyrF-_Lg-HaPwZkHClcU0Gkb2WqLPyjseCe5T39aoVMMldk881i_svHDmUIU0XSfxjRx9cHyF4d71tD6wz6fYh7sbyjjZnENiiVwOyKL3JRWpNcp7rKeHxJTQ4qF9Ap-VDW104DsBus6-LTEveuqL_Pt2icPnvnXcixzZX6CXuzAjdPv_zrxdR27NDiVSThOSGMolMPm5iDPiBX-QcqK--no7we2T_jk0MoWfSZY5m7ODPeNs0ves-63BprWj_IyldjqK0TxDtEy_OIQUcLHZufnpnBC7PCzE8cuKeFIOvFpVnr-QzzC0bRuMqh2wKbblUaCbb5eDgUJZQepfmBC6KV1e-0deVD7mYliULtYllS1h3F2hG1AB89VNI9zQf57bXYSs3pYcVT83-DCIqGLSpKy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 01C3 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 May 2023 12:34:41 GMT

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E9A2 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D935 17 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 May 2023 12:34:41 GMT

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A87A 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:24:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D26 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv68EbqBEB0Z8P2tX5gtG08fouT2vl_BgIG3YT8PEmmPbQjL8f7DHzYbGN1uR12eSkysod196RJ6dgIAw-3b_yIC1MU0HgPjHwreEf1kJ1_F-fMWEsr5IUQiww8PqNOHPC7PXRFmA&sai=AMfl-YTJflKcXOGluIMaH_cZ9O2ZbpnkMLy_UUhkCaMCmLxYOPLYQIXKaKof12Lk8YAXKBoiuqLv2srT52Rc&sig=Cg0ArKJSzHVLMm4pmqr0EAE&cid=CAQSGwBygQiDC943oN9YJJOXfVcQZuap4Q8S2_lFlhgB&id=lidar2&mcvt=1006&p=0,0,250,300&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2700207666&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683290079802&rpt=735&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305010101&jk=4235314190007076&bg=!y8ilyJzNAAYV_mUANf47ADkAdvg8WhKso3_gBeQq8KjGMBj6KUjsSxh5mfeGnrnU1ae7R1MN9ixzsSkgn_dnwBxOLI4mU8yxcZACAAAAyVIAAAAEaAEHmQLqDTnb0oc6oVJlg_b_3rxaL2RP89i3HMxhwrsWAXLxs0aqSRvlqzSBklikQaM4DXIql6EQE_nUhaso8ePty02o1wfJ_bjDBIJjRXnDXd1d0XYnsPQSJ0qaNArgC-YkK3tVNwTNs18apvGgdaa9Bzw0SSovE4mEk_dfxl2k_ESL5t0arGUPUaylSWMtwdQAYe13L4W7afFPCk-M2WLTJTVH3rf-UZhthnW_p-RGwlGZWVfRaZok9O5ZyeMKP4c9zMQ9GFIrZ6JRjyQCtL37LZixTVSaWJGczL-qmEaCns4XVud7LEwI31cO2xSxlrjn1_f2xseSGVPJ1WPSuiGjGeENzbDhTP8QHiF_JFiLAb0ZiJ28r6z-LS-iuLsMVah65euEDqWC4v4XxjRNMn522h_XiDlMQ3mud8ljSjRjZeHs76zi_ylR89sBW2OREUCOqLXZQ7fPidaAQFNlb4Xnee9Y7vv3gTTuw6WM4UQuOjV8kjH7XNXWioam2lP-8pVFy3uuNbFBvx_dLusuEV5tgoHv8SVX0dAHCsCFLX58_zwuByQihx1SZnwF9xGZP2tJxSoRrhs3ORMDflfbdXxvXBatTNGW6-46w0fYMFEhx-3quA2cWa2unRhYHeuZjf_t4FU2toUQp5-dvJ13D74oK4ljc0xPwzkS7D2l6iZNFGoO4YyO2im3LbFgM32H5CZhX2Tm7DBj-lOYt60kMi-J4Ui2enwPA0cFadqRfG-KFO6__fAYhoeR62ZK809ICX3yFUoa2_mQuJc1R-CyXCIwlMCAQf4e_ZJeFY1NOQi7-uzxSZ_dnSOowUX7YMqsZFowEvZotTk0wCTSic5BFudzQMWjUG1KoocxRQZ1bfqA5RDFD5J4XusZ_omBpeNdufxQ4EOxtm8AAIE74G0OEDSM_2FkN1iLXaPg3i7p6lVhv2FE8B7_tSsOOwShzcOXRS6VHMIYQ0DhtRttw7VuIETmN_nW7qp4pN_tHNx3TWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B336 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4URsLPiXQCuTwV8rGmvvXh1wXqwsBD3SwlUwhHBjNm0z4YuNq4hHm9hWXbYFv7u6XC0UMWylWGA2PvaeRVTfhtSH0sTCp8b1VluChbDKvfhBR3j8DO5BPKxTQ5VFcsifs7W4JwQ&sai=AMfl-YRujqMTpp9PF_xnFnc3iPcGq-rLe9bdm663j4LREoWo7ZFLc2ZcsXqnzOYcVR7dicTPGjhy9n28K3Ob&sig=Cg0ArKJSzN9DQyVuetYPEAE&cid=CAQSGwBygQiDTPPalpmCgXRqUJCDF-sW2XDArmWZBBgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=584908562&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683290079793&rpt=921&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1142 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvOVo7LtSQZcFeApC_vkmLSNSPKy6vu61Jz2Hse6x9v-32BWwZeZDReuWzWDSJEy81NfGtbAoQwIRiLjOC0WoMJdTdYjIVVVxYb2p6izAqzghr4UX4-tceRxatu84NqxNo7aDb1g&sai=AMfl-YTxfREGf6sOF60w4ZNFJvmGaJCfG4mGWh5yrcE9GbMSC8RiKJyCcC8I23NJVLPoYGfk1kATaP5UyVIZcliGYg1aDKY3kZgVDdKLnlhqLGfMBxJAXYMhK_vyoEDHr6QLzsruFKFneIli5nPRjA&sig=Cg0ArKJSzDOpbBXTurYZEAE&cid=CAQSTABygQiDAfIxenTL6HeNFaI-T2t-GcIKQcSmAVRuustm97Fz8a8UxTakPozppncsHi5TTo72jF0NcJwqYRj3z-dzP-Va6X67DsF3zRwYAQ&id=lidar2&mcvt=1000&p=162,130,762,290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3775464727&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683290080852&rpt=153&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 01C3 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6Kcno9sCqAA7liA0EUMQwwXEUidwXZvFT2vP0LEDoFXVIPSJJdlloQ3zh3LNPeD1FyQ_5PKqOp2y0l8JeeFDlIWIC3-mXRbWvRJQtv9BGTqIQLrd0HLD5QP0Ft1H6VJbT9yOz8w&sai=AMfl-YQriZs0sXGhSKLJ2u1HnQxhDFJ2vRpL46kHYiF-JZGeMxZdSDSLxph5YYnksT4O6Nnb5FbUYHCQWNUx4_9tGOiHB394FsUmzUqciRj3oHceTgxaHB6zngbcFFcMOeqhq36nZWNkIYw4W6yGZQ&sig=Cg0ArKJSzD-TP4AoDO-aEAE&cid=CAQSTABygQiDAfIxenTL6HeNFaI-T2t-GcIKQcSmAVRuustm97Fz8a8UxTakPozppncsHi5TTo72jF0NcJwqYRj3z-dzP-Va6X67DsF3zRwYAQ&id=lidar2&mcvt=1001&p=162,1253,202,1294&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=50584995&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683290080860&rpt=363&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01C3 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9726146238244&version=m202301230201&ct=76&x=1&cor=17723774578799417000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:34:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sinoptik.ua/	1969-12-31 23:59:59	Name: os Value: WINDOWS
.ukr.net/	1970-01-20 20:20:26	Name: tracknew Value: 1683290079704080.1683290079.1
.sinoptik.ua/	1970-01-20 21:10:50	Name: _ga_TPZ50996TL Value: GS1.1.1683290079.1.0.1683290079.0.0.0
.sinoptik.ua/	1970-01-20 20:13:14	Name: cities Value: 102950159
.sinoptik.ua/	1970-01-20 20:13:14	Name: location Value: 75.102950159
.sinoptik.ua/	1970-01-20 21:10:50	Name: _ga Value: GA1.2.194539123.1683290079
.sinoptik.ua/	1970-01-20 11:36:16	Name: _gid Value: GA1.2.1322092280.1683290080
.sinoptik.ua/	1970-01-20 11:34:50	Name: _gat_gtag_UA_5903420_6 Value: 1
.ukr.net/	1970-01-20 20:20:26	Name: tmp Value: YGZoZGVnbGBlZGBs
sinoptik.ua/	1970-01-20 12:18:02	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sinoptik.ua/	1970-01-20 20:20:26	Name: _pubcid Value: 009ec715-045f-4a78-8e62-cfb83ad02101
sinoptik.ua/	1970-01-20 21:10:50	Name: cbtYmTName Value: 1a73vLH37/fh47Tlt+DtseS3t+aw5Ofl96jV
loadercdn.net/	1970-01-20 21:10:50	Name: vui Value: 634aad783d214388831ff76b4adf02b5
.doubleclick.net/	1970-01-20 11:34:53	Name: DSID Value: NO_DATA
.sinoptik.ua/	1970-01-20 20:56:26	Name: __gads Value: ID=bedc0904c08dbad8:T=1683290079:S=ALNI_Mb520df8jgX6InewBG_0ySHfpUp_w
.sinoptik.ua/	1970-01-20 20:56:26	Name: __gpi Value: UID=00000bf66e0a7ee2:T=1683290079:RT=1683290079:S=ALNI_MZ4d0oNvLgV05NiXTTESg-Cx0jRVg
a4p.adpartner.pro/	1970-01-20 13:01:14	Name: apuid Value: f0752c85-8081-40b0-b5aa-4b0da29480f2
.doubleclick.net/	1970-01-20 20:56:26	Name: IDE Value: AHWqTUnSOXzOMD_QLYuR4CqCxNXyWy7qdu1LxSuMKG8W1j7IHX1OLCW-rumem0qS
.criteo.com/	1970-01-20 20:56:26	Name: uid Value: e4ddf580-a8d6-466f-a959-01fa7d51a378
.adtelligent.com/	1970-01-20 13:04:06	Name: vmuid Value: 76a36089398e5ad6
.adtelligent.com/	1970-01-20 13:04:06	Name: a307558 Value: f0752c85-8081-40b0-b5aa-4b0da29480f2
.sinoptik.ua/	1970-01-20 20:56:26	Name: cto_bundle Value: jzFpLF9hemF4V3RZbldHTFNjckw2eng4Y2hUMmVid0VLMjZDOUZlc2pUVE9tOVJUc1lZV3FxVXZJRURaWHVLeEdxJTJCUyUyRlJlU3VQNWhxJTJCQ1FhMnYlMkYwS0dRZ1N2YUFDcjhXbHNMSEV5WXI0YWRuSHdqV0RZRDVDR0pRUnNTTG01UUNCYllyeExhNXVvazdRb2VsenA5OE1wY3UxQSUzRCUzRA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5de8da69bfb9c96724439fc2e9bfdf4f.safeframe.googlesyndication.com
a4p.adpartner.pro
adservice.google.com
adservice.google.de
ap.lijit.com
counter.ukr.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
img.fghtem.com
loadercdn.net
m.zmctrack.net
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
player.adtelligent.com
region1.google-analytics.com
s.znctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
sinoptik.ua
sinst.fwdcdn.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
target.ukr.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
178.250.7.13
185.187.81.40
185.239.172.77
193.200.65.5
2001:4860:4802:32::36
209.191.163.208
212.42.73.60
212.42.76.150
212.42.82.26
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:d::d
2a0c:5c81:5142::2
45.133.44.3
51.83.220.94
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0bd439dee780e622d5406c1d638c455c67796f5ebe6443f0783358981f3f0310
0c210881466ac30828a197b8893b1ea21f33784542b9159d457e16dcc6c9c0f6
0fa778efead619f143d361dad420f4ab4cd9f683dc2c52a60715985c3b3347e7
111f07ee0b2a7c259b59a4de353a4d862dc5d4c6b623ec875a0b8722fff600e7
124a4b89d27e635e5cf07e093a49e6a84f55f2bf679323f3cffac1619fb8e46c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
157682250a1fec82507250c865f33591364c0c08df05dd607fd7f2fba7d1bb32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a0dbcb0ab08e9733dca1afd11096a66e52af0ec2dc481c4a9b0923e5aa1ca38
1c968c90010ddaaa9de1653a2795746f0134a26bd416558d1080d5cb42f21fb8
1f81d880cf81c20720fe23fe635dbac0b4088ddd5dffedf3d0d6a7cb7ea6e409
259ddcf9b6b53cc2930a6ed4b4303f61e55ddcb4b476ec4c032f77e012dc2fa0
282b1607a57a6bef203e6016dc849f5162dd0ceae9d12296d476344afefffe41
288b11bba514b961dfead849f1bf5376581f0e6b0bf56797e90c6e8b409f454e
2ae9d325a0914e430dadc6bdd81af6fa985a2c238dd6bcb32704b874d2a99232
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30358bf10bc3867eb5d36b6bf7926a227ebc04c40e2721dae230b4a92ca3db8e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33443a6422def2e17417d1c0f5065b2c7699d4058610a759ab6ea6d423186979
39f3bd8ddf97088d2c78eb307fbe1c9442d58cf84e1e3b6f946784ee01c141a8
3d16aa8a4f0018441fe34826f5794616fa32c14cb89c6cd46baf4b6fdc7c6aa3
3d9f4d674e3ce8f17bd0a3ee37aeaa1693f208fd7e3a407ca0f6fd03a682fcac
3ed0b7fb73bed2cd4327b8755d6c3423db770ff341694760240c80625b412d15
3f2213c55a0abeb39a530f9a8bba7fda2d55d579e453887e6b883ded90c11ec1
40b29fa3a12d5552c2c97e58385dd8c17a4843c39799714b0d841622f6bbedd6
432135d2879d4e465fead6d240c5199db9a345e4afbc95c430fb0e0159207dff
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
45a78ae4f62e0b949026a3880697e35e11b838d5804814ea7086a32d3201a33b
4649adf2250eaa577d82169cb196f96c45ea5d78e54e684d1cbfddb72202e8b5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4900033ba306f754fc5fe897632c7a119d7df6d93537f9e53395a11957f03ea0
497e63a5579fcb89c02b41883243a33a50b3a21a21c9d30425d1ea925c7b5a5e
4a5ecc9938d55ea8cefea6f7e27a59290d98aa7d57e8d845a4704079c53c1ddb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5121d0698729a06052458d04cbdc5cba98811c2272f699f0b73c18cb6cf2a4be
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a44e856d54c70da11e47fef5c0538ade8a3339d254916cc8c17ec8e832b952
5bf5035edfa3644f1e654197f0067bb072e5fb9ccf3f728a20b3191c849a8df2
5e8f8658a79839bee68bc09fa15ce2c283ae2e6709a13e83d2fc1085f1194fba
5e9ad94c7e26e62b45f48269744adda812b0441950e4ccd5b5c3b8c573b103ad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
660253aea63e4315b84053260140fb0cd6ca9f59fe9e039ac5d38445e7e43143
66dfd53134d5f32c3f4b280c7e7c7aa4e64600ea3ed8d2e15d4ae3b5ac1e93af
693161e796920145be0e2531bda2cfb207f786ee9ba4691ef51d5a225f975a29
6ac19d2a9e5a5b724ea79be242dcb93d0bda59807fa9ae67c758da1ae1c77ad0
6ad75ab7fe8b62e7f1bc26943f0e917cfac6a401c90a9dc74851547fee06b4f6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c50ecf94fd4d9e84de189e78eb8ecfa9092de49c178d0d2c0768ff68221fcdd
6c6c8d6d25c0e20f83babd84d4ae4d47c41da3ea7b2fdc9dc8bdeac01f26986b
6c98e9e44629ce300832cebaa0fb6bcbb009fc6197eeaaa7965754ca5da92c7b
6e46c9ea33bf104ecb4016aa7050798cbf5a05f263e9233f6cbec6d2a1031b28
6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64
6fadcb157e1823c0c42256f0b27a0613163d1644d0d3d727545bed11d62a127c
70aef82d9018b05f27d1117ca69adb08d677316b6cf106ab780d368768a1c560
7673290475ab7f8f26b5c3698ca28ebc0eb20d5b5cb60f25b9fc501dd4acdf42
7aa83d6f71b639d2356b7967eeb4adcafa29e823d5185b2ec7f09fb7444a7294
7cd94880170f49a764551093732fb02f6b8cb088edd1dcc8297a3beb26edb577
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
8148a3c2684cd7dcc6d4fa3fa7d2d69ad3dca1bdc42a267a997dfdc4e1cb2a48
82fd9708081911e4116298b429f846f69f117bf6d11b328a81284b545a05b629
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dd92864f67778ac535beada858b646622eb575ac8aa7dbacb515fe52bcb8c9c
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9f0ec009e4540b54edcc5a9effb9e0568f6ead153cc256fd1105409fe60fa316
9fdf3277bcd2d9343c89c9d1e4fbce8acec51b121204b564d01c934bc82e8a35
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a27edec8da948c091c294c771c340d0ec6a287b013e1b117b97c66b4801cc14d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a983cea20471cb2eb75807eca4a126f527f22e8191e2592584a7e7b72a7fb00d
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ab32fc2c865d1767bf0f8570534750c9985aeb06fbbbfd732d89bceecc200a54
abeb8fc0556bbe03490f9ac5214b26b27305f16f2dff8a4074c58ca1b059d643
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b3285ef6e9b0591fad2325ef1e32dbd73b141cfb62eb8cfc6088e71609747773
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
c03801adac8544f55f3029416a051dae582343b18a1609b3f46f08d5a7470978
c0f4d79ee390e9b7e1c14728ca453ebb1d5675210875a87cd74c2b2df220dd19
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c67329daa9796667835497d6fb8be3da7b5f7f48db45bafe636706067e17668b
c7af02a86197fec7c14855785ade429d6a25d2f4a83cd293799dd3450c13abab
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
ca0031dfece53f5cdd9f80d939a534d726e2779ebb393536908679eb68033ff4
cbea06c0ec76e9e4d7d1e10816b160551cdd133e93cf4d9d9f6fdd12670cdae2
cd2056d3c5a5f9a087647154dc26dbed362a61b733a6cbc8d9e5330b4f4d4284
cdacef4ed8fb925195c9109528574b8514efbf32d935a05023e40bdb384661f4
cf64b0ee8863e8bb25abefbaf6ae8d7c31f30086fbe11525fea2ac465c388988
d129fec4a2ac1ed561470e4da91be910ae593d5d0b85c26afa3f1d62ae1ca2fd
d13bf5ebdf1a0dce06bbdaa65104729688996aa18031039950fd66e209f7d0e0
d35c6a69b2789a0c5d331ad6d641cfd01b67e8bf66b7b5155442cd3e89302f27
d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4
d4b47771b42936b8d1fa4da60b4776137b30c02a87dc2ce3dd6554a2e549f36b
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1
de1346a42d1d61f1b1bb581cc38a9a6662570b67fbca3b9d4dd3b36e446b6a32
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34c85cb1f1bd48e1aaa651181d998165209dd5e61bf869fceec11598b627f02
e3979f179c73b9f17e21ce8fa05b5c8173c154161eacf3b7e8efd26c5ce64770
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b86591b160bb0fa78e6b501b05bf34e0adb2526fe4e3aebd947c26ca1171e5
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb16d74261529a41fd94f29c9306e27eb3a7506eb5b4b2de994a16a541ff7df8
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
f4c6053f69e0dc7f91dd8256e138e90c2c5f9b8f3a98b53f49d959b7f285af56
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f67e4f110b9daeb25e0698504f69d6316986eeac966fdbf4f43e93e977637da8
f7fbe9d4809b2a32c25ea493702105497a626c3ba3363d54260522cf88cfc877
fbd6bac37b375f53b9909afbbf6a14382c4074b1e8887f22c3ac41f2b5f0bd11

sinoptik.ua Open in urlscan Pro 212.42.76.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

98 %HTTPS

69 %IPv6

24 Domains

41 Subdomains

35 IPs

7 Countries

2232 kBTransfer

5403 kBSize

22 Cookies

1 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sinoptik.ua Open in urlscan Pro
212.42.76.150 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

98 %
HTTPS

69 %
IPv6

24
Domains

41
Subdomains

35
IPs

7
Countries

2232 kB
Transfer

5403 kB
Size

22
Cookies

163 HTTP transactions
6 data transactions