www.obozrevatel.ltd Open in urlscan Pro
2606:4700:3036::6815:4383 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mt-secure-bnk.com/oboz7429543
Effective URL:
https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Submission: On December 12 via api (December 12th 2023, 8:50:58 am UTC) from US — Scanned from DE

Summary HTTP 223 Redirects Links 104 Behaviour Indicators

Summary

This website contacted 59 IPs in 9 countries across 49 domains to perform 223 HTTP transactions. The main IP is 2606:4700:3036::6815:4383, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.obozrevatel.ltd.
TLS certificate: Issued by E1 on November 5th 2023. Valid for: 3 months.

This is the only time www.obozrevatel.ltd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	206.71.148.217 206.71.148.217	399629 (BLNWX) (BLNWX)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:b494	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
67	2606:4700:303... 2606:4700:3036::6815:4383	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:21:... 2606:4700:21::681b:cb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6813:9822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.182.214.99 52.182.214.99	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f27... 2a03:2880:f277:c0:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f27... 2a03:2880:f277:1e8:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1 1	184.86.251.147 184.86.251.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.32.238.184 23.32.238.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 ^_^) (CDN77 ^_^)
1	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.78.238.50 3.78.238.50	16509 (AMAZON-02) (AMAZON-02)
2	3.15.36.75 3.15.36.75	16509 (AMAZON-02) (AMAZON-02)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
1	146.59.110.145 146.59.110.145	16276 (OVH) (OVH)
3 3	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	54.216.8.15 54.216.8.15	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	() ()
5 6	172.217.18.2 172.217.18.2	() ()
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	167.235.184.171 167.235.184.171	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2607:4f00:944... 2607:4f00:944:0:3eec:efff:fed0:86a2	55081 (24SHELLS) (24SHELLS)
2 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.126.178.223 3.126.178.223	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	159.69.174.227 159.69.174.227	24940 (HETZNER-AS) (HETZNER-AS)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:813::2002	() ()
4	2a00:1450:400... 2a00:1450:4001:82f::2001	() ()
12	2a00:1450:400... 2a00:1450:4001:81c::2001	() ()
1	2a00:1450:400... 2a00:1450:4001:813::2004	() ()
4	2a00:1450:400... 2a00:1450:4001:801::2002	() ()
2	2a00:1450:400... 2a00:1450:4001:803::2002	() ()
4	2606:4700:1::... 2606:4700:1::6813:834c	() ()
2	2a02:2638:3::3 2a02:2638:3::3	() ()
12	2a00:1450:400... 2a00:1450:4001:802::2006	() ()
1	142.250.185.66 142.250.185.66	() ()
1 2	3.77.143.145 3.77.143.145	() ()
1 3	2a02:2638:3::c 2a02:2638:3::c	() ()
223	59

1 206.71.148.217 (London, United Kingdom)

ASN399629 (BLNWX, US)

mt-secure-bnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:b494 (United States)

ASN13335 (CLOUDFLARENET, US)

ggspace.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 2606:4700:3036::6815:4383 (United States)

ASN13335 (CLOUDFLARENET, US)

www.obozrevatel.ltd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::681b:cb59 (United States)

ASN13335 (CLOUDFLARENET, US)

ndc1.obozrevatel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.obozrevatel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:9822 (United States)

ASN13335 (CLOUDFLARENET, US)

autocounter.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jsc.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.182.214.99 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

g.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f277:c0:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f277:1e8:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.147 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-147.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.238.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-184.deploy.static.akamaitechnologies.com

lf16-tiktok-web.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn-b.notsy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

error.c.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.78.238.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-238-50.eu-central-1.compute.amazonaws.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.15.36.75 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-36-75.us-east-2.compute.amazonaws.com

kinesis.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.38.197.123 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.110.145 (France)

ASN16276 (OVH, FR)
PTR: ns3225527.ip-146-59-110.eu

server.smartytech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.213 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.8.15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-8-15.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (None, ) 1 redirects

ASN- ()

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.2 (None, ) 5 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:4f00:944:0:3eec:efff:fed0:86a2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.178.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-178-223.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.174.227 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.227.174.69.159.clients.your-server.de

prebid.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (None, )

ASN- ()

bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:1::6813:834c (None, )

ASN- ()

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.77.143.145 (None, ) 1 redirects

ASN- ()

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	obozrevatel.ltd www.obozrevatel.ltd	731 KB
26	googlesyndication.com pagead2.googlesyndication.com bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com tpc.googlesyndication.com	181 KB
19	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	240 KB
12	2mdn.net s0.2mdn.net	133 KB
9	idealmedia.io autocounter.idealmedia.io — Cisco Umbrella Rank: 89722 jsc.idealmedia.io — Cisco Umbrella Rank: 77643 c.idealmedia.io — Cisco Umbrella Rank: 70376 servicer.idealmedia.io — Cisco Umbrella Rank: 76415 s-img.idealmedia.io — Cisco Umbrella Rank: 72366	198 KB
7	gstatic.com fonts.gstatic.com	111 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 g.clarity.ms — Cisco Umbrella Rank: 49609 c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
5	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 dsum-sec.casalemedia.com	2 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	71 KB
4	mgid.com jsc.mgid.com c.mgid.com Failed	196 KB
4	googletagservices.com www.googletagservices.com	257 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 776 gum.criteo.com mug.criteo.com	8 KB
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2916	1 KB
3	adpartner.pro 2 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 10154	951 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com	1 KB
3	notsy.io cdn-b.notsy.io — Cisco Umbrella Rank: 159731	279 KB
3	ttwstatic.com lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 18038	24 KB
3	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 29531 id.gravitec.net — Cisco Umbrella Rank: 157557	22 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	247 KB
2	adtriba.com 1 redirects d.adtriba.com	757 B
2	criteo.net static.criteo.net	58 KB
2	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2137	5 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 805	167 B
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	889 B
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 29184	2 KB
2	amazonaws.com kinesis.us-east-2.amazonaws.com — Cisco Umbrella Rank: 22929	546 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 51256 api.gravitec.media — Cisco Umbrella Rank: 40114	2 KB
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 9913 www.instagram.com — Cisco Umbrella Rank: 1868	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	obozrevatel.com ndc1.obozrevatel.com — Cisco Umbrella Rank: 602077 www.obozrevatel.com — Cisco Umbrella Rank: 502968
1	redtram.com prebid.redtram.com — Cisco Umbrella Rank: 484099	1 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 650	406 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 592	594 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504	116 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7367	182 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 4825	2 KB
1	adform.net adx.adform.net — Cisco Umbrella Rank: 4544	535 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799	220 B
1	smartytech.io server.smartytech.io — Cisco Umbrella Rank: 53163	339 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	cdn77.org error.c.cdn77.org — Cisco Umbrella Rank: 209905	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	tiktok.com 1 redirects www.tiktok.com — Cisco Umbrella Rank: 4357	625 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	764 B
1	ggspace.space ggspace.space	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1002 B
1	mt-secure-bnk.com mt-secure-bnk.com	3 KB
223	49

	Domain	Requested by
67	www.obozrevatel.ltd	www.obozrevatel.ltd
12	s0.2mdn.net	mt-secure-bnk.com s0.2mdn.net bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com mt-secure-bnk.com bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com mt-secure-bnk.com pagead2.googlesyndication.com googleads.g.doubleclick.net
9	securepubads.g.doubleclick.net	www.obozrevatel.ltd securepubads.g.doubleclick.net mt-secure-bnk.com www.googletagservices.com bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com www.obozrevatel.ltd
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	jsc.mgid.com	bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com jsc.mgid.com
4	www.googletagservices.com	securepubads.g.doubleclick.net mt-secure-bnk.com bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
4	bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	jsc.idealmedia.io	www.obozrevatel.ltd jsc.idealmedia.io
3	ib.adnxs.com	1 redirects cdn-b.notsy.io googleads.g.doubleclick.net
3	pixel.onaudience.com	3 redirects
3	a4p.adpartner.pro	2 redirects cdn-b.notsy.io
3	c.amazon-adsystem.com	cdn-b.notsy.io c.amazon-adsystem.com
3	cdn-b.notsy.io	www.obozrevatel.ltd cdn-b.notsy.io
3	lf16-tiktok-web.ttwstatic.com	www.tiktok.com
3	www.googletagmanager.com	www.obozrevatel.ltd www.googletagmanager.com
2	gum.criteo.com	1 redirects static.criteo.net
2	d.adtriba.com	1 redirects bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
2	static.criteo.net	cdn-b.notsy.io static.criteo.net
2	googleads.g.doubleclick.net	mt-secure-bnk.com pagead2.googlesyndication.com
2	inv-nets.admixer.net	cdn-b.notsy.io
2	targeting.unrulymedia.com	cdn-b.notsy.io
2	loada.exelator.com	2 redirects
2	kinesis.us-east-2.amazonaws.com	cdn-b.notsy.io
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.gravitec.net	www.obozrevatel.ltd cdn.gravitec.net
2	connect.facebook.net	www.obozrevatel.ltd connect.facebook.net
2	c.clarity.ms	1 redirects
2	g.clarity.ms	www.clarity.ms
2	www.clarity.ms	www.obozrevatel.ltd www.clarity.ms
2	autocounter.idealmedia.io	www.obozrevatel.ltd
1	mug.criteo.com
1	googleads4.g.doubleclick.net	mt-secure-bnk.com
1	www.google.com	tpc.googlesyndication.com
1	s-img.idealmedia.io
1	servicer.idealmedia.io	jsc.idealmedia.io
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	c.idealmedia.io
1	prebid.redtram.com	cdn-b.notsy.io
1	ap.lijit.com	cdn-b.notsy.io
1	tlx.3lift.com	cdn-b.notsy.io
1	hbopenbid.pubmatic.com	cdn-b.notsy.io
1	prebid-eu.creativecdn.com	cdn-b.notsy.io
1	htlb.casalemedia.com	cdn-b.notsy.io
1	ghb.adtelligent.com	cdn-b.notsy.io
1	bidder.criteo.com	cdn-b.notsy.io
1	adx.adform.net	cdn-b.notsy.io
1	mwzeom.zeotap.com
1	spl.zeotap.com	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	server.smartytech.io
1	cdn.jsdelivr.net	cdn-b.notsy.io
1	api.gravitec.media	cdn.gravitec.media
1	www.facebook.com
1	error.c.cdn77.org	id.gravitec.net
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cdn.gravitec.media	cdn.gravitec.net
1	id.gravitec.net	cdn.gravitec.net
1	www.tiktok.com	1 redirects
1	www.instagram.com
1	platform.instagram.com	1 redirects
1	www.obozrevatel.com
1	c.bing.com	1 redirects
1	ndc1.obozrevatel.com	www.obozrevatel.ltd
1	ggspace.space	mt-secure-bnk.com
1	fonts.googleapis.com	mt-secure-bnk.com
1	mt-secure-bnk.com
0	c.mgid.com Failed
223	73

This site contains links to these domains. Also see Links.

Domain
www.obozrevatel.com
t.me
www.instagram.com
invite.viber.com
www.youtube.com
twitter.com
www.facebook.com
telegram.me
bit.ly
news.obozrevatel.com
war.obozrevatel.com
soc.obozrevatel.com
apps.apple.com
play.google.com
galaxy.store
incident.obozrevatel.com
shkola.obozrevatel.com
food.obozrevatel.com
health.oboz.ua
healthnews.obozrevatel.com
med.oboz.ua
covid.obozrevatel.com

Subject Issuer	Validity	Valid
mt-secure-bnk.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ggspace.space E1	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
obozrevatel.ltd E1	`2023-11-05` - `2024-02-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-05`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G4	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.gravitec.media R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
cdn-b.notsy.io R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.cdn77.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
api.gravitec.media R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
kinesis.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.ttwstatic.com RapidSSL ECC CA 2018	`2023-11-15` - `2024-12-15`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2023-12-08` - `2024-12-07`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-11-28` - `2024-02-26`	3 months	crt.sh
adpartner.pro R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.redtram.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-14`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Frame ID: 8C397428354987C363CDCAED1DA4C30E
Requests: 152 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 580D6104449A9C88BC6BEB56C96EAAD0
Requests: 2 HTTP requests in this frame

Frame: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78BBB8BB0A87D7881B98A02391954ED5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FEE35E9059A4498C4A69E3B41D2C0AC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 271CFACF5D80F431F624C6DF4DB52482
Requests: 2 HTTP requests in this frame

Frame: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B7DC520ADAC143E15CF52864A5FBF95
Requests: 1 HTTP requests in this frame

Frame: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE795E0EDDE9812F71B24396C128EAB7
Requests: 11 HTTP requests in this frame

Frame: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E83FAC2080A315911B3729FB5484128C
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH4k1miszB5HPPR1GLCnMyzCM3yo8Mix0Y3mKQMTfe3yGD9_KeWYRS-wafQn2fFeuUZQm202YUmM4tTY_h5jEcXTdgiXx0ysSWzZoNdD954p0nWtXUz3n0DVvLp7ynGxPkNgO1M4PyKiuQBW_Avit3yqCD9OLMVAFn3hV5m5f10JzN54QP_AE4X_upUdpll0lKZLrOHfd_KHaTsFh9Gt7YLFU94GjN4ulY1m7a08wGsqPzQThs2KC13-iJpZwqwk8gPlLk-qWzuT2TxG0j7Xb2ffmAvW5r4Selt5IpWkogIH29Wd4RpjRQfq5jMOslHIPfMkfL7eMxiaSZCf5hO4L_euQ19G8qC0LnLA8lnEnS_Kyv1nMp9g&sai=AMfl-YTd4gBZckJCYK-AkfgTvWekGTbBZlm0vDInO7XS88imk2Zvp6nscLgItLvagnUTA0uuypo341p-Q-XWsXTxRNVN40En-tD_RJ_tO1OIwXJJbv7bnL57tN7mY_c6wesWTt0PQXR7mtbdR4er1eZrWVqP&sig=Cg0ArKJSzLjUXDo9Xqp0EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 89669B7C193FE6FA7DA2A8E5B9EB6DC5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNXfqg7UkldeCMa9qZpsZhECzQliRHTdfVwZ07YeVSv_8T2XS-RE0dKZGBf6W-c9aT7QKUOReRz1e5jbfC8Qhdq8fD8cNdXHvAD9OacV3cE5P5vgvkPckUmHCYiomms2wWcizPRTD0FNFZYO0wcVqy_rLJdkoAzCjA3cnyMY3KYtAXc8X18
Frame ID: B0A9AED8F1163E16172AF0ADC4874120
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FEA78B08653F2A30AF799295DA96D7A6
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 043359658C024588696A9E4EE9324270
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
Frame ID: B8022BE8067F7AE91521097B309A94B8
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.obozrevatel.ltd
Frame ID: 4579610F90CA9AE727DD10CE6121D7BF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Один на один із ворогом

Page URL History Show full URLs

https://mt-secure-bnk.com/oboz7429543 Page URL
https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

223
Requests

89 %
HTTPS

53 %
IPv6

49
Domains

73
Subdomains

59
IPs

9
Countries

2917 kB
Transfer

8231 kB
Size

28
Cookies

104 Outgoing links

These are links going to different origins than the main page.

URL: https://www.obozrevatel.com/ukr/main-item/10-03-2023.htm

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/

Search URL Search Domain Scan URL

URL: https://t.me/uaobozrevatel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/obozrevatel.ua

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQA7vCW3MX33iE9EYhmE3GhB43vyI%2B%2BnsqzemGPFrFGfl8TEL3d6MiPUriT1T%2FJF

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/obozrevatelcom

Search URL Search Domain Scan URL

URL: https://twitter.com/obozrevatel_ua

Search URL Search Domain Scan URL

URL: https://www.facebook.com/obozrevatel

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/topic/vojna-v-ukraine-2022/
Title: Війна в Україні

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/topic/voennaya-pomosch-ukraine/
Title: Військова допомога Україні

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/topic/osvobozhdenie-ukrainyi/
Title: Контрнаступ ЗСУ

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/volodimir-zelenskij.htm
Title: Заяви Зеленського

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/marina-pogorilko.htm

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/politics-news/
Title: Новини політики

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Title: 0

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/send?display=popup&link=https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php&redirect_uri=https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php&text=%D0%9E%D0%B4%D0%B8%D0%BD%20%D0%BD%D0%B0%20%D0%BE%D0%B4%D0%B8%D0%BD%20%D1%96%D0%B7%20%D0%B2%D0%BE%D1%80%D0%BE%D0%B3%D0%BE%D0%BC

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Search URL Search Domain Scan URL

URL: https://bit.ly/31vCGQG

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/location/ukraina/
Title: Україна

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/location/ukraina/kiev/
Title: Київ

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/sanna-marin.htm
Title: Санна Марін

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/editorial.htm
Title: Редакційна політика

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/important.htm
Title: Важливе

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/economics/communalka/borgi-ukraintsiv-za-komunalku-vedut-do-zrostannya-tarifiv-ekspert-poyasniv-zvyazok.htm
Title: Борги українців за комуналку ведуть до зростання тарифів: експерт пояснив зв'язок

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/society/ukraintsi-obrali-novu-nazvu-dlya-pivdenno-zahidnoi-zaliznitsi-na-cherzi-pivdenna-fedorov-rozpoviv-pro-golosuvannya.htm

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/economics/desyatki-tisyach-shtrafu-pozbavlennya-prav-i-konfiskatsiya-avto-yak-karayut-ukraintsiv-za-vodinnya-na-pidpitku.htm

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/top-publications.htm
Title: TOP NEWS

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/society/u-kievi-proveli-v-ostannyu-put-legendarnogo-komandira-da-vinchi-yakij-zaginuv-v-boyu-pid-bahmutom-foto.htm
Title: У Києві почалося прощання з легендарним командиром "Да Вінчі", який загинув у бою під Бахмутом. Фото

Search URL Search Domain Scan URL

URL: https://war.obozrevatel.com/ukr/zsu-vlashtuvali-okupantam-potuzhnu-bavovnu-na-hersonschini-znischeno-7-chovniv-iz-vorozhimi-diversantami.htm
Title: ЗСУ влаштували окупантам потужну "бавовну" на Херсонщині: знищено 7 човнів із ворожими диверсантами

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/politics-news/belgiya-viznala-golodomor-1932-1933-rokiv-genotsidom-ukrainskogo-narodu-zelenskij-nazvav-golosuvannya-istorichnim.htm
Title: Бельгія визнала Голодомор 1932-1933 років геноцидом українського народу: Зеленський назвав голосування історичним

Search URL Search Domain Scan URL

URL: https://soc.obozrevatel.com/ukr/
Title: Життя

Search URL Search Domain Scan URL

URL: https://soc.obozrevatel.com/ukr/teplo-do-15-ale-z-doschami-sinoptiki-dali-detalnij-prognoz-dlya-ukraini-na-vihidni-mapa.htm
Title: Тепло до +15, але з дощами: синоптики дали детальний прогноз для України на вихідні. Мапа

Search URL Search Domain Scan URL

URL: https://soc.obozrevatel.com/ukr/astrologiya/pluton-povnistyu-zminit-svit-protyagom-nastupnih-20-rokiv-scho-chekae-na-kozhen-znak-zodiaku.htm
Title: Плутон повністю змінить світ протягом наступних 20 років: що чекає на кожен знак зодіаку

Search URL Search Domain Scan URL

URL: https://soc.obozrevatel.com/ukr/koli-v-ukraini-perevodyat-godinniki-na-litnij-chas-u-2023-rotsi-data.htm
Title: Коли в Україні переводять годинники на літній час у 2023 році: дата

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/blogs/
Title: Думки

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/2371.htm

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/politics-news/es-ta-ssha-perehodyat-na-novij-riven-dopomogi-zsu-mayut-peremogti-putinu-tsogo-roku.htm
Title: ЄС та США переходять на новий рівень допомоги: ЗСУ мають перемогти Путіну цього року

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/valerij-pekar.htm

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/society/vigrati-vijnu-prograti-mir-inertsijnij-stsenarij.htm
Title: Виграти війну, програти мир: інерційний сценарій

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/aleksandr-levchenko.htm

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/society/kinets-krivavogo-diktatora-kumira-putina.htm
Title: Кінець кривавого диктатора – кумира Путіна

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/natalya-yusupova.htm

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/society/robit-schos-potrebi-z-frontu-siplyutsya-schodnya.htm
Title: Робіть щось! Потреби з фронту сиплються щодня

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/pavel-klimkin.htm

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/politics-news/kitaj-virishiv-pidnyati-stavki-i-zastovbiti-za-soboyu-rosiyu.htm
Title: Китай вирішив підняти ставки і "застовбити" за собою Росію

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/sergej-borschevskij.htm

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/society/skilki-sche-obstriliv-zhertv-ta-rujnuvan-potribno-schob-vidmovitisya-vid-rosijskoi-movi.htm
Title: Скільки ще обстрілів, жертв та руйнувань потрібно, щоб відмовитися від російської мови?

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/zloj-odessit.htm

Search URL Search Domain Scan URL

URL: https://war.obozrevatel.com/ukr/novij-raketnij-udar-po-ukraini-bagato-hto-z-nas-pereotsinyue-okupantiv.htm
Title: Новий ракетний удар по Україні: багато хто з нас переоцінює окупантів

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/person/dmitrij-chernyishev.htm

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/society/navischo-rosiyani-opublikuvali-video-rozstrilu-ukrainskogo-voina.htm
Title: Навіщо росіяни опублікували відео розстрілу українського воїна

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/story/about-company-ua/
Title: Про компанію

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/story/obozrevatel-team-ua/
Title: Команда

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/copyright.htm
Title: Правова інформація

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/privacypolicy.htm
Title: Політика конфіденційності

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/adv.htm
Title: Реклама на сайті

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/documents.htm
Title: Документи

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/obozrevatel/id431582577?l=ru

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/developer?id=SellBe,+LLC

Search URL Search Domain Scan URL

URL: https://galaxy.store/oboznews

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/abroad/
Title: Світ

Search URL Search Domain Scan URL

URL: https://incident.obozrevatel.com/ukr/
Title: Розслідування

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/society/
Title: Суспільство

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/
Title: Всі новини

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/kiyany/
Title: Київ

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/location/ukraina/harkov/
Title: Харків

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/zp/
Title: Запоріжжя

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/dnipro/
Title: Дніпро

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/cherkasy/
Title: Черкаси

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/sport/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/sport/football/
Title: Футбол

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/sport/basketball/
Title: Баскетбол

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/sport/hockey/
Title: Хокей

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/sport/box/
Title: Бокс

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/sport/formula1/
Title: Формула-1

Search URL Search Domain Scan URL

URL: https://shkola.obozrevatel.com/ukr/
Title: Моя школа

Search URL Search Domain Scan URL

URL: https://shkola.obozrevatel.com/ukr/gdz/
Title: ГДЗ

Search URL Search Domain Scan URL

URL: https://shkola.obozrevatel.com/ukr/books/
Title: Підручники

Search URL Search Domain Scan URL

URL: https://shkola.obozrevatel.com/ukr/online-lessons/
Title: Онлайн уроки

Search URL Search Domain Scan URL

URL: https://shkola.obozrevatel.com/ukr/dpa/
Title: ДПА

Search URL Search Domain Scan URL

URL: https://shkola.obozrevatel.com/ukr/zno/11klass/
Title: ЗНО

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/auto/
Title: Авто

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/auto/test-drajv/
Title: Тест Драйв

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/auto/elektromobili/
Title: Електромобілі

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/auto/aktsii/
Title: Акції

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/auto/servis/
Title: Сервіс

Search URL Search Domain Scan URL

URL: https://food.obozrevatel.com/ukr/
Title: Food Oboz

Search URL Search Domain Scan URL

URL: https://food.obozrevatel.com/ukr/napitki/
Title: Напої

Search URL Search Domain Scan URL

URL: https://food.obozrevatel.com/ukr/news/
Title: Новини Кулінарії

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/economics/
Title: Економіка

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/economics/economy/
Title: Ринки та компанії

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/economics/analytics-and-forecasts/
Title: Макроекономіка

Search URL Search Domain Scan URL

URL: https://health.oboz.ua/ukr/
Title: MedOboz

Search URL Search Domain Scan URL

URL: https://healthnews.obozrevatel.com/ukr/
Title: Новини медицини

Search URL Search Domain Scan URL

URL: https://med.oboz.ua/ukr/mamaclub/
Title: MAMACLUB

Search URL Search Domain Scan URL

URL: https://covid.obozrevatel.com/ukr/
Title: Covid

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/show/
Title: Шоу

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/show/afisha/
Title: Афіша

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/show/gossip/
Title: Плітки

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/lady/beauty/
Title: Краса

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/lady/fashion/
Title: Мода

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/lady/
Title: Жіночий журнал

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/ukr/out/rss/lastnews.xml

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mt-secure-bnk.com/oboz7429543 Page URL
https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=94EC8147F934477BA6232E1183F663C6&RedC=c.clarity.ms&MXFR=0DDA30ADA8B4677D39C72348ACB46922 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=94EC8147F934477BA6232E1183F663C6&MUID=2EB6D55173136DB13399C6B472BF6C11

Request Chain 90

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

Request Chain 91

https://www.tiktok.com/embed.js HTTP 302
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

Request Chain 121

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D HTTP 302
https://server.smartytech.io/icm.gif?uid=f39158c0-5a4e-473c-b8e6-b4f9e37b74df

Request Chain 122

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=283&mapped=981eac5e-99ee-488d-925f-cce5ace7d1e4&gdpr=0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=db11b9f5284730049d4738ab0106d1bf&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5a1761d7679b0898/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=5a1761d7679b0898 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96aef98e-df1c-4fec-776f-7c018f56cb94&reqId=7ac99990-20fd-48da-6dca-20504d6a42fa&zcluid=5a1761d7679b0898&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96aef98e-df1c-4fec-776f-7c018f56cb94&reqId=7ac99990-20fd-48da-6dca-20504d6a42fa&zcluid=5a1761d7679b0898&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEM07ANwxr8dQ3w_wFr6hk1E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96aef98e-df1c-4fec-776f-7c018f56cb94&reqId=7ac99990-20fd-48da-6dca-20504d6a42fa&zcluid=5a1761d7679b0898&zdid=1332

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDMen9EQLMIH4FG3kFsUvtE&google_cver=1

Request Chain 187

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXge8S9xpryTDtT89BizHgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDMen9EQLMIH4FG3kFsUvtE&google_cver=1

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEInrQgzZB9ujWxnx2DANi7w&google_cver=1

Request Chain 189

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwMTE2MzcxMzU4NjQ4MjE3Nw%3D%3D

Request Chain 203

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_ukraine_dv_pros_378014208&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 216

https://gum.criteo.com/sid/json?origin=publishertag&domain=obozrevatel.ltd&sn=ChromeSyncframe&so=0&topUrl=www.obozrevatel.ltd&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=93i6c3w3czRMcWNyTGJwZXVncWpiMmdFZ2p2ZFBkZnA0MEdEclpiNjJCVFhxbmk4RGpXbXFWVGd5WnpvdjFvNG40ajdoT3FpVThNZDZXb3BsaStacmR1a1RLSld2OTlqd0h2RXZhMnNqUnQxYmt3dDRmN0RVTGFyem03WlJvVmU5MEdaVDR0T25VbHRsWllhWXdBWUtDWEVFcDRQSUl2V1RWdU1WNVN5Z2cvOTBHcGp2RlVvcklUR3doaTNDMjcxM1Bsb21KbFJIb2Y4R0ozclU0VHhIZEtlQjlsWm1WV2h4UWJGaS93bTY1c1hSTE1rV3prWGtSZXlqTG1qYnBybFg5UU10elZtUE5STjh6ZkxWWFlVVXdkVjFTcVdURWlVS2l2eXVLRWVnY3ZUVXpMTT18&cppv=2

223 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK oboz7429543 Show response
mt-secure-bnk.com/ 6 KB
3 KB 526ms
463ms Document
text/html 206.71.148.217
BLNWX

General

Check archive.org

Show headers Download Go to

Full URL: https://mt-secure-bnk.com/oboz7429543
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 206.71.148.217 London, United Kingdom, ASN399629 (BLNWX, US),
Reverse DNS
Software: nginx/1.22.1 / Express
Resource Hash: 3ba8de04462ba10b0baaf37774c803309d0d12ab0c8af792f6792471d5b438d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
CF-Cache-Status: DYNAMIC
CF-RAY: 8344b8e58e2b66b1-AMS
Connection: keep-alive
Content-Encoding: gzip
Date: Tue, 12 Dec 2023 08:50:52 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyWXcdzf%2BeQ1zBu7z630LGfUcm%2BcQWh3JqKd07HGXzvl6SUACb4a9EDxQxC%2FooFryH2xd62bv5OIZC3RLs4OXOx494ouIZxzIEiOKJIBMfB1Lys7v30F12CTFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: nginx/1.22.1
Transfer-Encoding: chunked
Vary: Origin
X-Powered-By: Express

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1002 B 50ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mt-secure-bnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 08:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 08:15:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 08:50:52 GMT

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2482e50d0fa14ae0a34e6eb00cfaf4ca6ba4d5d7ab0b3ab7095cc998970e6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 UA-22-11_obozrevatel
ggspace.space/ 4 KB
2 KB 147ms
109ms Script
application/javascript 2606:4700:3030::ac43:b494
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ggspace.space/UA-22-11_obozrevatel?return=js.client&&se_referrer=&default_keyword=have%20begun%20to&landing_url=mt-secure-bnk.com%2Foboz7429543&name=_Xm2dMV9WGdxT6NZk&host=https%3A%2F%2Fggspace.space%2FUA-22-11_obozrevatel
Requested by: Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b494 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mt-secure-bnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz%2B3BThfzy9IyQmrzkzJ6fen1HaZIwUJMLsUpV9%2BCTtzpFTOp2bo9awZ2hguj010FR%2BpDzeavLBbLguCRwy2%2BqBWw17Ieh8d7CjlEh9KPAe8il50sVCEGuzscMH9znwM491EE9uAHKOmTSsu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8344b8e8eba2995c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 08:50:53 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mt-secure-bnk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:34:04 GMT
x-content-type-options: nosniff
age: 55008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:34:04 GMT

GET
H2 200 Primary Request odin-na-odin-s-vragom.php Show response
www.obozrevatel.ltd/ukr/politics-news/ 77 KB
18 KB 1208ms
1144ms Document
text/html 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 4d1d9cf4e64f598f8c0eb5f7231a0d435a61166fd1fae51082ea55251c03a6e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8344b8ea0d5291de-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 08:50:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa0xhFJxLmryPjEdspZG0wvVFCuTtSxvxI3ixfvDjj84JxVFDxVkT%2BZYCE1xAuDS2%2FVv8LtfyWcX4cI4GUK6KilphYKu0EU4gwKwJl1JdzqCJjIlWEH3cZyCeQTx8M7mdhjRS5JX4DWghBRP%2By9mAKmT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.4.16

GET
H2 200 KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
fonts.gstatic.com/s/roboto/v20/ 10 KB
10 KB 17ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f9da7ccb1139e96cbaf31336d24812cb9a47e9beda60491c18ff75110af4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:30 GMT
x-content-type-options: nosniff
age: 24
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10544
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:50:30 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v20/ 17 KB
17 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401e6c25801ba2d59795d05a6dd973f95566b41070d3939ba9307d65860ae50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:52:16 GMT
x-content-type-options: nosniff
age: 259118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17324
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:19:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 08:52:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v20/ 10 KB
10 KB 14ms
11ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:07:23 GMT
x-content-type-options: nosniff
age: 279811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9900
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 03:07:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:27:06 GMT
x-content-type-options: nosniff
age: 379428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15736
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:27:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v20/ 10 KB
10 KB 19ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b12b566a4b982d1d9ebdd2f94dbffc73ff39c9f6df112b8752191418538d01e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:01:56 GMT
x-content-type-options: nosniff
age: 31738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9760
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 00:01:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 18ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:51:33 GMT
x-content-type-options: nosniff
age: 68361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15816
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 13:51:33 GMT

GET
H3 200 1651.jpg
www.obozrevatel.ltd/img/ 77 KB
78 KB 1124ms
1123ms Image
image/jpeg 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/img/1651.jpg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f6b525430c581a1396fc5ed2263997449b103feafc0455bf9a477d89d1baec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2023 21:06:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655d1bf0-1350f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGDXTGhOKoiRU5QcRxuw9Wst9MN2s8V%2FVK2EM1GPcjw2lxFaSVmBLspX2H2nQy%2BQMlJf87BLufSpq%2F7JFgnZVlqKjodVXdNmoip87tCeQzagANEGwkcYdzdPzyXcuR2kG%2BDGUSumr%2BBP%2BjmwM6Xe9OHK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f60bea3614-FRA
alt-svc: h3=":443"; ma=86400
content-length: 79119
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index-1676391555845.min.css
www.obozrevatel.ltd/news/commons/ 305 KB
41 KB 983ms
981ms Stylesheet
text/css 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.css
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29612f52f04b9eb5637b57fcb7e73a39197898a3a7b9b74ffd797d34f1e1960c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 27 Jun 2023 13:50:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649ae93e-4c4bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtF7BEmIQ4D6AtGv0yAeQ5oFTHqbAAYdt9AGbgsHXbAgKus5u6M3Uu4OfO3ZfxH3%2BqDV2%2BhTRQ%2BbYimEg93soC4tXuFNM1c4jkIrVWQWh5JBRUCZK0K7FLp7o43CVX3BXtFqwmkbaKsqSFbB%2FdnKMPQK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 8344b8f13d0791de-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index-1676391555845.min.js Show response
www.obozrevatel.ltd/core/libs/lazy-loader-image/ 4 KB
2 KB 762ms
760ms Script
application/javascript 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.obozrevatel.ltd/core/libs/lazy-loader-image/index-1676391555845.min.js
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0644a93de568dd64109355d26e65e8e9af02c4938d8aa173ea9f81c4bb3a616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 27 Jun 2023 13:49:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649ae8d4-11cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FZPbijXDYHzeShhu2K%2FXc64R5OAX8a7%2B8HL4zJYUgWFxTPtQgQZUtERnSWJ72oEeN7MWHznQVCdyXDVySBi%2FeANLe3BZlZ72RpWCnh%2FrqoROLgCRUl1dswTiTXCSXAbQGg1Ml3d1nb3fAa%2BXGAHBHXL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8344b8f13d0b91de-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 403 pixel.png
ndc1.obozrevatel.com/ 0
0 56ms
18ms Image
text/html 2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndc1.obozrevatel.com/pixel.png?1678446935695
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 close-rounded-bold-grey-dark.svg
www.obozrevatel.ltd/core/img/icons/common/ 692 B
662 B 778ms
776ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/close-rounded-bold-grey-dark.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067bf565b91f22dd6b73bc87080c2abcc265a0edd7fd680576809ec61cc637f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 27 Jun 2023 11:52:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649acd96-2b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSPUyggZ8RczDrU03Lq%2FD5vHpVFRJnTrI%2BGD%2BWBPwgPSpy8nNXGkA7257PZtaghgGZvPodLUJ8bW5qoGvqljR8P4HNkvB3MzJ4ef1iF6n%2Bmu8rNmwUh9XnRyZZ9HLPP12DZFkZS6sqLDo9IVIng9PcEg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f13d0e91de-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 menu-rounded-grey-dark.svg
www.obozrevatel.ltd/core/img/icons/common/ 562 B
828 B 15ms
15ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/menu-rounded-grey-dark.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ebfe437cbf3a1402e65e1873e74b40811798ee198115ca18eb650d99247a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 616783
etag: W/"649acdae-232"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TT4dghFF93rUGctwzAVV6egcWuewFuBqmk2s50JkiDpwNsrOhvibFpebLHuMmwZDm%2FwDqox%2FKoSVlwJBkgAFRooOfrlIGpHOZfy1kv9nZ9HI45TxtBYEezxr5u%2FzgLqLMIr%2FDqOuQ%2FL6NRO1pzB6lpNV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f18e463614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 new-newspaper.svg
www.obozrevatel.ltd/news/img/icons/common/ 1 KB
963 B 20ms
20ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/common/new-newspaper.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9e66e07b38c69031ea42c00d4202aff7cc75b08a83d3af43ed902d576dafe99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:01:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1696509
etag: W/"649acfa2-434"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO9yU14f1Wxc5ByIroK95cIKc%2BC4v9ySap%2Fd0yRj%2FsPwhxGjd0%2FJPn5crvjwqd6Ju0ct5Gtormm5kRDBdnCuCZvksmb1yT%2F0%2Fd8Oq3nZy4Gyc46BUNQ35Y2DNvS%2BiCBhuB4XN%2FAtuk5vrHKSPtuJ0t0n"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f1ae623614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 obozevatel-logo-flag.svg
www.obozrevatel.ltd/news/img/icons/logo/ 9 KB
4 KB 15ms
15ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/logo/obozevatel-logo-flag.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6246e0141bd4beea5c9ac9b01a6ed2ea9283adfc35e21113e10b224cb90ed877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:00:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1139951
etag: W/"649acf62-233a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUtp%2BXmOmJzUNv42kJXIyuMuLRCo3DxDEOEw9QJcBSe8ATVtsN2ZslMpfe4fAJYddGZ0wq21bikK%2BNpUgKUgkcTRwo6BEA1xyeb7kDha%2BBaYXLQz0is4j5hWrDqjCBWJTvz2vYAIM2dTJfkRrIjKPSuW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f1ce833614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 soc-btn.svg
www.obozrevatel.ltd/news/img/icons/common/ 871 B
938 B 49ms
49ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/common/soc-btn.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 634166a0597a37b8823e6e173e7c065a7da53dab02e6d38b9b7f188ea248428c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:01:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1119834
etag: W/"649acfa8-367"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoadrUIiH27nBqTI%2FAAEZG%2F0VyOVx1GWdo2YcWHEeG9dIuhC3LAEQ0O7rx44ZmgjUiEURli%2FFHVCMY0ea0zGv%2FCWgM5LDr4F51TJKM79GN9bzIC1l2f0sRAYRgmDWpY2G2ZDywnVeeKuwPLb8Tdc7wz9"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76de13614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 telegram-color.svg
www.obozrevatel.ltd/news/img/icons/social/ 1 KB
1 KB 44ms
44ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/social/telegram-color.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56dbff0fb74e17425e3cb6acb116f18c97114c4c79fe432a289b8a86bf171004

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:03:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 823507
etag: W/"649ad01b-546"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vouRH0ctvrwLxodiNp5p1nmR97MtpXCWXLLDqMD1zhv6MBCqhaC1iBw7u%2Bo7IA0v9J%2FbnA%2BkbD1pSo5lZaVPi%2B6xrALzhK1CcpaveC8S7OZOWS2RstwsqpvndkxdVP56KWFbUXflxvUckD9AbOVZEVYG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76de23614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 instagram-color.svg
www.obozrevatel.ltd/news/img/icons/social/ 2 KB
1 KB 45ms
41ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/social/instagram-color.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae14196b5c331f79f0652c3798705b2124266c46a73973f154e99f8d49121a8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:03:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1024128
etag: W/"649ad015-7dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ls%2BtEUCY3QJQUBUxIUz41fqtIiUPHe87gCqUQFPsue76VK9w9Slz5nU61Ij5GL1RSrLCUyTe%2BrevQ1ItZaU5qKb6NUdfkEHJh8ZPyqA9CGiaExa6%2BGAAxl4275aFqmsq9lRpU%2FuFOO9pUc0%2FWltD0YbB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76de33614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 viber-color.svg
www.obozrevatel.ltd/news/img/icons/social/ 4 KB
2 KB 47ms
42ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/social/viber-color.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3f02059346f4c9988c24dd1b98a2a032ca23a1d8b90c7463f9797c4345fc76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:03:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1024128
etag: W/"649ad010-fec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOPIDwzo0Lr%2BTiYqOXcIMXDxUzKATCuiEkoiehOq5HWOZs9wtQlRDFQDPL6SLW5jAkO%2BL44hI6itsWhBr5i7nw%2BBaqz0i5aeiYxKH931c37t9IF%2Bi3%2Fhse4MdtxPFzziUcRFDHCVQs7Awtx46gy4db77"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76de53614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 youtube-color.svg
www.obozrevatel.ltd/news/img/icons/social/ 1004 B
937 B 48ms
43ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/social/youtube-color.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13eb25dc23c16f23d23d2da810c3c1f5e478a64fca2f813235240a570206e638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:03:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3541413
etag: W/"649ad00e-3ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUoQe7dOVxcBUN5VN1jrOcjfn4wNgdL%2BMyISsUF5ndl6681mPwXa3WwruZ7g1cGm6FAIDdYP22qyx2JytUOafe%2FjL2rHprFtE6D0C9A3UTimek8BWyWOs3bAycbSqHLWtAl1twFRfowDWvVN%2BX5UyO4E"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76de63614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 twitter-color.svg
www.obozrevatel.ltd/news/img/icons/social/ 1 KB
1 KB 49ms
44ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/social/twitter-color.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36959f231339d122714c7e8ae263abab8fcada1745da4c6908675848af76b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:03:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2624583
etag: W/"649ad022-5bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGsmNBl1GxUwQtC%2FjxLGeC%2FYH5ogoFYF3IiKUsHCE3dN0pPpMNTDaUMsCT4EAMJE%2B3uT%2FppyA488F0f5uFqrNc1Y5yesLuoGfsMiET%2B%2BiUrNow2FuHNnLYZb73ARQpkzQqCIteJEGZ9niI4zqHVAsbkY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76de93614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-color.svg
www.obozrevatel.ltd/news/img/icons/social/ 560 B
838 B 50ms
45ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/social/facebook-color.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66a0036ffabb25e46920154c2435f16d15df679c1260c125d1c4e42acb9126a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:03:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1059088
etag: W/"649ad01a-230"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYD5WOxf%2F%2F6Yl38siguvA2s0zqHQNmW5s4ddO1lY3WCkLupLfupem5cH%2FUH7LjZXsldaMgFx0YlN%2BNKj9Fsk4kJtV3Mr%2Baz8PsBSNPfAOZRXuVHTvgqGE7lE%2Ba4ffSFSoYfCUMyZ4n%2FZL8KxnDhTft5h"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76deb3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 search-grey-dark.svg
www.obozrevatel.ltd/core/img/icons/common/ 686 B
858 B 50ms
46ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/search-grey-dark.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 771c5f47e50ff2b1fcbc3cfbf0fc14347fafca0b4698fd276949b69c61fefe3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2579033
etag: W/"649acda9-2ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vljRPyZnzKdPF3%2BjurfvBm3TI5fXc7Jb5KzltfUjAsNoyJEPwr0628fKFUqtaDHSidadBxWCINs%2FGyzXGsSDkwi1oUVaPmQqrSdweiq1QLECtKjJEWAN5f96iSgOGo%2FZquZmESIG9BQxV00meDEStADZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76ded3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 marina-pogorilko.webp
www.obozrevatel.ltd/person/2022/2/11/ 866 B
1 KB 51ms
47ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2022/2/11/marina-pogorilko.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6517adb10176e4c71e2c817ec9b8dcef892935edda74ca934e2478022b395dfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1696510
alt-svc: h3=":443"; ma=86400
content-length: 866
last-modified: Tue, 27 Jun 2023 13:07:22 GMT
server: cloudflare
etag: "649adf0a-362"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIp8ON8z7DBKQfzTjrs0pt0Y8IEPu55Hfe7LJ3QsEChpsyVWZfZL1wNn2ShjvHT4rImfI7f0Mpb%2B%2BjTToE4EIzIg11r8mzS%2B7Wo9ZegLcfzLBaVaejl8Go0VobL159zMQQGlS61GqLKpt81FfoFK5aDp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76dee3614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 clock-blue.svg
www.obozrevatel.ltd/core/img/icons/common/ 293 B
687 B 53ms
48ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/clock-blue.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc903f8e0d3e8a4ae9163875d0d5ff73e365dcdfdae4612c69fbf230ea28694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2783131
etag: W/"649acdbe-125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4SQXubtzfbCbttsER1kUI4Rzire6jQW5Qeyq0%2BaHa4H7OSkOAN%2BEAAOqTwT5d3oJxB3AgzFlenYH3gDYmUlzP6v80xLtU%2FCB%2Fmw1kRyv1dos6W941unpCJzpf7lXb0THUlnhijtjkxwXwhtdOe7cpmr"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76df03614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 views-grey-9.svg
www.obozrevatel.ltd/core/img/icons/common/ 333 B
738 B 54ms
49ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/views-grey-9.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41075f455f9397cdc04e9eae4581b838f988b087a3dbf17194dbd6b8df4c66a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2624583
etag: W/"649acd98-14d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bGR2cubMHhrzzTo%2Bgs2YgxJKIT%2BgdBVl7iLHT1VdnOjjmvQBjUmivIErfoKGBT0gbsYbmiq2%2Bfp0y6CEsDSe7GdyzgWdbg7dQFLZk%2FwQjpI%2B8PMOy2L%2FTwhay3gcxORBSvY7bS%2BWYcbxdAiSXlCTgRN"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76df23614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-circle.svg
www.obozrevatel.ltd/core/img/icons/social/ 572 B
861 B 55ms
50ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/facebook-circle.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce796858fd36177791013dde3dd3cbb3add35e49c3511fc944017ba824d663b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2579033
etag: W/"649acdd1-23c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVozf6i8%2FiAsT0bUUmN%2B0BUQCkI2Ry81d90BGMCMm3jwgoGBBJW3b1V%2B0fI2tvpa3xcjlbSFAUt%2FSCSzXN8eVj89XTJXqZpH1vJh78j2G3%2BcdxeZMDPIX8JnO2TiI0DLFN0NmZgWnkx5ufKyMYW25mH7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76df33614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-messanger-blue.svg
www.obozrevatel.ltd/core/img/icons/social/ 461 B
807 B 56ms
51ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/facebook-messanger-blue.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eca376766ef5e3eac085396d74af3adaac7539b3c45069f7ef6ac5dc522f6cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2415932
etag: W/"649acdc4-1cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIl%2BN3P6ROX1c%2BPI50b0GZ7G1dXChuv2O4jP%2BhhN1JqgLw9CQgiIKhce1N3YDcPb2XVXpqLp0WiQ%2BemvsrOLzLQRfbk9ty05eqhpIClm%2FMWhSiDJ8dmcJQDLkAHOZCUqOxnb3dPfyIRYZxeni2pFpy0o"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76df43614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 telegram-blue.svg
www.obozrevatel.ltd/core/img/icons/social/ 533 B
840 B 56ms
52ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/telegram-blue.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3a9a7eb306f17aaac4a6ce781606d4e2b71a2eb971096616dc6de2de11af16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2579033
etag: W/"649acdf8-215"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8mmDCb1RFpdtiAXUa6d1BnZtZMuwMDjMZnURESRH9YwU6fI%2Fm36s1l0EIF2aVc8EMD74nXARIAGdU4pnpnfdSWj3XlJxzwJEIRa6lf3jGuKj0DKlyS0JQ97GluaifwR5A%2Bsgw27CkWwwqBlMqPocue3"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76df53614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 twitter-blue.svg
www.obozrevatel.ltd/core/img/icons/social/ 2 KB
1 KB 57ms
53ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/twitter-blue.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e731110247092ceee3341a91aa429bfa4f2ac9d42c199d541f5d26ae026f1414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2924224
etag: W/"649acdd6-71d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryuPpoj5HaYWZep49QAsC5iA0Oy8rwQgDxV76nfgmX1svHx%2BivbzckIPTvbDSM74RZjHD6syI%2FOD%2FjeCRfPHUmT4OZM6dqaiCp4lrvSn9syAyc8lbhG1RhdrceISKjNW7wpTRl562UzWLUXsZ1ZAXVAQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76df63614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fax.svg
www.obozrevatel.ltd/core/img/icons/common/ 783 B
938 B 58ms
54ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/fax.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a90ba65cd8c0be391f5f15ab90b9e757b8ed89fcb78df5c94373b6979db637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1224185
etag: W/"649acdb9-30f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBveCl5kj%2Fs68BMZ9S%2B8UNU8q9UXrKpuQDwv4uzujFpGuu9MYrpOS8QqDFbnF%2FrSI3IqGNgH99nn%2FYSOxpOLMv4slp2%2BcKC01uKvCBTRMEfv84yGinzPW1bMa3I3SBSoGwpDHr49O%2BXOhUDE%2Fq9pzaRr"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76df73614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 letter-dark.svg
www.obozrevatel.ltd/core/img/icons/common/ 851 B
953 B 59ms
54ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/letter-dark.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a33bd115053d4e43fa69574378a3bbf433ca803f03a847011b2c9b501412e819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2624583
etag: W/"649acd9c-353"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNoQsiqFT5iJCijKiJJqfY5ZhU7tfl9zKc5tN1EGpN3zSpTLuHtC3KXO4HDR7eWbJObO6cBoTHbLwN2qWQ%2BBwczTg7QYRzgEkNTfCQQVxGsXZAVparGoVGYK1eJDUsQ53%2Bqnl5lg9oidONVam8zsyQ93"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76df93614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 copy.svg
www.obozrevatel.ltd/news/img/icons/common/ 2 KB
1 KB 59ms
55ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/common/copy.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ac3da8c80e8da42442f387a3a625d4180229cbbe107c7d739befce626c45938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:01:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6598
etag: W/"649acf91-6dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AbJ8OkEhRlHylHNMUZUv54inKWF9bGaYg8wJkhFYQsa5yU9qh7aWX%2Banpest6oQTKbtasssveuEljffDZ0nH6CFWuvwIgjMWcY%2F3rKd3Sp5Wgluve4Rqz%2FS67652n%2FhzpOAEOHhynVpkzRlYcd0cVPt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76dfa3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 like.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 340 B
749 B 61ms
57ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/like.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90d0f491830f7b53e939eb15abe82d79b5e56585ac17e7e74a5408b522fe9bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1119834
etag: W/"649ad03e-154"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAvGA9bzz0ABquiZbZSBaA4IImoqBx9QbIQeNTq8tuSymaOu1cfD9%2BK%2FWSk1MMDLk%2B741Ju7NpEpucb4LUWYRR2WJ9%2FyVsCS9gTWg6WM0%2F4wCD6OaLSz5aEfZeWcdDrrbnd5TwUqM1BscptvXleX2pDt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76dfc3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 dislike.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 349 B
751 B 63ms
59ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/dislike.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3da780ebc1dbe0efc7d4b4d8c9524fb27f2ae336b980b3cf8bc0b5ea3c9277e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 294591
etag: W/"649ad043-15d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pnnRqJFCkCxIivTqLow43oISA6eelso5l9opihThElq2xtbA3CQ%2BrkoFarmsqpTeom8hZ67sgIR4D2P7Q3TBVcD59CSYyeiPBJZUvU%2Fzen8Wc7UAyAWIw%2FrHNnwL2%2BMGK%2FhiOPerEJadBPAQQ5ATRHv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76dfd3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 smiley-1.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 2 KB
1 KB 63ms
59ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/smiley-1.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01cb7c0d3a11112d6ea83c95e24f430cbcf86e665af4e92766124e19d1e4bad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 951167
etag: W/"649ad05a-7cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKNXwhT0noXwfQi%2BU%2FvD1uL6d8T2Kf9WWgNqZArAoYETNVBgO1SMZQDwj2w%2FIhd8O13uigE%2BQPgPgksCwRJ114cXuNtLq3fvmZmltWbtQXJQe3zMzj2Na6F%2FrsZ31eOn9P34pCeRQEnssYNQMgWQXwne"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76dfe3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 smiley-2.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 1 KB
977 B 64ms
60ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/smiley-2.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bcbf2b526d0ad06ecab5cd2fd4502630b83037ac0bb44f3e3d19a0fcdcc9cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1135689
etag: W/"649ad056-4ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FlBboNU%2ByDb71utQA5KkCRL9Fv3W9R1oSOn%2ByxVKfH6xm8%2FZlI7w1UQLnZkP25BaG156xjGZSIrQEE3rlFM5pOwG3w5s3P%2F4EjAvaC%2FSr%2FCqVBqhYGu7Fya7RIc%2BYaVFtjmjhsD%2BmNOtQc8cu6ZOxA8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76dff3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 smiley-3.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 3 KB
2 KB 65ms
61ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/smiley-3.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93fae5b573dd62f9d6de2cfdde98a35a3943c14e7ed611b9a2c16178173e5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1024127
etag: W/"649ad04f-c54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLk4QseZfK6DnqhN460Zmc1xwpjjSOzl%2B%2FEShITY4aK9Fmu2ExGzqf3Jyee%2B8rdxhAPWn8xN2zqXtXuyM0m4Ue6E68%2BhWxmbPmd4t54OQTOaD8aAKu53apQDIahqN0kWB2%2B1UW6gjI7J5szsDq9w0v%2Fe"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e013614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 smiley-4.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 1 KB
996 B 66ms
62ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/smiley-4.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f411bc544536dd2da4d6048cc5e532415892b31f3c349b551e1e5703bb9ddd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1024126
etag: W/"649ad037-4ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VqL%2Fioi1s1SiflNpDZe3qQrGf%2Bj9WvHIa4syuTcnLHL9WWvlp2C7%2BsR5ZgW1jtJ5bZaX9TKuw3Y4ejC4%2FzmVebS3uaZSDSZkHT8A4xNBzgfUAKxOI6nsirdPJRjSlSpD8WF2FjPTM%2FtEJP5nh51AwIE"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e023614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 572 B
867 B 67ms
63ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/facebook.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e71749254a65822cd2bb6efda92cec053029fb7d17bc8f5f4fd91bce1d14014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1130471
etag: W/"649ad054-23c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFlDziT%2BuIYL7zpmujaGs2sEjFrzvMAt23gmVeCtoNYdLPmq48BGYWP%2F%2FKyp1uHDR5D4YKfByrDg5t0pnyuBryLjnwyzotLzdt4%2Bp9X1y%2B5rfOUNCz0SBhb%2BCp%2Fzuzwy3Z72fuwonlvqmMLg%2FDFu0BUE"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e043614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 google-news.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 2 KB
1 KB 78ms
75ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/google-news.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7d117ab67623710c571bc9c00d8e89048da13a5f18adfc7b3e0746d39a4e4f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 294591
etag: W/"649ad03c-746"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dP%2B8GGkgMOCvdx%2BvBzexiwBPZr%2FAGN8Auw1c2IsLDBjx6ZboMigXGvuQn7WLZsl5AfgJluymxVQVsqc8FzfkR8LFhAFseiqA3u1SW6mdYJ1Iywh406hqoznKsxXLreSTpSrbKqDRP6grb2EClMyV%2F%2Byc"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e053614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 telegram.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 529 B
840 B 67ms
63ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/telegram.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d0a9008848e18cc2f3e545dae5b09df38d327bb981ad46cf9c6d07671199a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 962560
etag: W/"649ad04a-211"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGzDWTrgU56IyePYCu1zsfG%2FiCG1coIZojnanklylsGlne8zJCniuEKMdCYQAzbAyFlYPNqMhjv1iu6i4ZdVAxDELr2RXzza5GiLtqN34b1DqU5%2F6ZSENCVTHykuFSwRgIMODr5XF%2F373MvPQhMA82Sn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e063614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 instagram.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 2 KB
1 KB 68ms
64ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/instagram.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d87bca3aba5965d3fa695d43c0cb3f48c89f76c1c33b52eb8ca1ff9eb0577e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1224184
etag: W/"649ad048-944"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRd24TbJPSfb%2FDD7MO7NaLZzgqKnGNYwfX8fLKPrapp5yC3cRMLzyFUtrMASYLgIZUBgaKb1n3lRoxQa6NzjJw8F%2FDzCjLY4q79BKyO8BBPSYXkmcfPCJHYu8uDkcvXfIYMH3Gzzuc%2BSetl0Nz809uaJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e083614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-obozrevatel-brand.svg
www.obozrevatel.ltd/core/img/icons/logo/ 8 KB
3 KB 70ms
66ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/logo/logo-obozrevatel-brand.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e3b2b41614d8fc8f510b927eb892b7c0a18b8f01318f7519959b7776ef0b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:52:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 167373
etag: W/"649acd8c-1e13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nsKuyk%2F39wag4JKrQoOL35nM1nUVn%2BgjoZhTuk9XGWRUSVhDkU3poKJUqysop%2FiHrcC0abDSG8iAuSPp48XLMqq7SwVpLkvsteExNRjDPGzlThA9lW%2FmFJKDMdHmCPEyQjJgRFqdKmrTTHzM9ScSAXw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e0b3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gaz-tsena.webp
www.obozrevatel.ltd/news/2021/10/17/ 10 KB
10 KB 71ms
67ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/2021/10/17/gaz-tsena.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8091ab1dd1c5716115f7736898aa19a116df1b7d03c98f653c63587b58040e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 377860
alt-svc: h3=":443"; ma=86400
content-length: 9920
last-modified: Tue, 27 Jun 2023 11:56:54 GMT
server: cloudflare
etag: "649ace86-26c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msenWi6VnKrpbir%2Bo%2BKp5qZcwSTs%2FgPKfK2Ao2MPFnyBN9fidYHtLszI6RitMPjUfPrW36varh4g31a6Q1sjXEmCmu4hoNrHT12YaJEuH0GEJgaoPT%2BYvy7m40K%2BtCfbrhrHNTzP6nhkPSXWLThnGPyd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e0d3614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-grey-9.svg
www.obozrevatel.ltd/core/img/icons/social/ 887 B
975 B 73ms
70ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/facebook-grey-9.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b4f51fb64cb6b08bb2421d2d6182be44fd3123e23867b16edab824cd57be4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:54:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2624583
etag: W/"649acdee-377"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9LWAiUnbOnGffbEDDp3WzInE1uc8I4i6s8GA2fOxjCY69vSRZ9v4k0d5sg8OubWRkQcn%2BJLHRoKzKk98qYetv4QmJtytHnoLx7q3ttobXwBZEQpGkdLMyMeR3%2FjWgILmOurRdGWLRh0BeKfZ0BEZQm2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e0f3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 filestoragetemp-11.webp
www.obozrevatel.ltd/news/2023/3/10/ 2 KB
2 KB 74ms
70ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/2023/3/10/filestoragetemp-11.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35230238672f285ad244d12b658a089ffea3e672e641db49d3763d52a7e63b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3541413
alt-svc: h3=":443"; ma=86400
content-length: 1736
last-modified: Tue, 27 Jun 2023 11:56:57 GMT
server: cloudflare
etag: "649ace89-6c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YYF5BBEVhjGE3o6Qe7yqGffsV%2FJoHk6Gdr0uwoe2upt1brv%2FUBDWsMTK7bd16JtiHWHk20ubzNVE590rlg0aFFONgRRAHcL%2B68jUuq4CpTZMQF0NPYl1%2B7lxwp0ey1RoEP6lubXB1cgHz6ANYaBgsWu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e103614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lnn.webp
www.obozrevatel.ltd/news/2022/2/11/ 2 KB
3 KB 75ms
71ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/2022/2/11/lnn.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc62c5169887152b3149fb1448a5b23d2a4412621c54f546caa20f7d791bcb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167373
alt-svc: h3=":443"; ma=86400
content-length: 2176
last-modified: Tue, 27 Jun 2023 11:56:59 GMT
server: cloudflare
etag: "649ace8b-880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ih%2F8Xh6qqVy4oKp8kwYY9iCle9EVVwx7pUnyhJ9CiJvrJ8qwDNTC23EyfzOMeciMpZfduTIsOtzRbp638G4ejvcrP%2FAwH3wWSmTIJTNiL%2BlYhds%2BeC%2FSAjb8EOWGgw4FtPpxnk9Nl4DSorymq%2BZhQSGR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e143614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 filestoragetemp-2023-03-10t093800-194.webp
www.obozrevatel.ltd/news/2023/3/10/ 209 KB
209 KB 76ms
72ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/2023/3/10/filestoragetemp-2023-03-10t093800-194.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86df8786ac8ad22ebe6a2ce9d3866cb8ecc64a0fd9ac9634dd997ec16a4cab9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2952816
alt-svc: h3=":443"; ma=86400
content-length: 213618
last-modified: Tue, 27 Jun 2023 12:39:59 GMT
server: cloudflare
etag: "649ad89f-34272"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLpKiWZZxWQfFOgngLqPN8UlKSGpSSVtbphFs9CPjxI%2F22AyTDMqeefHkAb6qmFbs8l%2BY%2FqUJS1pFqUgRuJuVSA8wcznuww0BHHnhLoUvPcP6yWdAh%2Fs%2F27fNSm7%2BaC1FH9OoBEd8OGyHaV1DaBEnz4Q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e183614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 views-blue.svg
www.obozrevatel.ltd/core/img/icons/common/ 333 B
744 B 87ms
84ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/views-blue.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a63d54ece1877473a2b3fadccdd63aa5c65773c1623defe6ff83859fe4dfc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1696508
etag: W/"649acdb4-14d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FEqm6FE2sNAh%2BlBY0XzbIp%2BDhz%2FHh5gEma8XBSz96rIl83wD0bZQu8bnDYeyfsyZIQ1xUMUOvmDkJwH%2FAogOUSFYxrU%2FIVrySIt5ZdOn5XStze2B9Iq0%2B9kvafvXQkqZ5nkZIwBgfxv%2FiPOyCz8Epfd"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e1c3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-fb-brand.svg
www.obozrevatel.ltd/core/img/icons/social/ 887 B
983 B 88ms
85ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/facebook-fb-brand.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563ee9779d7b3e0597f938f880d9f35f615e7ce69f5049a81ef7009860e50f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1224184
etag: W/"649acdcc-377"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXaBeroHJOMCkZknwFyuvWAk2ucdEnckaeERuGnke%2F%2Bjh%2FKK44tJPUvAY7SOCTr%2BT02xq%2B0ppUjEn68ESo8u6GhWAkIjJN0SzMZAUs1jjPbPy1Fdg1LrPIYTlyxVwLOv6%2FJqdp5gYyrb19wK8hfhngfu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e1e3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 filestoragetemp-2023-03-10t114224-373.webp
www.obozrevatel.ltd/news/2023/3/10/ 132 KB
132 KB 89ms
86ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/2023/3/10/filestoragetemp-2023-03-10t114224-373.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3070451c8e8f7033e127e2ac1ed2202ba297d012d1485828f6d5bdaa67e96e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 295708
alt-svc: h3=":443"; ma=86400
content-length: 134954
last-modified: Tue, 27 Jun 2023 12:42:20 GMT
server: cloudflare
etag: "649ad92c-20f2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G69hJzrHQtY%2FeWvZma0t75KXks8oFrru7kppY1LOtWmQ5fypBBVBqEB%2B%2F4GfedA9hWhenl71%2BYstJkBukkmGWg6l%2BC%2BTwfSlAsXS6jDYIjTgvGt4F8pzQuryUcFMfNIgRTA%2FGbLwCMZ1fBffP1eTpLKA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e203614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 37ede73a0ffb5f52db4b32d8c969d876.webp
www.obozrevatel.ltd/person/2020/11/10/ 578 B
1 KB 93ms
90ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2020/11/10/37ede73a0ffb5f52db4b32d8c969d876.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae24162f5fb40c9df2eca37a71195b08659fb5c9ed22c8021f0000141fe58d69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 616784
alt-svc: h3=":443"; ma=86400
content-length: 578
last-modified: Tue, 27 Jun 2023 13:11:19 GMT
server: cloudflare
etag: "649adff7-242"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUcsmA0pF8XSpePkJdDVGE9r5BSOd5B3vrm2ynEEmIloBm2R1NigdnDrY%2BLf%2BASWOfsdqQjUJV3B2Om3oevNAZ0JJ2ykV8fCvOgm%2BL3Qa4fkzYt0LcC2Ufm090ODpVpToKUKpBLAXtt8jrrm%2FAU7J4mf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e213614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 247478.webp
www.obozrevatel.ltd/person/2017/2/18/ 996 B
1 KB 94ms
90ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2017/2/18/247478.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86b218e90ff07b27c80128069df39270361d8cc57c4e19398c60e885a243ce9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1024125
alt-svc: h3=":443"; ma=86400
content-length: 996
last-modified: Tue, 27 Jun 2023 13:07:34 GMT
server: cloudflare
etag: "649adf16-3e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddtJn5CZFF2MZDmTMJbUL1tDRl6OC%2Fh3wxc3TwtAkxztiRWBdXrkCIO4qhzYhrGP50rpsvUXSKogG9wjGmXgh7ZUM%2Bh8TfDt7zb%2F8nyHfwY%2BSIZdRFS%2BRxEIL6VluHD8WMI3howsSGEvNbOhrqwIMbX2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e223614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 posol.jpg
www.obozrevatel.ltd/person/2020/11/10/ 1 KB
2 KB 94ms
91ms Image
image/jpeg 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2020/11/10/posol.jpg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9482132e6088697acbf75b69cf152976d9b55855f4a2c755f5ab2684873f5b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1224183
alt-svc: h3=":443"; ma=86400
content-length: 1245
last-modified: Tue, 27 Jun 2023 13:07:09 GMT
server: cloudflare
etag: "649adefd-4dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t91JxAN%2F12nYW8PR8D%2BAEVO9FnFbcry2kree5kOhZWn1ioch9UoyRYn1PYCh25EZ8tODaYSBn3P1mSMDoBqTcTiaOdDwKXsZOGVbq3g3OneTJVJXN2HW%2FUJnuV93c2Ogrea4DEUFSu6jVRw8phfFwF19"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e273614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 444750486979743205840294644831861598584832n.webp
www.obozrevatel.ltd/person/2018/10/21/ 718 B
1 KB 95ms
92ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2018/10/21/444750486979743205840294644831861598584832n.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d67430fc76b5f45afd85d630af49329f5ca321d02b4992e71fa559cab9413d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2434421
alt-svc: h3=":443"; ma=86400
content-length: 718
last-modified: Tue, 27 Jun 2023 13:07:27 GMT
server: cloudflare
etag: "649adf0f-2ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX78piPIv1Lm6j7edDAdVkQNxgzCl3It%2BpEADqfmZ8SBQ0%2BtrOhF7%2FzHFVlHH20pm7NQ3ApDtqIVxM6VDWTjRnE7SW05dfWKqZkkY4OL7e5hW7X3jU2%2Bx6dQvu8sGt3%2FCVGVu%2FXnJLGBqZZRYBTth15V"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e283614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rian02982697-hr-pic4zoom-1500x1500-879881.jpg
www.obozrevatel.ltd/person/2020/12/3/ 1 KB
2 KB 96ms
93ms Image
image/jpeg 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2020/12/3/rian02982697-hr-pic4zoom-1500x1500-879881.jpg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981805c97007a3bb41495219de1d04ae2522e562581adf652f5192340274381d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1224183
alt-svc: h3=":443"; ma=86400
content-length: 1360
last-modified: Tue, 27 Jun 2023 13:07:16 GMT
server: cloudflare
etag: "649adf04-550"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Awk7wz%2BA%2FoxPoVfUmuszCNdkSyUKMyEOA68VR3fsrcSgs%2FoO6h9%2FA2LSrFE45mVyEIydAK4Q%2FDo1%2BJtgGM3TjNJoBHDLvamSFrIVWDK%2F8Oq%2F9RuE9clE7VfneMZnWJS217meHUeonGx9aE4BOxWjjcma"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e2b3614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 775602w300.webp
www.obozrevatel.ltd/person/2018/8/9/ 818 B
1 KB 97ms
94ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2018/8/9/775602w300.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a0cb3c49a5d475b9d8830e3c4918e35c8eabb69fc78ac7d350f57a5ec025cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2434421
alt-svc: h3=":443"; ma=86400
content-length: 818
last-modified: Tue, 27 Jun 2023 13:07:32 GMT
server: cloudflare
etag: "649adf14-332"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwzH9zYFNccgehupK8qJuT1B4dorsLZJzDWR1P43a%2Bfr1KB34pYkXW2DmoqEvMRpe36T3lKWgIZeGAwzbEtFcrb9Li0w81qKEt%2F%2BkUp93MwLyywvbmr6Dvj4iNkRS15e9J6FO60MtKjxxy2K47Kvy6IC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e2e3614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ff956b08df3ba2188.webp
www.obozrevatel.ltd/person/2020/7/10/ 1016 B
1 KB 98ms
95ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2020/7/10/ff956b08df3ba2188.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93c23e2ddede676b53edcb53662ce25d695d15fdb6bb6f30d7c7e33678c64f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1024125
alt-svc: h3=":443"; ma=86400
content-length: 1016
last-modified: Tue, 27 Jun 2023 13:07:14 GMT
server: cloudflare
etag: "649adf02-3f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmte4N%2F9L0zwBE0msT5Hltx1uqGw8sLT9sjdY%2BBtU0lm1kIcQx1d8i7MUtbP7dGLIzMXrgm76DaRDGywRycaEWHG6tLzVTGYj5hPo8vWchDV1kkCSV80Ao%2Fxq%2Fmn%2FdmdMCX%2BfKakbtkAkuW0Ta8lHQZh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e2f3614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 699008.webp
www.obozrevatel.ltd/person/2017/4/1/ 890 B
1 KB 99ms
96ms Image
image/webp 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/person/2017/4/1/699008.webp
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff942ac9e43a0c40e9e4488b222caf3dfd3c6c81ada2c2eb2fb827893664ca91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167371
alt-svc: h3=":443"; ma=86400
content-length: 890
last-modified: Tue, 27 Jun 2023 13:07:39 GMT
server: cloudflare
etag: "649adf1b-37a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5j3em0AHfaoBsBhfKuDgxcDOTzC1VRszGBWB6feTlRFF2PMUBRX3YKkkPm%2BCBWf1oS4lLCe7uD3VPICBqNuc3i7k268ruAp9gMW5gxnXeLRJW75jLltb9qESIVyyYNZqdC4tIDRIuT5tgGmW0KW%2F3fB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8344b8f76e303614-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 obozevatel-logo-white.svg
www.obozrevatel.ltd/news/img/icons/logo/ 7 KB
3 KB 100ms
97ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/logo/obozevatel-logo-white.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 352f98077484f218eea323017c0423d07563ca483866aa24be4da957bafc363e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2864979
etag: W/"649acf69-1d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uk6pUuKxWXVk5QGbNVp1y1o%2FleCGxUo0Hr8y%2BRoUWCUdEH4MMsxzlulNkBtADryZJHDYsX3YfyYsEa%2BBqOtoj9qM6oZj5WzegDTTSxrm3ZrJfezpsdND9QrHMk3K5ncPXK%2F%2BShwBa4rcsVdT5RxXpFC%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e323614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 google-news-2-brand.svg
www.obozrevatel.ltd/core/img/icons/social/ 7 KB
3 KB 102ms
99ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/google-news-2-brand.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac48d96425401d308f74953d7a0cf5d993b22d9153cbe4069dcd6e02f1c25d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2624583
etag: W/"649acdca-1b18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBEY5MaeO8zn7MF6wAFS5P4QRq%2FQSvmpEB2Ro1Nw0ih3jGifEFuJw43qIuJCxNXA27gTqAe1473rNxPYgiyvobanjAK5hCP%2F2F1HBcJj85ZakZ0e%2BTuojSr8koUAalACBVqo461aDki%2BPbcSS0HqgAvG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e343614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 download-app-store-ua.svg
www.obozrevatel.ltd/news/img/ 11 KB
4 KB 103ms
100ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/download-app-store-ua.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798f05d6bfa34057f8d30aa42bae10ab197cf4f23cc4cc479d3edb5571aac79c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 15:55:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1024124
etag: W/"649b065b-2a33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2F8NLmZ4Ju2V59gsHd2ncupYemzw9kD4appp8lpkLWxdIOEX5F2zuDOk%2BB3OGGV1CYRyHW4ahw4TQ%2Fivfkyx24%2FrZ08e%2BzEj9lqRBpuVnh6GsxYhz3Q0b9g7ifdZB4P9yD29Em3%2BdK%2Bru37Ub8go8sNm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e353614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 google-play-badge-ukr.svg
www.obozrevatel.ltd/news/img/ 6 KB
3 KB 104ms
101ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/google-play-badge-ukr.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e8a2d3d5647287d085154e7eb0dc5bb3ca75d5bfdf31dcc80fd399e26f9d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 15:55:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2843119
etag: W/"649b0661-1950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9IoyfBCjRn1pLK4oj7hfa4qDpXVYh3%2B%2FtlsIs1vU6jXPcm5n7zZ%2F3zuPHjn3309I8FqDOC3f6zYQx%2F8E1xbeTr75RPDO2O%2FkzWFCa%2BQxX6bMXXgKomSiDuibyQXVDuoOM1mo%2BWiLYle3au6hBuQ99oU"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e363614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 galaxy-store-ua.svg
www.obozrevatel.ltd/news/img/ 15 KB
6 KB 105ms
102ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/galaxy-store-ua.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371d844205ecffe3a171dfb0f001f1f678eccd700bc51b4286d981a669a6470a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 15:55:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 167371
etag: W/"649b0666-3c51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK1hA12f%2BpSdnzy4wK0Mkv4KAbZox%2BjS7V8d%2FQoSeMlqtTX9T9jay2HrRrXRRvD3lvC6fKwz7T7hEQpynpRoJKNEz8R%2FX3B07w2VA%2BbiNzevaWd0yNUSulObDn4lU4CVj7I0RB%2F%2FUwRQU4mIiAPxrnQw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e393614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rss-white.svg
www.obozrevatel.ltd/news/img/icons/common/ 603 B
797 B 106ms
103ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/common/rss-white.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf65fa3bb054d5a0c5333c25252144ad4ba3e8eccbeb58596d8f36124038bf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:56:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3428475
etag: W/"649ace87-25b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoOeOeLoIjFo82X7yIoDkD0vDOyvDRWT6X0VA0Cw4vnS6FqzRsuOLrdgv40SR%2F3foEfFr2cLfiewVuBPnMJgGafakOiyw2dUTw7OalxlJqGXFX7ZvyistwSZU6LfOD1hHhhjooQvAGDp8W6DbXqLgmmz"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e3a3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
www.obozrevatel.ltd/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obozrevatel.ltd/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6569f5f8-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uB%2Fdix2Iup%2B1bwIfDC9qSiTS0VhJhW7nLCb5ZG778B93M8a91AojFm6OEJfuRgeGJTk3GcMYAVy4mwAqgqVUxRvUC72oSoThA4n59hMRa7nLyIJmxbBVzJXqdd8eD8i53XBRWXUQSq2vBbI2Uovix8mI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8344b8f1ee9a3614-FRA
expires: Thu, 14 Dec 2023 08:50:54 GMT

GET
H2 200 1x1.gif
autocounter.idealmedia.io/ 0
246 B 42ms
16ms Image
image/gif 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autocounter.idealmedia.io/1x1.gif?pid=48018&referer=

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 07:48:40 GMT
server: cloudflare
age: 3735
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
cf-ray: 8344b8f79dd64d9d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Dec 2023 12:50:55 GMT

GET
H2 200 5gm4zn5s7f Show response
www.clarity.ms/tag/ 1018 B
1 KB 293ms
212ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/5gm4zn5s7f
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1418eed8bdc52ef5a9087aa44ba4280b12ec746c60facd353a1dbf01758a7b81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: -1
date: Tue, 12 Dec 2023 08:50:55 GMT
x-azure-ref: 20231212T085055Z-8vma166v5509z4k8bsdmz3ks2c00000002dg00000000tc96
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1018
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 close-rounded-bold-grey-dark.svg
www.obozrevatel.ltd/core/img/icons/common/ 692 B
836 B 106ms
104ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/close-rounded-bold-grey-dark.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067bf565b91f22dd6b73bc87080c2abcc265a0edd7fd680576809ec61cc637f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:52:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1213190
etag: W/"649acd96-2b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnHpJEpbkz8EKqCeK49dt1YGYptFjL788VWhkbW8HdQHLVofqmY1lEveGkmhaIovyWM42wE3pHCLb4iWpKFhk8NGw0IuKdMzI2eCjiNtULYnCm%2BWvilrkbqUMC3LoOcWC%2FOyhAWVQ9K%2Bxyh%2BIybe5QcT"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e3b3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 like.svg
www.obozrevatel.ltd/news/img/icons/socialBlock/ 340 B
754 B 107ms
105ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/news/img/icons/socialBlock/like.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90d0f491830f7b53e939eb15abe82d79b5e56585ac17e7e74a5408b522fe9bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1119834
etag: W/"649ad03e-154"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFP6YbNjnxkp%2BZaugvEw4xFkd7ZvlOyrIq%2F5vE0NHwgt8AWzBXbpVAS9KDLEe9v16QeP0%2BychFZAOmIC7Ip2DhlLYn3dYhIfj2zvXMkPyNMTZYdBAU4U%2B9MFMMiEXg5oKJKIkhfgoOJ%2BYnLWSWQ%2B1dVT"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e3c3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 views-grey-9.svg
www.obozrevatel.ltd/core/img/icons/common/ 333 B
732 B 111ms
109ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/views-grey-9.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41075f455f9397cdc04e9eae4581b838f988b087a3dbf17194dbd6b8df4c66a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2624583
etag: W/"649acd98-14d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgTeoaWitQdlPLeap9aeRozE6FfWM20slw7YybR2v%2FY0jXtBFXrzvHq7ah64AMs6bw8OXaRfMTbfbuu2OeQBoWnpXPWnMLDv99ybU%2FbuVgjy2gZEw7qjRnZETLUMCn%2FMZ5vZ8HWLb7emSzPGSrDu4Ie5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e3e3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-grey-9.svg
www.obozrevatel.ltd/core/img/icons/social/ 887 B
977 B 114ms
112ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/facebook-grey-9.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b4f51fb64cb6b08bb2421d2d6182be44fd3123e23867b16edab824cd57be4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:54:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2624583
etag: W/"649acdee-377"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4sGBYrgeFSfHkfBCRPHnjhfT%2FZW1CqHQNFGh5sbLKe4X0VEZTLqckG%2Bd%2FnEgLmNB8xJmgBLXKiiRrKkHQ2H447hnSdRIHcfTJ9VUVTX9JkNq6vrmaK6amEvchIhdPAoCM56eA13DIB619XQlFkRLjG0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e403614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-fb-brand.svg
www.obozrevatel.ltd/core/img/icons/social/ 887 B
982 B 115ms
113ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/social/facebook-fb-brand.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563ee9779d7b3e0597f938f880d9f35f615e7ce69f5049a81ef7009860e50f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1224184
etag: W/"649acdcc-377"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDwv%2BnY%2Bgg%2BWBkP0jZ4DEAWSgh0%2BDu3SBTsp74Lb9H4nkK1XifCasTevxh2c8zcHKfZauiln387OSwIGK%2F4YV9Qxwt3Vrb7oCAVbKBWa3bnIOZ2jEJHRmuPhqcT776M1bCAVrtOWjSAIi01%2BGRHqSZBe"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e413614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 views-blue.svg
www.obozrevatel.ltd/core/img/icons/common/ 333 B
736 B 115ms
114ms Image
image/svg+xml 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.ltd/core/img/icons/common/views-blue.svg
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a63d54ece1877473a2b3fadccdd63aa5c65773c1623defe6ff83859fe4dfc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 11:53:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1696508
etag: W/"649acdb4-14d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qx2BvXQexFj3Hl0fScE%2BGrf%2BrKOmYzekHm30P9N9AW6NB8DVxQX3TqsN1Te3oXUKkyXdJEZY4T1ivf94WGubqLjqbkUXIBPhX1IkSbuCDkddVpluIKDw25OwbLG1RWh7qULkIH8AvlzRrBnExKSg0epb"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 8344b8f76e433614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 16ms
16ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/5gm4zn5s7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:55 GMT
content-encoding: br
last-modified: Sun, 10 Dec 2023 15:07:16 GMT
etag: W/"0x8DBF991B2C59E6A"
vary: Accept-Encoding
x-azure-ref: 20231212T085055Z-8vma166v5509z4k8bsdmz3ks2c00000002dg00000000tc9q
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 34b04849-b01e-006c-6d11-2cc54c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
g.clarity.ms/ 0
299 B 507ms
251ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.obozrevatel.ltd
Date: Tue, 12 Dec 2023 08:50:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=94EC8147F934477BA6232E1183F663C6&RedC=c.clarity.ms&MXFR=0DDA30ADA8B4677D39C72348ACB46922
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=94EC8147F934477BA6232E1183F663C6&MUID=2EB6D55173136DB13399C6B472BF6C11

42 B
444 B

27ms
27ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=94EC8147F934477BA6232E1183F663C6&MUID=2EB6D55173136DB13399C6B472BF6C11
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 33546A856548460C98B9D0D98F03A2CB Ref B: FRA31EDGE0713 Ref C: 2023-12-12T08:50:56Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=94EC8147F934477BA6232E1183F663C6&MUID=2EB6D55173136DB13399C6B472BF6C11
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 index-1676391555845.min.js Show response
www.obozrevatel.ltd/news/commons/ 797 KB
157 KB 27ms
26ms Script
application/javascript 2606:4700:3036::6815:4383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.js
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57cdf60d5c8dc317d238c29fa6a19497d0f45840211e526b86d47cf77830c190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 13:51:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156714
etag: W/"649ae965-c724c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M9ayKOaad3SNtzrEJua84Q3JZoJpgxuEunXOB7RMQ7Eyuw4uanzEg%2BFjohmPpmoutNVDrYgtiVbdLl1sf9wYY1xGFZbVbjYScMANyDYPRMx1wIGHLZBzzTbCC7AKk1bkqIvb0TD4yJW1AnOGgiznE3w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8344b8feefc43614-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 obozrevatel.com.1480166.js Show response
jsc.idealmedia.io/o/b/ 4 KB
2 KB 27ms
18ms Script
text/javascript 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.idealmedia.io/o/b/obozrevatel.com.1480166.js

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0308f9a3b8c6cc1290d5651c2949e7e33732adcce9c2b3bbdb457af85fee2440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
x-amz-version-id: 5E8Udel05Va4khTN.d8Fe7FJyXE6gqoB
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 963F0KQE37XRQ8Z8
age: 95
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1445
x-amz-id-2: nx8j0Sa7xPpsW5Dexf229+PQoxrSz3u43BCgTt+UBhIjtRhO4UN2ysRrgmf1HeGGlr54CEvfprw=
last-modified: Mon, 27 Nov 2023 14:13:26 GMT
server: cloudflare
etag: "60e93b749424d98809078aff3f4d7b19"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 8344b8ff6e964d9d-FRA
expires: Tue, 12 Dec 2023 11:50:56 GMT

GET
H2 200 obozrevatel.com.1418748.js Show response
jsc.idealmedia.io/o/b/ 4 KB
2 KB 25ms
17ms Script
text/javascript 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.idealmedia.io/o/b/obozrevatel.com.1418748.js

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5f02a0f091e4e9ef6c2e2260283f7be254705543c7af4c0ab499b8975a9beb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
x-amz-version-id: 4_XSWh4AB9Lk3liIOSCsI5b4k0J7pk69
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1ZD77J8FGM2AVYBY
age: 4914
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1445
x-amz-id-2: e6w74vipFn8JHMKO+lilntkcLf6EiRuyDg/7CTcFunK1RIDiq8KaYwg7Q9H389AOY+J6J8vRZJI=
last-modified: Mon, 27 Nov 2023 14:08:24 GMT
server: cloudflare
etag: "020aed4214f3b8b2d2d21bf6ed74a3a1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 8344b8ff6e9a4d9d-FRA
expires: Tue, 12 Dec 2023 11:50:56 GMT

GET
H2 403 /
www.obozrevatel.com/api/news/ukr/pixel/ 0
0 26ms
18ms Image
text/html 2606:4700:21::681b:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.obozrevatel.com/api/news/ukr/pixel/?token=2983006&h=1702371056529
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
73 KB 36ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZV62SC

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27a017244201fdd39e15f74093b3b78b5475db9cc30d8eec35aef0d608e933f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74783
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Dec 2023 08:50:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 08:50:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: k9Ekk7E+v/0PfwkI83ae5Jtt2Pz0PT/wqJGueUeMNcXiDYLgVR/vHaPiE5e4+O+VmBVktbEKZjuZl0RyOyK2/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/4ffc5a85eb59ede149aff75197a72c94/ 64 KB
18 KB 37ms
7ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/4ffc5a85eb59ede149aff75197a72c94/client.js
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d132c03c84236e104439b346597723d13ae0e2948830165898d0c592644293f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 01 Sep 2023 00:59:38 GMT
pragma: public
date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2023 14:03:53 GMT
server: nginx
etag: W/"64f09dc9-1006b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 82ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca6b475ecee282177bca746aedfee696440687aa08a36b1cbbede64433310d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29084
x-xss-protection: 0
server: cafe
etag: 909 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:50:56 GMT

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

55 KB
20 KB

150ms
125ms

Script
application/x-javascript

2a03:2880:f277:1e8:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Protocol

Server

2a03:2880:f277:1e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee9a97f440f7e2b76f4635d790300e1073d8fbd3f2208fe7d889990eacea7988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 08:50:56 GMT
content-md5: Eas7bhPccYb1BjaTpavKqQ==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19659
reporting-endpoints: default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: bF9PXhnQkAYii04Ks1/Jyv1JEWWuMhO6c2rJUqX2rPhZoxhcaE9Pb1pGCDs5H4ybsEGnAbVMDAgEZVkqSt9TpA==
x-fb-content-md5: 974a354369e85c25f9d66ca3e2eba565
cross-origin-opener-policy: same-origin-allow-popups
etag: "126cc7ba59414199fa305aeecee0c018"
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:10:56 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Tue, 12 Dec 2023 08:50:56 GMT
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H2

200

embed_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/
Redirect Chain

https://www.tiktok.com/embed.js
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

46 KB
16 KB

40ms
10ms

Script
application/javascript

23.32.238.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Protocol: H2
Server: 23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-184.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 1d00d3c0
date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: a2mC7RA9gA0jSaiCieTPqA==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a23-32-238-180.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 19,23.32.238.188
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length: 15144
x-tos-request-id: 48f660a71c2e5ce863a71c2e-af54b31
x-tos-response-time: Sat, 24 Dec 2022 15:35:10 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 202212241923529BE5894CB9BC0D5DD8A6
etag: CPXr0NbkkPsCEAE=
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=273948
access-control-allow-credentials: false
x-tt-trace-host: 0110470ab938728df0b8f0941937cce062a64070455503055738e78975a5ef55deaab43b0618cd62f0c1ad82c7dcde01e8d08b04a4d04f8cf9945e35220c267dd9e5c44f98bb72bc3791f75839dedf811ca73ed0a7a3730c758f7f462991df5096cbfb4446d940bf9857a2aa10ba9de6d8cefffe3d1dcc54eddd8028c48cc47629
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

x-akamai-request-id: 734853a4
date: Tue, 12 Dec 2023 08:50:56 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-231212085055564B4FBA0A71C40E3F8B-12735F0A4B65C41A-00
x-cache: TCP_MISS from a184-84-216-147.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
server-timing: cdn-cache; desc=MISS, edge; dur=0, origin; dur=84
content-length: 136
proxy-status: 0000201302026000
pragma: no-cache
server: TLB
x-tt-logid: 20231212085055564B4FBA0A71C40E3F8B
content-type: text/html
location: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 84,184.84.216.147
x-tt-trace-host: 01b62c302be944ad67bd2f5a9a444331821cdd7f31c9fb93958314a6863502dd6895ed68ee991ef33b0e739bdd51e0d5edbc6edc4e6df3437386e40b44025dec3b
expires: Tue, 12 Dec 2023 08:50:56 GMT

GET
H3 200 obozrevatel.com.1418748.es6.js Show response
jsc.idealmedia.io/o/b/ 310 KB
96 KB 29ms
19ms Script
text/javascript 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.idealmedia.io/o/b/obozrevatel.com.1418748.es6.js

Requested by

Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/o/b/obozrevatel.com.1418748.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

608e789b80eae3a143b483cbaf3fa26bd1cf351daa903ae8df5a2d9435fa79fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
x-amz-version-id: xbWoyW7zi1TxgVBQsd4Wg8mdIEoB9zRe
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S85P5W4KFS7WJ8G0
age: 6610
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 97712
x-amz-id-2: ISnta2DiCja434NfG06oLvFV0RmN/DzNen8/hT7KcaiSh2x0O4CbaA23Ye60l3/LKSen+i75pYxa/pnMD12qbg==
last-modified: Mon, 27 Nov 2023 14:08:24 GMT
server: cloudflare
etag: "fdbc5ce9c5199e61d429f9e4ccd9db4e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 8344b8ff9e8c39bc-FRA
expires: Tue, 12 Dec 2023 11:50:56 GMT

GET
H3 200 obozrevatel.com.1480166.es6.js Show response
jsc.idealmedia.io/o/b/ 306 KB
96 KB 50ms
41ms Script
text/javascript 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.idealmedia.io/o/b/obozrevatel.com.1480166.es6.js

Requested by

Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/o/b/obozrevatel.com.1480166.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6dde0665ad67bd909964a77d07328afaca1265f1c760d4a7b5e8b1552a8e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
x-amz-version-id: pEVmmQ8YbcJN7GJ_VEds0kR8eSX29wmf
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KP16RQ4A6CPW0QD1
age: 3272
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 97514
x-amz-id-2: BAYOO+y4CeXXVKK6tZw2TviKbjcJAZjvdm+QSWCNQLiBGgEXYlj3x30aI52xC3RGMyeEB4XbClc=
last-modified: Mon, 27 Nov 2023 14:13:25 GMT
server: cloudflare
etag: "f909576943e20951f8043fa9bdc6243b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 8344b8ff9e8e39bc-FRA
expires: Tue, 12 Dec 2023 11:50:56 GMT

GET
H2 200 245452815915480 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 81ms
81ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/245452815915480?v=2.9.138&r=stable&domain=www.obozrevatel.ltd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0e544623460ed60d6db202ff08d73c1793a6814233ee815965b68c25f07d0da

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 08:50:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ge05y7N67dis0mvAjGr4wQ9YtwhwT0sr7c0w+wgPg6TmJ2eEk49lsIOrvcIKldiT4enN5vlAOz3+eHYO5PES9g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 8 KB
2 KB 28ms
14ms Fetch
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=4ffc5a85eb59ede149aff75197a72c94
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/4ffc5a85eb59ede149aff75197a72c94/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7ea7c66460bad9d8872b7467a39cdb784e0befceeea6fadb66599554355279ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
x-correlation-id: 44d24463aefdb07b4762cbde3cbf02e2
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-JBX3X27G7H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZV62SC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb259701ce0bfdeda57d45c96e58496302ee86b5d6b287a42e3f510c13e281c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88511
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 08:50:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JBX3X27G7H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZV62SC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d864e74f2632c22f87def88c73d8a1dec5722b2e6083eda7c0dd4abe77d1e3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 08:50:56 GMT

GET
BLOB 200
OK 2b06a4bf-4639-4262-8dcc-a9d0e399db73
https://www.obozrevatel.ltd/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.obozrevatel.ltd/2b06a4bf-4639-4262-8dcc-a9d0e399db73
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 2fb33b20-90c1-417a-81c6-bf4f87dfed74
https://www.obozrevatel.ltd/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.obozrevatel.ltd/2fb33b20-90c1-417a-81c6-bf4f87dfed74
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 477 / Show response
id.gravitec.net/ Frame 580D 1 KB
2 KB 49ms
7ms Document
text/html 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/4ffc5a85eb59ede149aff75197a72c94/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 82a300c536da4c16d421fe3f4c56cf023cfb94d3f785eb8aab775f6ee0e135f9

Request headers

Referer: https://www.obozrevatel.ltd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html
date: Tue, 12 Dec 2023 08:50:56 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EQgB1GY4tAAA
x-77-nzt-ray: 6d204d11d3db0a0ff01e7865ad7f2929
x-77-pop: frankfurtDE

GET
BLOB 200
OK d9a42de7-903c-49d4-88de-893ae328dae7
https://www.obozrevatel.ltd/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.obozrevatel.ltd/d9a42de7-903c-49d4-88de-893ae328dae7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK aacd8fd3-8ad1-486e-bff8-2ca2786e69f2
https://www.obozrevatel.ltd/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.obozrevatel.ltd/aacd8fd3-8ad1-486e-bff8-2ca2786e69f2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 5b2a5efc-6ca8-4927-bb73-d12c199c9a14
https://www.obozrevatel.ltd/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.obozrevatel.ltd/5b2a5efc-6ca8-4927-bb73-d12c199c9a14
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK f2b95e3c-992f-4306-8e69-c2b8d1e99c34
https://www.obozrevatel.ltd/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.obozrevatel.ltd/f2b95e3c-992f-4306-8e69-c2b8d1e99c34
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 431 KB
135 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84544
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 10 Dec 2024 09:21:52 GMT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 45ms
8ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/4ffc5a85eb59ede149aff75197a72c94/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Mon, 11 Mar 2024 08:50:56 GMT
date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H2 200 ym.js Show response
cdn-b.notsy.io/obz/ 542 KB
158 KB 42ms
8ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/obz/ym.js?1
Requested by: Host: www.obozrevatel.ltd
URL: https://www.obozrevatel.ltd/news/commons/index-1676391555845.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: d1e5ae7b312c5b0fb6e38fba06b3fbbc5a60310cc1fea4f216ac7ff985b05b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-storageserver: DE-680
cdn-cachedat: 12/11/2023 12:47:07
cdn-pullzone: 139012
last-modified: Fri, 08 Dec 2023 21:18:38 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 653
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6573882e-87969"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 30e5c49736f40eb8ba663a7f6555d0db
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 40ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JBX3X27G7H&gtm=45je3bt0v881676798z878209175&_p=1702371056534&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1597582662.1702371057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702371056&sct=1&seg=0&dl=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&dt=%D0%9E%D0%B4%D0%B8%D0%BD%20%D0%BD%D0%B0%20%D0%BE%D0%B4%D0%B8%D0%BD%20%D1%96%D0%B7%20%D0%B2%D0%BE%D1%80%D0%BE%D0%B3%D0%BE%D0%BC&en=oboz_endlessScrollPageView_&_fv=1&_nsi=1&_ss=1&ep.oboz_endlessScrollPageUrl=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&ep.oboz_endlessScrollPageCount=1&tfd=3641
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-JBX3X27G7H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JBX3X27G7H&cid=1597582662.1702371057&gtm=45je3bt0v881676798z878209175&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-JBX3X27G7H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 34ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JBX3X27G7H&gtm=45je3bt0v881676798z878209175&_p=1702371056534&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1597582662.1702371057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1702371056&sct=1&seg=1&dl=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&dt=%D0%9E%D0%B4%D0%B8%D0%BD%20%D0%BD%D0%B0%20%D0%BE%D0%B4%D0%B8%D0%BD%20%D1%96%D0%B7%20%D0%B2%D0%BE%D1%80%D0%BE%D0%B3%D0%BE%D0%BC&en=page_view&_c=1&ep.author_name=%D0%9C%D0%B0%D1%80%D0%B8%D0%BD%D0%B0%20%D0%9F%D0%BE%D0%B3%D0%BE%D1%80%D0%B8%D0%BB%D0%BA%D0%BE&ep.date_published=2023-03-10T13%3A09%3A00&ep.author_title=%D0%9F%D1%80%D0%B5%D0%BC%27%D1%94%D1%80-%D0%BC%D1%96%D0%BD%D1%96%D1%81%D1%82%D0%B5%D1%80%D0%BA%D0%B0%20%D0%A4%D1%96%D0%BD%D0%BB%D1%8F%D0%BD%D0%B4%D1%96%D1%97%20%D0%BF%D1%80%D0%B8%D0%B1%D1%83%D0%BB%D0%B0%20%D0%B7%20%D0%B2%D1%96%D0%B7%D0%B8%D1%82%D0%BE%D0%BC%20%D0%B4%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D1%80%D0%B0%D0%B7%D0%BE%D0%BC%20%D0%B7%20%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%BC%20%D0%B2%D1%88%D0%B0%D0%BD%D1%83%D0%B2%D0%B0%D0%BB%D0%B0%20%D0%BF%D0%B0%D0%BC%CA%BC%D1%8F%D1%82%D1%8C%20%22%D0%94%D0%B0%20%D0%92%D1%96%D0%BD%D1%87%D1%96%22.%20%D0%A4%D0%BE%D1%82%D0%BE&epn.comment_reaction=0&epn.facebook_reaction=0&ep.lang=ua&ep.themes=%D0%92%D1%96%D0%B9%D0%BD%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96&ep.tags=&ep.platform=desktop&ep.persons=%D0%92%D0%BE%D0%BB%D0%BE%D0%B4%D0%B8%D0%BC%D0%B8%D1%80%20%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%2C%D0%A1%D0%B0%D0%BD%D0%BD%D0%B0%20%D0%9C%D0%B0%D1%80%D1%96%D0%BD&ep.pageType=newsFull&ep.newsType=news&epn.newsId=2983006&ep.isAdult=false&ep.importance=MainFeed&ep.country=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&ep.ab_variation=A&_et=2&tfd=3647
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-JBX3X27G7H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 41ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JBX3X27G7H&cid=1597582662.1702371057&gtm=45je3bt0v881676798z878209175&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=816433484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.css
error.c.cdn77.org/css/ Frame 580D 3 KB
1 KB 34ms
6ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://error.c.cdn77.org/css/main.css
Requested by: Host: id.gravitec.net
URL: https://id.gravitec.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a483670a02ef0ad085346d9a7c353d1119f036dc6acea0107ad219f394954fea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.gravitec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
x-age-lb: 955260
x-77-cache: HIT
x-accel-date: 1701415796
x-77-nzt: EQwBw7WvJwH3fJMOAA
x-accel-expires: @1702379089
x-77-age: 955260
x-cache-lb: HIT
last-modified: Fri, 19 May 2017 12:31:29 GMT
server: CDN77-Turbo
etag: W/"591ee5a1-b0e"
x-77-nzt-ray: 25b021316e052a92f01e78653d70a52c
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=245452815915480&ev=PageView&dl=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&rl=&if=false&ts=1702371056729&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702371056729.752800293&ler=empty&it=1702371056582&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Dec 2023 08:50:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 39ms
7ms Fetch 3.78.238.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=4ffc5a85eb59ede149aff75197a72c94&user_id=ee397228-fe8c-48ba-9c4a-3db949c63d90&utmb=cbc9fc3c-37e4-4076-8b26-d25166754d6a&path=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.78.238.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-78-238-50.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
x-correlation-id: baee6164190e8faecd76fd204bd992a0
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1 ; mode=block
expires: 0

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 326ms
100ms Preflight 3.15.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-75.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://www.obozrevatel.ltd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 12 Dec 2023 08:50:57 GMT
x-amzn-RequestId: f1f1092d-925f-f2f7-ac03-281c0310f4a8

GET
H2 200 geolocation.json Show response
cdn-b.notsy.io/ 3 B
676 B 21ms
7ms Fetch
text/plain 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/geolocation.json
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ym-ip: 2a01:4a0:2b::3
date: Tue, 12 Dec 2023 08:50:56 GMT
cdn-edgestorageid: 1081
cdn-storageserver: DE-662
cdn-cachedat: 12/11/2023 12:47:06
cdn-pullzone: 139012
x-ym-country: DE
content-length: 3
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 309
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "622b54c3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, x-ym-ip, cdn-requestcountrycode
cache-control: public, max-age=86400
cdn-requestid: a588f696765fe7766cd983b6a8dfbbac
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 270 KB
66 KB 27ms
10ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:40:29 GMT
content-encoding: gzip
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 22:47:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 627
x-amz-server-side-encryption: AES256
etag: W/"aaba284d2b2910b9a4f56befae1e2e69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 0jpyyKXzIHwbYK00h-edJXvu4pmDd9IOUGMgAXfGkYHDRSc4xuXPKg==

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
546 B 104ms
104ms Fetch
application/x-amz-json-1.1 3.15.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-75.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: f6c16924a8b85daecf5de93e3088928c2d8de4f78ca690586a29dbc331277a86

Request headers

Referer: https://www.obozrevatel.ltd/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: de-DE,de;q=0.9
X-Amz-Date: 20231212T085056Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231212/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=ff2add063c1adb40226becb1d516fc640225edb9db84cb0669eb1fa4b807970b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 12 Dec 2023 08:50:57 GMT
x-amzn-RequestId: d4e44489-f3b9-40d7-8916-65b862f64688
Content-Length: 110
x-amz-id-2: LrApg+L9sY3Q8uHuDzkXhfNLWHgXtnPA5ByKu1MHl/CHD2cWKTofK0ODM8Fg9738aT/qe2RAojVFHGKcql/ga0kaZT6uBtws
Content-Type: application/x-amz-json-1.1

GET
H2 200 video.js Show response
cdn-b.notsy.io/video/ 388 KB
120 KB 17ms
16ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/video/video.js?23eef3|70f7f6
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 917c5c38eee727f77d68611d3d634d34b23c2561b48c1a20f544c6243fab0e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-storageserver: DE-165
cdn-cachedat: 12/12/2023 08:32:50
cdn-pullzone: 139012
last-modified: Tue, 12 Dec 2023 08:32:44 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 637
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65781aac-60e4c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: b345f9cd9c201df7cb19b5efa4079b7b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 40ms
16ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231212

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01c9ca897b40f739de756720a10f0d3af3059cfe9bd5f3a671c5c829983c29d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17402
x-jsd-version: 1.0.1901
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230041-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"63e-KGo5JCh4sdO/bULDY0aMGDCmNbg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUSa8bGcduJqM2I%2BczLtD1AmOAXJ68dDqzssuFr5S7%2BeCS4RyKlFgwH9UyzM9E9zIKTR%2FC6ZdzODNGlH%2BCCBn%2FWdlrMFQQ7k2FNJgytR5L%2FDr0PlKCwB8hCZ1p3pFU3IHAF926I5vjM5AzAFNso%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8344b90118959948-FRA

GET
H2

200

icm.gif
server.smartytech.io/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D
https://server.smartytech.io/icm.gif?uid=f39158c0-5a4e-473c-b8e6-b4f9e37b74df

43 B
339 B

84ms
25ms

Image
image/gif

146.59.110.145
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.smartytech.io/icm.gif?uid=f39158c0-5a4e-473c-b8e6-b4f9e37b74df
Protocol: H2
Server: 146.59.110.145 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3225527.ip-146-59-110.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
last-modified: Tue, 12 Dec 2023 08:50:56 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

location: https://server.smartytech.io/icm.gif?uid=f39158c0-5a4e-473c-b8e6-b4f9e37b74df
date: Tue, 12 Dec 2023 08:50:56 GMT
cache-control: no-store no-transform
server: nginx
content-length: 143
content-type: text/html; charset=utf-8

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0
https://pixel.onaudience.com/?partner=283&mapped=981eac5e-99ee-488d-925f-cce5ace7d1e4&gdpr=0
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=db11b9f5284730049d4738ab0106d1bf&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5a1761d7679b0898/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://spl.zeotap.com/?zdid=1332&zcluid=5a1761d7679b0898
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96aef98e-df1c-4fec-776f-7c018f56cb94&reqId=7ac99990-20fd-48da-6dca-20504d6a42fa&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96aef98e-df1c-4fec-776f-7c018f56cb94&reqId=7ac99990-20fd-48da-6dca-20504d6a42fa&zclu...
https://mwzeom.zeotap.com/mw?google_gid=CAESEM07ANwxr8dQ3w_wFr6hk1E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96aef98e-df1c-4fec-776f-7c018f56cb94&reqId=7ac99990-20fd-48da-6dca-205...

95 B
165 B

34ms
24ms

Image
image/png

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEM07ANwxr8dQ3w_wFr6hk1E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96aef98e-df1c-4fec-776f-7c018f56cb94&reqId=7ac99990-20fd-48da-6dca-20504d6a42fa&zcluid=5a1761d7679b0898&zdid=1332

Protocol

Server

2606:4700:10::ac43:db6 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.obozrevatel.ltd
access-control-allow-credentials: true
cf-ray: 8344b905ceaf2bcb-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEM07ANwxr8dQ3w_wFr6hk1E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96aef98e-df1c-4fec-776f-7c018f56cb94&reqId=7ac99990-20fd-48da-6dca-20504d6a42fa&zcluid=5a1761d7679b0898&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed_lib_v1.0.11.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 4 KB
2 KB 13ms
13ms Stylesheet
text/css 23.32.238.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-184.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-encoding: gzip
x-expires-ms: 1695680369553
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: zJ2Nyh55L+w+3gi0qlc5pw==
x-check-cacheable: YES
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
x-tos-request-id: 49dfd7108618ab1765108618-af54b35
x-tos-response-time: Sun, 24 Sep 2023 18:55:20 GMT
x-tt-logid: 2023092522192702D9E5496030DBCD9840
etag: "cc9d8dca1e792fec3ede08b4aa5739a7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-request-ip: fdbd:dc51:ff:8:0:244:9:243
cache-control: max-age=328584
x-tt-trace-host: 010371553e2e56e569fce7c6f0b5f606e02537aa12919bdb54e60c2ec97447ac88690318c0d22769dee39a82b66296ee2d91f4e8d84eaca257239c40d52c117ec5e99e61684dc0492eff2bbb4a549edfb629d4f716f9c21a837f9c22253003c4815e49b9be232a662d5108698c3993eae355528044958e57e2cb34753f3335169f
x-response-cache: edge_hit
access-control-allow-headers: *
x-akamai-request-id: 1d00d47f
date: Tue, 12 Dec 2023 08:50:56 GMT
x-cache: TCP_MEM_HIT from a23-32-238-180.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 895,23.48.22.180
content-length: 1362
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: TLB
access-control-max-age: 86400
access-control-allow-credentials: false
x-response-cinfo: fdbd:dc51:ff:8:0:244:9:243
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 embed_lib_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 15 KB
6 KB 14ms
14ms Script
application/javascript 23.32.238.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-184.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-encoding: gzip
x-expires-ms: 1690697061922
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: 6f9KK8Y3c/2Yh2WZTLuA2Q==
x-check-cacheable: YES
x-bdcdn-cache-status: TCP_MISS
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=268
x-tos-request-id: 56d386c5fd64bef964c5fd64-af5441b
x-tos-response-time: Sun, 30 Jul 2023 06:04:20 GMT
x-tt-logid: 20230730060419B606CD18FE1339D75109
etag: "CNX5z9bkkPsCEAE="
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
x-request-ip: fdbd:dc51:4000:283:a::138
cache-control: max-age=288303
x-tt-trace-host: 01fc5541eca403340d90acc77f37b806561d2f01a12188d2327cf6954edae27efa3512d59687a2b18700652027e984743b2bf4e75dfa289344a593725dbdc2fc4ffd1a5584db039b4b24dd2c3d64b3ed328035c85293611371b9a8eaa36dca0087229b422c23c6089b322f19f0cafd418c9d4daf6ecd3cc323b2e953ed6756b1a8
x-response-cache: miss
access-control-allow-headers: *
x-akamai-request-id: 1d00d480
date: Tue, 12 Dec 2023 08:50:56 GMT
x-cache: TCP_MEM_HIT from a23-32-238-180.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 49,23.192.47.228
content-length: 5449
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-credentials: false
x-response-cinfo: fdbd:dc51:4000:283:a::138
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 65ms
13ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.obozrevatel.ltd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.obozrevatel.ltd
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Tue, 12 Dec 2023 08:50:56 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
535 B 146ms
90ms XHR
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 471 B
1 KB 80ms
46ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

fcd1bc2d639054402957608b51d436b19530db2d56add22f3883fd24c68102e2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
an-x-request-uuid: e169a344-cf56-4e07-b78d-4a1b61600b8b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.37; 81.95.5.37; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 471
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
465 B 93ms
68ms XHR
text/javascript 167.235.184.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.171.184.235.167.clients.your-server.de

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
server: nginx
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.obozrevatel.ltd
p3p: CP="NID DSP ALL COR"
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 42
x-xss-protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
198 B 73ms
14ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=98561484538&lsavail=0

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.obozrevatel.ltd
date: Tue, 12 Dec 2023 08:50:56 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 18 KB
2 KB 390ms
189ms XHR
application/json 2607:4f00:944:0:3eec:efff:fed0:86a2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2b26138ddbcf65b9fac0e50b06c26cfbbc377b833bb66b0e3a3966922f477674

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 12 Dec 2023 08:50:56 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.obozrevatel.ltd
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1317

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 408 B
447 B 189ms
149ms XHR
application/json 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=6962,6962,6962,7945&sizes=970x250,336x280|600x280|300x250|600x250,300x600,300x100&referer=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 03f9f59fec107da216bfa36f0e4a225112ba3fb811ec0e6ea63bcae2014d0d5f

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.obozrevatel.ltd
date: Tue, 12 Dec 2023 08:50:56 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
549 B 47ms
23ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=641487
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143a03d19befa178dd89265dce5a9a322f949a00fe95947e5024738c554b3f5b

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6xYd1D2kp07sdlW2Jym2XG9W41nVK7w5BbwcEhAKGh74QLRXNSkdm%2F02f8CauvvIJXkDnS59OTttkvjCP%2F76iHAO%2FyH3b4kj1324DrJDToGPMQ4ARYGOQzlnRTFtZPLsnY1nfjt"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8344b901387b4d7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
182 B 54ms
20ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.obozrevatel.ltd
date: Tue, 12 Dec 2023 08:50:56 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 244ms
213ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.obozrevatel.ltd
date: Tue, 12 Dec 2023 08:50:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
594 B 31ms
8ms XHR
application/json 3.126.178.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&tmax=1000

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.178.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-223.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status: 17, 17, 17, 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
406 B 79ms
28ms XHR
application/json 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 4f21cda77923d01aef6e93d8501f188d204a2c39696b4c99c5ab8172a21a0b19

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 12 Dec 2023 08:50:56 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.obozrevatel.ltd
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
167 B 44ms
14ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.obozrevatel.ltd
pragma: no-cache
date: Tue, 12 Dec 2023 08:50:56 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid.1.2.aspx Show response
inv-nets.admixer.net/ 4 KB
4 KB 24ms
9ms XHR
text/javascript 167.235.184.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.171.184.235.167.clients.your-server.de

Software

nginx /

Resource Hash

d663bfbfc189f5e805b86189b9ec67bb6751fc8e5d90a460b148ffdd82a3ed72

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
server: nginx
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.obozrevatel.ltd
p3p: CP="NID DSP ALL COR"
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 3723
x-xss-protection: 0

POST
H2 200 pbjs Show response
prebid.redtram.com/ 5 KB
1 KB 40ms
13ms XHR
text/html 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.redtram.com/pbjs
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: TornadoServer/6.3.2 /
Resource Hash: 85c05009662d24b78059cd22c982260db89d2fb8bd87610cec23f56b66a7acb9

Request headers

Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
content-encoding: gzip
server: TornadoServer/6.3.2
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.obozrevatel.ltd
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 /
c.idealmedia.io/pv/ 43 B
107 B 30ms
22ms Image
image/gif 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.idealmedia.io/pv/?lu=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&cbuster=1702371056822999614396&pvid=18c5d38dcb5a02b984a&implVersion=11&cxurl=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&site=473433&i=1&scum=%3F0&scuw=%3F0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8344b901387d4d9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 71d4b8ca-53d1-4309-a952-3306259fb046 Show response
config.aps.amazon-adsystem.com/configs/ 746 B
1012 B 29ms
9ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 13573a000b1799533b6154346bdf4dbeb673482428b1d40fe5d0a35477e4a8e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:26:35 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1461
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 746
x-amz-cf-id: 6I_jQHnE31xIlbP73v86shn_dPI-ZsANUVla5Thl-lg4XlyfbCzpMA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 100ms
100ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.obozrevatel.ltd&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: JxeodreZLfMpguenXuT2jm8Yq5acrjYqfoS2nRgYbyRhr3yqUn7yXw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
467 B 62ms
42ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&pid=P1MRwA3feBYVv&cb=0&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_512964944%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F61770961%2FOBZ_ATA_970%22%7D%2C%7B%22sd%22%3A%22notsy_container_527846629%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%2C%22300x250%22%2C%22600x250%22%5D%2C%22sn%22%3A%22%2F61770961%2FOBZ_ITA_336%22%7D%2C%7B%22sd%22%3A%22notsy_container_180971046%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F61770961%2FOBZ_SBR_300c%2FOBZ_SBR_300c_1%22%7D%2C%7B%22sd%22%3A%22notsy_container_311250436%22%2C%22s%22%3A%5B%22300x100%22%5D%2C%22sn%22%3A%22%2F61770961%2FOBZ_SBR_300c%2FOBZ_SBR_300c_VENETO%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:56 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: T5GDHZF0XSKKRNE0CZXY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.obozrevatel.ltd
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: uCc1yGGFoSSC4_iqa0FZlGqs38ymKLsoI4Taw4WD6GtYVHFw1IftYg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 28ms
8ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 06:37:44 GMT
x-amz-cf-pop: FRA56-P6
age: 7996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 4NB-ICZPfPZ2gqU0PemZpSsTPYtUrv5fLzazaWkHRU7hcB50H1Cbog==

GET
BLOB 206
Partial Content 8dfe72ba-d83e-4cc7-b5c0-b1a3a86a2d5f
https://www.obozrevatel.ltd/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.obozrevatel.ltd/8dfe72ba-d83e-4cc7-b5c0-b1a3a86a2d5f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1 Show response
servicer.idealmedia.io/1418748/ 1 KB
1 KB 34ms
25ms Script
application/x-javascript 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.idealmedia.io/1418748/1?mp4=1&ap=1&w=0&h=1&wrongImageSize=1&sz=0x1&szp=1&szl=1&cols=1&sessionId=65781ef1-081ef&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&cbuster=1702371057035824151165&pvid=18c5d38dcb5a02b984a&implVersion=11&cxurl=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&scum=%3F0&scuw=%3F0&uniqId=149c6&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&apt=2023-03-10T13%3A09%3A00&tfre=2773

Requested by

Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/o/b/obozrevatel.com.1418748.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3145d48ee953e66228ba4be51b759da5be5dda4cfc38236a79f300b881f3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8344b9028a074d9d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTIvNDI1OTUxLzU3YzU1NzA5YTA2NWUyMzg0OTNlOTg2YWMxMjk2YWU0LmpwZWc.webp
s-img.idealmedia.io/n/10735060/45x45/137x0x410x410/ 672 B
995 B 39ms
14ms Image
image/webp 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.idealmedia.io/n/10735060/45x45/137x0x410x410/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTIvNDI1OTUxLzU3YzU1NzA5YTA2NWUyMzg0OTNlOTg2YWMxMjk2YWU0LmpwZWc.webp?v=1702371057-E5TsTPRGNTveNp87Ba6B8gcFNybOFUIM1H2G4QkAO_8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd2e7fd08b19ced87041640c67cd401538ef7062f90848eb458d72fa530b4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.obozrevatel.ltd/
Origin: https://www.obozrevatel.ltd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 930e4c5a-c9da-48b9-9a37-30b12ecbef50
age: 58411
alt-svc: h3=":443"; ma=86400
content-length: 672
last-modified: Wed, 06 Dec 2023 11:55:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8344b902e8ab37cb-FRA
expires: Tue, 12 Dec 2023 16:37:26 GMT

GET
H2 200 counter.php
autocounter.idealmedia.io/autocreative/ 0
43 B 139ms
139ms Image
image/gif 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autocounter.idealmedia.io/autocreative/counter.php?id=473433&pid=48018&referer=&cxurl=https://www.obozrevatel.ltd/ukr/politics-news/odin-na-odin-s-vragom.php&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&cbuster=1702371057074822503343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8344b902ba5d4d9d-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/gif

POST
H/1.1 204
No Content collect Show response
g.clarity.ms/ 0
299 B 129ms
129ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.obozrevatel.ltd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.obozrevatel.ltd
Date: Tue, 12 Dec 2023 08:50:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 149 KB
35 KB 384ms
383ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1229656014389578&correlator=4081494348065675&eid=44780990%2C21065725&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=61770961%2COBZ_ATA_970%2COBZ_ITA_336%2COBZ_SBR_300c%2COBZ_SBR_300c_1%2COBZ_SBR_300c_VENETO&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2F4%2C%2F0%2F3%2F5&prev_iu_szs=970x250%2C320x50%7C336x280%7C600x280%7C300x250%7C600x250%2C300x600%2C320x50%7C300x100&fluid=0%2Cheight%2C0%2Cheight&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1&sc=1&cookie_enabled=1&abxe=1&dt=1702371057223&lmt=1702371057&adxs=315%2C464%2C1155%2C1155&adys=266%2C1893%2C1399%2C1589&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.obozrevatel.ltd%2Fukr%2Fpolitics-news%2Fodin-na-odin-s-vragom.php&vis=1&psz=1348x292%7C742x322%7C300x250%7C300x100&msz=970x0%7C336x280%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1348%2C742%2C300%2C300&ga_vid=1597582662.1702371057&ga_sid=1702371057&ga_hid=727521433&ga_fc=true&dlt=1702371054263&idt=2471&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26section%3D%25D0%259D%25D0%25BE%25D0%25B2%25D0%25BE%25D1%2581%25D1%2582%25D0%25B8%2520%25D0%25BF%25D0%25BE%25D0%25BB%25D0%25B8%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B8%26pageType%3DnewsFull%26authors%3D%25D0%259C%25D0%25B0%25D1%2580%25D0%25B8%25D0%25BD%25D0%25B0%2520%25D0%259F%25D0%25BE%25D0%25B3%25D0%25BE%25D1%2580%25D0%25B8%25D0%25BB%25D0%25BA%25D0%25BE%26viewport%3D1600%26traffic_source%3Ddirect%26isAdult%3Dfalse%26total_banner_count%3D3%26person%3Daleksandr-usik%26page_id%3Darticle_desktop%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26section%3D%25D0%259D%25D0%25BE%25D0%25B2%25D0%25BE%25D1%2581%25D1%2582%25D0%25B8%2520%25D0%25BF%25D0%25BE%25D0%25BB%25D0%25B8%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B8%26pageType%3DnewsFull%26authors%3D%25D0%259C%25D0%25B0%25D1%2580%25D0%25B8%25D0%25BD%25D0%25B0%2520%25D0%259F%25D0%25BE%25D0%25B3%25D0%25BE%25D1%2580%25D0%25B8%25D0%25BB%25D0%25BA%25D0%25BE%26viewport%3D1600%26traffic_source%3Ddirect%26isAdult%3Dfalse%26total_banner_count%3D3%26person%3Daleksandr-usik%26page_id%3Darticle_desktop%26hb_format_redtram%3Dbanner%26hb_size_redtram%3D336x280%26hb_pb_redtram%3D0.02%26hb_adid_redtram%3D67227daabb5f04d%26hb_bidder_redtram%3Dredtram%26hb_format%3Dbanner%26hb_deal_redtram%3Dc51adeb7-32c4-49bf-8db4-a6ebe8156e2c%26hb_deal%3Dc51adeb7-32c4-49bf-8db4-a6ebe8156e2c%26hb_size%3D336x280%26hb_pb%3D0.02%26hb_adid%3D67227daabb5f04d%26hb_bidder%3Dredtram%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26section%3D%25D0%259D%25D0%25BE%25D0%25B2%25D0%25BE%25D1%2581%25D1%2582%25D0%25B8%2520%25D0%25BF%25D0%25BE%25D0%25BB%25D0%25B8%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B8%26pageType%3DnewsFull%26authors%3D%25D0%259C%25D0%25B0%25D1%2580%25D0%25B8%25D0%25BD%25D0%25B0%2520%25D0%259F%25D0%25BE%25D0%25B3%25D0%25BE%25D1%2580%25D0%25B8%25D0%25BB%25D0%25BA%25D0%25BE%26viewport%3D1600%26traffic_source%3Ddirect%26isAdult%3Dfalse%26total_banner_count%3D3%26person%3Daleksandr-usik%26page_id%3Darticle_desktop%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26section%3D%25D0%259D%25D0%25BE%25D0%25B2%25D0%25BE%25D1%2581%25D1%2582%25D0%25B8%2520%25D0%25BF%25D0%25BE%25D0%25BB%25D0%25B8%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B8%26pageType%3DnewsFull%26authors%3D%25D0%259C%25D0%25B0%25D1%2580%25D0%25B8%25D0%25BD%25D0%25B0%2520%25D0%259F%25D0%25BE%25D0%25B3%25D0%25BE%25D1%2580%25D0%25B8%25D0%25BB%25D0%25BA%25D0%25BE%26viewport%3D1600%26traffic_source%3Ddirect%26isAdult%3Dfalse%26total_banner_count%3D3%26person%3Daleksandr-usik%26page_id%3Darticle_desktop%26amznbid%3D2%26amznp%3D2&adks=1147331902%2C3948729450%2C3864315174%2C1610699774&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

053b8167334b1fbf88e35aaafa64222300f1b6d4bbdfd5e8302d99b9891b47e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35909
x-xss-protection: 0
google-lineitem-id: -1,5349000716,5349000716,5839810947
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138398704181,138387857491,138456121060
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.obozrevatel.ltd
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 80ms
56ms XHR
application/json 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3492739925a674c9be4e8d12b9a40a9bcbf0d83130d7ad404c84bbe063e60cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12290
x-xss-protection: 0

GET
H2 200 container.html Show response
bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 78BB 6 KB
3 KB 80ms
42ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:50:57 GMT
expires: Wed, 11 Dec 2024 08:50:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:50:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FEE3 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 12:33:34 GMT
expires: Tue, 10 Dec 2024 12:33:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 271C 829 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:813::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

4d40bc198c59b1bb02a255d3d038923b8d9dbd09f08a27e810b236dd8b742ee0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WhLVW-9cMYDYPUNuWL0Unw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.obozrevatel.ltd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WhLVW-9cMYDYPUNuWL0Unw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:50:57 GMT
expires: Tue, 12 Dec 2023 08:50:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FEE3 39 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 271C 0
0 42ms
42ms Image
text/html 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=1229656014389578&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 container.html Show response
bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B7D 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:50:57 GMT
expires: Wed, 11 Dec 2024 08:50:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE79 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:50:57 GMT
expires: Wed, 11 Dec 2024 08:50:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E83F 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obozrevatel.ltd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:50:57 GMT
expires: Wed, 11 Dec 2024 08:50:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8966 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH4k1miszB5HPPR1GLCnMyzCM3yo8Mix0Y3mKQMTfe3yGD9_KeWYRS-wafQn2fFeuUZQm202YUmM4tTY_h5jEcXTdgiXx0ysSWzZoNdD954p0nWtXUz3n0DVvLp7ynGxPkNgO1M4PyKiuQBW_Avit3yqCD9OLMVAFn3hV5m5f10JzN54QP_AE4X_upUdpll0lKZLrOHfd_KHaTsFh9Gt7YLFU94GjN4ulY1m7a08wGsqPzQThs2KC13-iJpZwqwk8gPlLk-qWzuT2TxG0j7Xb2ffmAvW5r4Selt5IpWkogIH29Wd4RpjRQfq5jMOslHIPfMkfL7eMxiaSZCf5hO4L_euQ19G8qC0LnLA8lnEnS_Kyv1nMp9g&sai=AMfl-YTd4gBZckJCYK-AkfgTvWekGTbBZlm0vDInO7XS88imk2Zvp6nscLgItLvagnUTA0uuypo341p-Q-XWsXTxRNVN40En-tD_RJ_tO1OIwXJJbv7bnL57tN7mY_c6wesWTt0PQXR7mtbdR4er1eZrWVqP&sig=Cg0ArKJSzLjUXDo9Xqp0EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8966 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8966 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8966 203 KB
65 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:50:57 GMT

GET
H3 200 7846121117902013463
tpc.googlesyndication.com/simgad/ Frame 8966 10 KB
10 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7846121117902013463

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3776b3c1e3ead88720ce509a95451c76dd96b111f27c74dca5e13038e577d35e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:48:29 GMT
x-content-type-options: nosniff
age: 148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10630
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 09:24:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 08:48:29 GMT

GET
DATA 200
OK truncated
/ Frame 8966 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfc9ab3970c655c214040d1c068ad418c5ceeb14978dba7e718ff601f23b135e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FEE3 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Jintzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B0A9 624 B
689 B 72ms
47ms Document
text/html 2a00:1450:4001:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNXfqg7UkldeCMa9qZpsZhECzQliRHTdfVwZ07YeVSv_8T2XS-RE0dKZGBf6W-c9aT7QKUOReRz1e5jbfC8Qhdq8fD8cNdXHvAD9OacV3cE5P5vgvkPckUmHCYiomms2wWcizPRTD0FNFZYO0wcVqy_rLJdkoAzCjA3cnyMY3KYtAXc8X18

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:50:57 GMT
expires: Tue, 12 Dec 2023 08:50:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FEA7 89 KB
31 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:50:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FEA7 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FEA7 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEA7 203 KB
64 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:50:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FEA7 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnzFCxTSWyx5kl3Gdqr6WuSg5fte0P-F9BPQ0UV_F2M6RkvlfHpOEF53SV6ZhPkWOX2UXiv0bsOlkdTUKB-FbfbeWqDz3pJns0dqLUuVWhYyAzwyk

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DE79 24 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 obozrevatel.com.361086.js Show response
jsc.mgid.com/o/b/ Frame DE79 4 KB
2 KB 65ms
25ms Script
text/javascript 2606:4700:1::6813:834c

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/o/b/obozrevatel.com.361086.js

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2a9d85708ae6fee2885e8af1dee0a9512e7def8ec4f35ecfab339d08e2e165cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
x-amz-version-id: UefvdB85stL4DyYmYiGuiHAQSTEyvhUK
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: F6GDMA52C402VZMG
age: 1339
cf-polished: origSize=3765
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KlIF9xWYl58FQBHQ3kVwkDXfuI399ui5wX3JUK8Ch9iNL3+AFpR/1cYUX+BX9TW8k/f30ncTWmWNs2hhcIfTrA==
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:50:04 GMT
server: cloudflare
etag: W/"e0c4051359702c29ace110fd289f0c4f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8344b906feaac2c0-VIE
expires: Tue, 12 Dec 2023 11:50:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE79 203 KB
64 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:50:57 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E83F 24 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 obozrevatel.com.361087.js Show response
jsc.mgid.com/o/b/ Frame E83F 4 KB
2 KB 65ms
26ms Script
text/javascript 2606:4700:1::6813:834c

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/o/b/obozrevatel.com.361087.js

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fcb16add1f59e18325bbe572d717a434921ed7e90363f143f2f6402320c6a272

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
x-amz-version-id: ydkEyi_2nqNgTsy7qqty20DbFl8894ZT
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KCSZCQZBBD7CMC4Z
age: 4229
cf-polished: origSize=3765
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4Ss6rrRBVGw8qbqMeijRRfsaCp0SsBYxzBC/GrEztcWTSQnPuGbOBkB7870D4Ojz1mENOl4sbRg=
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:50:06 GMT
server: cloudflare
etag: W/"c4808b3dce52b0fbf961f2e05b9bb33c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8344b906feabc2c0-VIE
expires: Tue, 12 Dec 2023 11:50:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E83F 203 KB
64 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:50:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8966 0
0 64ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqIBm54Tr3cz7RExnoYLw63jbEIdNQ4-rEeGoRmv_hOKx5Fq7Ud7K9p8Kxd91cacmRs-yj11kUIP4lECTtecW8ZGdkKQwJJkPSYL1_nmMXDL9xhdztlmTLKPpP3MRH9TEjcBJjBnwbhVSh1jVah7yLXAyAkhaA59noDfgF5WdVpLzK_FPSUvJvNocrS76fF4f5ZtmQ-XspuYmEBZ6RL7jVOx9t9DZAr1c2BBmyAPdqyDW-lYla1S4LFBey3XWcpuRxgZ65MDgEHSWoINL9N3eZNH-FDTK2tpPfLd6lQ8AXuOZ4qeO9e6sLwbt_r4SToe7dN8yZaf2xnIbEw6-I3n-9g4vzX_kyUXTOXGDVDHE9biWj4GX1ZVty&sai=AMfl-YRtAgcd_ds5pBg3gsi9jSfNmrVm2I58tEFzHiHwsygvxGdr-HLylSz1Tj37UNm4ye6Dvl1N6dagVrBCKgZzIpNnr0NIkk1vAPvDewzCGJTyHPi1v8CEKqTy9l3sz1PDztOP3BCa8gN4NabvLdeGFmo8&sig=Cg0ArKJSzEjIHixfKwqOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:50:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE79 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVDHuKXm_xxU6K_OshYnoFg3VzR9Yasu56VTk1htP5Uz7Ktm97CLLne9yZgjXQ43N1gEsdTJJHw9lymiqo7QGOgB4p63zxydzAM2SJWsPfSX-7HRtv21LnLw8n5OUUKiTRIKrYbMyvXSjmQUhffJFEzeqkgL6tE48a0Bv9GhzP_K7HfVVrsA1xrQiVMJdePI1yZR5334kjB1WbNdxch2VLTtXRMpZKtmpy4YA11MYa28KtI32u04Mbnt79ICA9_g5b-ppQPFleO0LZzy6Hsxj7f7n_r96G4sqp9a4UQMROq5lyWbuO_i1NVEznP9Dhdk4iR4JRqsCIYVIZVa08Ck-IHL7kXNbllcV01eHpCDvXuYum9Z8Vp83Lu257GdejzeF9EQpdezax&sai=AMfl-YQ_8b-sGm18BCi13STFAOigUa4w_9aWnzkrxHhDgyaEkl8UpcCvBOm-iMbKHhWOqHUdpsj9hJU1qMYAiauWH8EEV3xP5fUuT3XV8Cbq90DFcmxWIWJBbxt536HO61kP2RWqtXrqdec7H9yWdHHCy9Ac&sig=Cg0ArKJSzBfZrqVaXY7eEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E83F 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOPSfSekmAwDFejw7M_eN9ZXV6Nfc9V4osdho1O-3caE22R50ILF7j9VKfQT8vKrlzU13LcozPc5M0Litg0zEiydfYLnEA1mfuPqxJjssQRbl9t5clZ8OUCHBqyOgRciYjr-9HnH-i70tHH9woTPZ2C4UtKQm6DHS-t_q5rRa1-ZR-Z6TPEZaX5NmAD4uC9VLdGavUqsV5EpA4Hs4W1K04V4ErvNdHqDjd_yvpX7Dg6eXhPhUkGTCml1bvjsKSz5stldNOC3tYKHhB3TXP30rnzeskCP5kd3-IqjKNd__Jd84pwmETcpnO5y343SkPa_sWfDEXxNyB-KBxIm40Hzfykafc3wQxWoiF68HEvwJ5S9_pjn1deWsdDVocBizdwDkh7HBXPauphb1VdH55sjfdjcXnejtH9g&sai=AMfl-YT81Mte7xK0b9U7WSYNJv4hIP2hUhPWKC33Pif_cg-_xW37qAdAO8EvldJI87TQLN46wqMNDloE_h4JZSK-b_Nlkmc1fK8TD9hu2f2Q3Ebku-_b3YYgvwpJzZgVxOtF9peZp4fW0XCyMbx5bJefYl6m&sig=Cg0ArKJSzGq8H60OtWA2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FEA7 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9253118900228&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FEA7 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9253118900228&version=m202309260101&ct=76&x=1&cor=18205089292103318000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FEA7 93 KB
39 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHJjrJMmfSpwFDZfkX4bn8Cxl6QEJlcIr1CcEkGA_VuLh-NiMkogogJU1PHLXSzRW5sbn-f740N7TU4Qu_XsaZtqw5P9edx_drcYJ3ra8j_xQWUE2drI_vor1ud5HrTjZyxEch4eEXYAC29hzUwM7oMtXNIfALerdAQNaa_n1VDkgFKaw&dbm_d=AKAmf-BSOukhbk5UmiN5VbWAffoviXplqNytr_keU3Xvh-jZH1ASJzLFNtmUoUF6Xir1c-uDVuzyv20CTbrFDA9eUNB1jvxTRWcfo8oCchPx1FDEZ3-vdLJk6U9wykRd4qn73nGJ4GVDh5W_Qr_AUFjE4dPv0Syad0HoIBNtCZjQQgDJ25r87lKDNWHZSlKLJzJlj04Ry7ucR9_56C2YQSP-euOZyKFqoj3-wfWfQDsCDAHRdPJcEz1tVPgXLSi1C5wTs5hGcSn_tH8qSv-D6Edm4ew05zuyzRFbap1TJ5_CJ1fRjjhwMp_e0LOPHpmsJaXubTSSYq-ZUsnKgOCeGOTsgAg0pJI6zUuPqTWkVQWJ6gAyd9W_ti4KzePJRfe-20fBrjb_bEol-83mZDW82S8yqjkTB0oSkKAAfi_yblZWAu_6efs1EhB6u5WBIhavC6C7wDa9ob143XxhXM-GJd4TTn9NaskBisgEZkYgdQBAwnKYSao0RY4ihhwtD4lh9DXK_7oBJdYnUyOraSeYRHJsHuZpHoEzl1S10UOBoexrQrpFVZFDlDw01Fyd9tNNWlPsKUARzuLzPM-B1VFyP1YFOXzQ8k_OzMWgupZNV3WF39PfKZU-Jk6jBOSPAVS6NvDsKqSI2RieROmcthLcyxYyYWDZjg3z0b9mB9CAjEDm0et344ve1Tj8pSYdMUUCo9BV3chXjn-3VHFhpdy0SnsDDUNeEv2vRO27SwwWK2b_7EpdweXGkPbxgqQktGobCrLJlp_QCniHicr-QHzzwlGMlm2FPzQUkrOz9aAmmKiIbXCt5qD_3hk5LfV9-Fa8Maijw0uGD4UBgzsq6TlMZjWuQjlRnBgJUJNl2zoqWXEPsjiRG3itbTJGWe5JpXVLR8M-pjL8fTntZRWWMdGDvejE9G3B4Wk2PBmPe8SGpp59r0gXAW_QHYibvOIok8Gl64x42blz2evfNvMUe9sFso5b1rWMWCo_im9Cnf0bkSU9QR5dJfpZGEgIoaFGJqIlBBN9tuTzV71HlqsYbC5CZqr1gW4OeNn1WTVE37ZU4GSCo0A8pcY10eGVljZDBvb_VsXS4QkJ-g2mEkf7Zc_3R9_jK1lZFpriM1m5VKG77pk_xNNfZmc9kLIz8z9CS1DtCvXbrGZ2jVNCwIljHPVQKv2ozWfEws5SgbLolzrgnPnaUp2gyp1U_OFTmb4Cex05IpuLq_1osQhzyWpTicy3t4RneX4JbyTZXPu_h-GhTt7LEiNMHu1s4rMMhvMZFgFtNWDUKwCbZUqha3Jfl6cAYfJuy97O2k7xzaAtoiRmYTOfQe8mm1d5ZSHxKhsF0QqjqTnVizyzyF_g1MnC4xCqU-K2cMIvuAe-azxIVTH70uBSPTbTwsjuKq1LID1c69INRtOtG43om9Lw4beBi2WmhhNOHnDldnyTEeP_vKCspwwlExxGqzz2Ld-1LcU9ubyK8l0Utw3llSppY2G55fv2sUzN81X3wjn3qFJT4Vj1RC2e0LopsQb_JfDb5Xtqk3LAhiDVXvJrGzjoIrdaxiKgHZShtNywHaYSXZ1FB1LfyKyyrDIRKOwC_c8FrsDij2FqIoOgKUtKn8goitGKLtEIiuPZTIG0-jU3CcQXNKX4Z3yUl4bK6bAZrkNW9HgPjxXRxtTPbReAmSIZFdEKwIXXGiVRXtI_jodYBFAINbghEXWBRcq-QMk5kpw2hyxoyzVVHK9JwtTNgRtaT5vgjdkHdkIZLBy4N0RIXKi0ShItT9eq_44-NeNlZK2gd4c1Fk_VEZuVsIEezn2SYBsflgULrLfUVtm_a0EJ-08QAvS4hH8R0utbLfDhUztOlGIXTjONRDjatpSVPPK26T0zL-3Rp_jBAsZxktFgEYdR99ScusLXUMPTPSFhaFFabbvvnas34FsbSglU9c_Tex3M2m0WqNCfNFGer1rZ8YHAvHpV_Ym-Z7v255qizdS5WzgQS8DAHfPHURfphFtyqY_YaV9WX-Cejk1yMZW_zgkVQVQnL5wE-a8S3GNQykyYJD0hwE49bp3HC4pzdDbR21nMNudySsk715rNoRcAyxbGMPCQmHnRhzqleXkWi9qx4uWT6ToGySnfYFz6vZelI3hNucMxru_F_JsmqBLqw5PRQDjG7CH3o_j6TwLc7w0zlxl8vT4HIyCqoP4Ne6OBE83ysinNnea8fNEJ09xRF9J8nkkNDlucl_GB7Lo2VarWU38yR8U-R0YFXblBbsOQmpgWKuutsJmXtg2kQyV9O-37m8vch_-9pnVSmWbQdKDa6d-JTHVoLI6xiP9RywnOV50cc-nm49RXVEi67JH0chRjY4UA0XjOdFM-jDJJjBflunkSz0T_5nN3Tc9dEkJ925IiRNohzBZOSyS7wi27KCMTQ9CwKoAXY-FayKVLcTwl6nSK-rNTZRMF2l72T3FCR2Po9GgHNkTrIj05Mf0lripiiILO5Ueg8LJGfrxzea1iFe2JfIvVz3uSEbIoaFf_NcQYzgbLrrR9SaUQli6yO2_Uj3glyvUKheijvo0mjANnqTdfdpJ02NnoupIlN4h1NBXOJxJsYso0c2j1e00WsbH0EFUo4HWPKNr0kj6xlhKTG6th8oVywjXBmI5aaGgtEVowLAUxMRHArWMW7G5iitemoLcLfol_1MhNQ9iOml_mqEO6cjlZ8YOIlxWIYmxHyS5yhraYTff2_UvmDlW243tVKYg8ZoxhK0oJTNXc_D87U3L48k__ljMRzGwdU168JEpewMjNx9yr3Fq3i06jJlWSeZhZz7Fwz_zNXSADcDxnP5h8Papg7evD1RRx_uoqhoUZe8jH5Fh9fsWBYcoF3l8WTOfk6UPke7n_Lr32T-G-iqMU9Ms7r6fRckaj7EsCo0dKQcOAYJEuE0EFLPK4CFCbGJpUJqPlAPi1JIskqqFv4OTBGav23N0cTu5xcD4LSGmu5Cs68-oLe8mqXVRPA7BER89MA3a40Jo6huhr4-WJ0-zv5NiEITGyAG5C08tvEz-yCemY-MwD77_IJvMH5Gxzztv1YMozEJtvBE9um8rRdOVxWDYTZQ3730xZwitAP6fHAxTJDruf8C9av_rwpWm_tTAHYLenoNW6KiDEzRb4rsMUfC2W1u9YL44mWzsExAoBtBKtAV1ctzkHyMs74xHki-uo7fEC6U29hfiUxQIEim0jLlPFgG8KWMAHhYl2kCaNol4N-Grp9HWhAXfBN_dPuNuQYEghGaw98TepTOxVER4hyoh2LhOTXD0U5wO7ycRHlZsNxrXSwV3DaPsGaC1XwBl0YpY_xi9rRPl7xNrK-swODPglUbiWhYg6ziajgCk7f7IVEzNAaDHyZSZKwShmwPic_4Tw1VRqUZeZ34Z67l3gEJ87cSqptPEzgbt13VY4N1lGaYcu9f9Ba20PPwfOpzjMYpIL-FlJkN_ISE1HP0HTnfqHAPhxDs4UqGu292MUhq3V-o4tYAfbTqYx9foF4COKfoZ5rXskr24PHPsRJZ7ihICCDi3y4cd08H2fSS-d2AUhUzh89YRXkRHoyjuUJuXzEoxawPsNEThIc8tTR5J8ZirR8EZfXcoI2Z3xOj4RhNhvwUSdi4iAtBXFvI5UtnFuWX1fitfEWrEytaNuExMR6Y_uEDQCAghLNORoOY8kACEV8zKKPIy1PhXYx7R1p4KBTZ3jaUZIJg8Zw70L44w7wW8ZyQYEkjKvQJsnOjS5mGhogcvcbA6oOPhfk9jWkyvGJI_dDzM1-SEfqUeWa0IFOt737mMA5ANNUTW6wXn6n8G785TLneaaOrrdUXxGfHNdVomUM3dJ1f9hX5I8npGhVpJwrEq4cdZMBb-1ZtMldqOfQSGWwF7mNpxecm-gwwNT5ZO4haL9-Gz2Z_lAc8hkU0RuqQg4XnKsRfQ8fqPJ6F_COumcr4_U6yDyajv2Rz6H-dkXcL6Pb5rfPnO31gQDVXODPTvBl2sD9SFr9ZKqghkPxI8dFW8xROFSUNEZ9ytHUCFSVKP1DJrzFtYrVvqvuk_lHbz7NHnoSnTHia2aHWAAEKpVLycsXHYNnAIfXAHgnUGtFoPBugYwWcPBqwowMpkSVxtaneYjKixP-B5xksMf5_qjqFluwVw3Dg&cid=CAQSTwDICaaNYU3dxEPt-0ghsI-hn9YZnSGk8txD9ACXjhFnZSI0CDL6BcOTkdKXxI7ilStbTJBqZEJSaNYrhys7gR84hC0vDHHyYAGnhnYtSigYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.obozrevatel.ltd%2F&ds=l&xdt=1&iif=1&cor=18205089292103318000&adk=1761367584&idt=66&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a85f4b237e5a3771aaff124baeea85278de9c0ff567eb769c47d18e7f182d62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39639
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B0A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDMen9EQLMIH4FG3kFsUvtE&google_cver=1

43 B
340 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDMen9EQLMIH4FG3kFsUvtE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNXfqg7UkldeCMa9qZpsZhECzQliRHTdfVwZ07YeVSv_8T2XS-RE0dKZGBf6W-c9aT7QKUOReRz1e5jbfC8Qhdq8fD8cNdXHvAD9OacV3cE5P5vgvkPckUmHCYiomms2wWcizPRTD0FNFZYO0wcVqy_rLJdkoAzCjA3cnyMY3KYtAXc8X18
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65QBVIQXC%2Ft5pTHcfMGWte3iKUksOui9MWc474OK7Mh9hZbBspK4FDqD%2FYACKMCQTZsBRyUsCy2XJVl%2BkQN1%2Fpaa7Ze9%2FJwPxKCrUGvdXAVmc0nDdl8XgHHXwtTqk6he9x2eVHqieJklIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8344b907bfa34d7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDMen9EQLMIH4FG3kFsUvtE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B0A9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXge8S9xpryTDtT89BizHgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDMen9EQLMIH4FG3kFsUvtE&google_cver=1

43 B
330 B

30ms
30ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDMen9EQLMIH4FG3kFsUvtE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNXfqg7UkldeCMa9qZpsZhECzQliRHTdfVwZ07YeVSv_8T2XS-RE0dKZGBf6W-c9aT7QKUOReRz1e5jbfC8Qhdq8fD8cNdXHvAD9OacV3cE5P5vgvkPckUmHCYiomms2wWcizPRTD0FNFZYO0wcVqy_rLJdkoAzCjA3cnyMY3KYtAXc8X18
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpzqYTi8klAX5Vei7RAp2FNaFfgvb0B%2BJlheitD%2B7jznAQOzSh7utOvispScL2sPIFBh8sh%2Fx%2B8ua0rLgpfLHpYTSWxeiIZgCdxYLn9Fj6JVJuAxreXOvJN2f7S38j%2B353f%2FHSfDi%2BE4yw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8344b9081fe94d7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDMen9EQLMIH4FG3kFsUvtE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B0A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEInrQgzZB9ujWxnx2DANi7w&google_cver=1

43 B
838 B

15ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEInrQgzZB9ujWxnx2DANi7w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNXfqg7UkldeCMa9qZpsZhECzQliRHTdfVwZ07YeVSv_8T2XS-RE0dKZGBf6W-c9aT7QKUOReRz1e5jbfC8Qhdq8fD8cNdXHvAD9OacV3cE5P5vgvkPckUmHCYiomms2wWcizPRTD0FNFZYO0wcVqy_rLJdkoAzCjA3cnyMY3KYtAXc8X18

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
an-x-request-uuid: 46699a70-45fe-413d-ad24-e4ae5d44598c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.37; 81.95.5.37; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEInrQgzZB9ujWxnx2DANi7w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0A9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwMTE2MzcxMzU4NjQ4MjE3Nw%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwMTE2MzcxMzU4NjQ4MjE3Nw%3D%3D

Requested by

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
an-x-request-uuid: 7e6d5110-230f-4533-ba36-7053ac4d4264
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwMTE2MzcxMzU4NjQ4MjE3Nw%3D%3D
x-proxy-origin: 81.95.5.37; 81.95.5.37; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 101ms
24ms Script
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/obz/ym.js?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:50:57 GMT

GET
DATA 200
OK truncated
/ Frame DE79 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee8d76bf3a0d3cb6068d437a035eb116c811906fc0c7b92ae3776536318a5a31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E83F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 578fa02ea9ef3f77c78cce63d236bbfc1c1eec14a1a56889926b55182a1cf3d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 obozrevatel.com.361086.es6.js Show response
jsc.mgid.com/o/b/ Frame DE79 365 KB
99 KB 143ms
69ms Script
text/javascript 2606:4700:1::6813:834c

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/o/b/obozrevatel.com.361086.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/b/obozrevatel.com.361086.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:834c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0c667361d9650299a7f2ae9f4d0f62a7cfa40bfee315d09515dcbf17bc55be64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
Origin: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
x-amz-version-id: jHMmAwee7Nname8UmzInq3IUDCDC5L9O
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TD8DS21XDNC716HZ
age: 1248
cf-polished: origSize=373583
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LQcUwpa4FAgAMXDFz1pj51jrnuNEy9oBjCt4eywOaE2hGplWcnpYWlX+Yu99mZpXFJvrKE9xHr1Xv2ruajE2wg==
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:50:04 GMT
server: cloudflare
etag: W/"b61af41bc755d04da036c3bb5d6f9d70"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8344b9083fb7c293-VIE
expires: Tue, 12 Dec 2023 11:50:57 GMT

GET
H3 200 obozrevatel.com.361087.es6.js Show response
jsc.mgid.com/o/b/ Frame E83F 305 KB
93 KB 105ms
31ms Script
text/javascript 2606:4700:1::6813:834c

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/o/b/obozrevatel.com.361087.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/b/obozrevatel.com.361087.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:834c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

359ab90e6488393c144aad1b5962e847c3b989554ab2a5e45868a557add53bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
Origin: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:57 GMT
x-amz-version-id: ggIK5ll6SOkSzbaLy.hlUanGWWw9lhoE
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YTRVMMYSE8T0XPQE
age: 6468
cf-polished: origSize=311956
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: n0dKfmqU4Zdf8KyU4Q889mB6Kyy5B8R+lix5M29E65KrijTq6m4uW9SBZjbaUt3p+G/HEBTgfGM=
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:50:05 GMT
server: cloudflare
etag: W/"ac327dbbbbad75ac284446f648fac92e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8344b9083fb5c293-VIE
expires: Tue, 12 Dec 2023 11:50:57 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FEA7 111 KB
39 KB 80ms
7ms Script
text/javascript 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
Origin: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FEA7 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHJjrJMmfSpwFDZfkX4bn8Cxl6QEJlcIr1CcEkGA_VuLh-NiMkogogJU1PHLXSzRW5sbn-f740N7TU4Qu_XsaZtqw5P9edx_drcYJ3ra8j_xQWUE2drI_vor1ud5HrTjZyxEch4eEXYAC29hzUwM7oMtXNIfALerdAQNaa_n1VDkgFKaw&dbm_d=AKAmf-BSOukhbk5UmiN5VbWAffoviXplqNytr_keU3Xvh-jZH1ASJzLFNtmUoUF6Xir1c-uDVuzyv20CTbrFDA9eUNB1jvxTRWcfo8oCchPx1FDEZ3-vdLJk6U9wykRd4qn73nGJ4GVDh5W_Qr_AUFjE4dPv0Syad0HoIBNtCZjQQgDJ25r87lKDNWHZSlKLJzJlj04Ry7ucR9_56C2YQSP-euOZyKFqoj3-wfWfQDsCDAHRdPJcEz1tVPgXLSi1C5wTs5hGcSn_tH8qSv-D6Edm4ew05zuyzRFbap1TJ5_CJ1fRjjhwMp_e0LOPHpmsJaXubTSSYq-ZUsnKgOCeGOTsgAg0pJI6zUuPqTWkVQWJ6gAyd9W_ti4KzePJRfe-20fBrjb_bEol-83mZDW82S8yqjkTB0oSkKAAfi_yblZWAu_6efs1EhB6u5WBIhavC6C7wDa9ob143XxhXM-GJd4TTn9NaskBisgEZkYgdQBAwnKYSao0RY4ihhwtD4lh9DXK_7oBJdYnUyOraSeYRHJsHuZpHoEzl1S10UOBoexrQrpFVZFDlDw01Fyd9tNNWlPsKUARzuLzPM-B1VFyP1YFOXzQ8k_OzMWgupZNV3WF39PfKZU-Jk6jBOSPAVS6NvDsKqSI2RieROmcthLcyxYyYWDZjg3z0b9mB9CAjEDm0et344ve1Tj8pSYdMUUCo9BV3chXjn-3VHFhpdy0SnsDDUNeEv2vRO27SwwWK2b_7EpdweXGkPbxgqQktGobCrLJlp_QCniHicr-QHzzwlGMlm2FPzQUkrOz9aAmmKiIbXCt5qD_3hk5LfV9-Fa8Maijw0uGD4UBgzsq6TlMZjWuQjlRnBgJUJNl2zoqWXEPsjiRG3itbTJGWe5JpXVLR8M-pjL8fTntZRWWMdGDvejE9G3B4Wk2PBmPe8SGpp59r0gXAW_QHYibvOIok8Gl64x42blz2evfNvMUe9sFso5b1rWMWCo_im9Cnf0bkSU9QR5dJfpZGEgIoaFGJqIlBBN9tuTzV71HlqsYbC5CZqr1gW4OeNn1WTVE37ZU4GSCo0A8pcY10eGVljZDBvb_VsXS4QkJ-g2mEkf7Zc_3R9_jK1lZFpriM1m5VKG77pk_xNNfZmc9kLIz8z9CS1DtCvXbrGZ2jVNCwIljHPVQKv2ozWfEws5SgbLolzrgnPnaUp2gyp1U_OFTmb4Cex05IpuLq_1osQhzyWpTicy3t4RneX4JbyTZXPu_h-GhTt7LEiNMHu1s4rMMhvMZFgFtNWDUKwCbZUqha3Jfl6cAYfJuy97O2k7xzaAtoiRmYTOfQe8mm1d5ZSHxKhsF0QqjqTnVizyzyF_g1MnC4xCqU-K2cMIvuAe-azxIVTH70uBSPTbTwsjuKq1LID1c69INRtOtG43om9Lw4beBi2WmhhNOHnDldnyTEeP_vKCspwwlExxGqzz2Ld-1LcU9ubyK8l0Utw3llSppY2G55fv2sUzN81X3wjn3qFJT4Vj1RC2e0LopsQb_JfDb5Xtqk3LAhiDVXvJrGzjoIrdaxiKgHZShtNywHaYSXZ1FB1LfyKyyrDIRKOwC_c8FrsDij2FqIoOgKUtKn8goitGKLtEIiuPZTIG0-jU3CcQXNKX4Z3yUl4bK6bAZrkNW9HgPjxXRxtTPbReAmSIZFdEKwIXXGiVRXtI_jodYBFAINbghEXWBRcq-QMk5kpw2hyxoyzVVHK9JwtTNgRtaT5vgjdkHdkIZLBy4N0RIXKi0ShItT9eq_44-NeNlZK2gd4c1Fk_VEZuVsIEezn2SYBsflgULrLfUVtm_a0EJ-08QAvS4hH8R0utbLfDhUztOlGIXTjONRDjatpSVPPK26T0zL-3Rp_jBAsZxktFgEYdR99ScusLXUMPTPSFhaFFabbvvnas34FsbSglU9c_Tex3M2m0WqNCfNFGer1rZ8YHAvHpV_Ym-Z7v255qizdS5WzgQS8DAHfPHURfphFtyqY_YaV9WX-Cejk1yMZW_zgkVQVQnL5wE-a8S3GNQykyYJD0hwE49bp3HC4pzdDbR21nMNudySsk715rNoRcAyxbGMPCQmHnRhzqleXkWi9qx4uWT6ToGySnfYFz6vZelI3hNucMxru_F_JsmqBLqw5PRQDjG7CH3o_j6TwLc7w0zlxl8vT4HIyCqoP4Ne6OBE83ysinNnea8fNEJ09xRF9J8nkkNDlucl_GB7Lo2VarWU38yR8U-R0YFXblBbsOQmpgWKuutsJmXtg2kQyV9O-37m8vch_-9pnVSmWbQdKDa6d-JTHVoLI6xiP9RywnOV50cc-nm49RXVEi67JH0chRjY4UA0XjOdFM-jDJJjBflunkSz0T_5nN3Tc9dEkJ925IiRNohzBZOSyS7wi27KCMTQ9CwKoAXY-FayKVLcTwl6nSK-rNTZRMF2l72T3FCR2Po9GgHNkTrIj05Mf0lripiiILO5Ueg8LJGfrxzea1iFe2JfIvVz3uSEbIoaFf_NcQYzgbLrrR9SaUQli6yO2_Uj3glyvUKheijvo0mjANnqTdfdpJ02NnoupIlN4h1NBXOJxJsYso0c2j1e00WsbH0EFUo4HWPKNr0kj6xlhKTG6th8oVywjXBmI5aaGgtEVowLAUxMRHArWMW7G5iitemoLcLfol_1MhNQ9iOml_mqEO6cjlZ8YOIlxWIYmxHyS5yhraYTff2_UvmDlW243tVKYg8ZoxhK0oJTNXc_D87U3L48k__ljMRzGwdU168JEpewMjNx9yr3Fq3i06jJlWSeZhZz7Fwz_zNXSADcDxnP5h8Papg7evD1RRx_uoqhoUZe8jH5Fh9fsWBYcoF3l8WTOfk6UPke7n_Lr32T-G-iqMU9Ms7r6fRckaj7EsCo0dKQcOAYJEuE0EFLPK4CFCbGJpUJqPlAPi1JIskqqFv4OTBGav23N0cTu5xcD4LSGmu5Cs68-oLe8mqXVRPA7BER89MA3a40Jo6huhr4-WJ0-zv5NiEITGyAG5C08tvEz-yCemY-MwD77_IJvMH5Gxzztv1YMozEJtvBE9um8rRdOVxWDYTZQ3730xZwitAP6fHAxTJDruf8C9av_rwpWm_tTAHYLenoNW6KiDEzRb4rsMUfC2W1u9YL44mWzsExAoBtBKtAV1ctzkHyMs74xHki-uo7fEC6U29hfiUxQIEim0jLlPFgG8KWMAHhYl2kCaNol4N-Grp9HWhAXfBN_dPuNuQYEghGaw98TepTOxVER4hyoh2LhOTXD0U5wO7ycRHlZsNxrXSwV3DaPsGaC1XwBl0YpY_xi9rRPl7xNrK-swODPglUbiWhYg6ziajgCk7f7IVEzNAaDHyZSZKwShmwPic_4Tw1VRqUZeZ34Z67l3gEJ87cSqptPEzgbt13VY4N1lGaYcu9f9Ba20PPwfOpzjMYpIL-FlJkN_ISE1HP0HTnfqHAPhxDs4UqGu292MUhq3V-o4tYAfbTqYx9foF4COKfoZ5rXskr24PHPsRJZ7ihICCDi3y4cd08H2fSS-d2AUhUzh89YRXkRHoyjuUJuXzEoxawPsNEThIc8tTR5J8ZirR8EZfXcoI2Z3xOj4RhNhvwUSdi4iAtBXFvI5UtnFuWX1fitfEWrEytaNuExMR6Y_uEDQCAghLNORoOY8kACEV8zKKPIy1PhXYx7R1p4KBTZ3jaUZIJg8Zw70L44w7wW8ZyQYEkjKvQJsnOjS5mGhogcvcbA6oOPhfk9jWkyvGJI_dDzM1-SEfqUeWa0IFOt737mMA5ANNUTW6wXn6n8G785TLneaaOrrdUXxGfHNdVomUM3dJ1f9hX5I8npGhVpJwrEq4cdZMBb-1ZtMldqOfQSGWwF7mNpxecm-gwwNT5ZO4haL9-Gz2Z_lAc8hkU0RuqQg4XnKsRfQ8fqPJ6F_COumcr4_U6yDyajv2Rz6H-dkXcL6Pb5rfPnO31gQDVXODPTvBl2sD9SFr9ZKqghkPxI8dFW8xROFSUNEZ9ytHUCFSVKP1DJrzFtYrVvqvuk_lHbz7NHnoSnTHia2aHWAAEKpVLycsXHYNnAIfXAHgnUGtFoPBugYwWcPBqwowMpkSVxtaneYjKixP-B5xksMf5_qjqFluwVw3Dg&cid=CAQSTwDICaaNYU3dxEPt-0ghsI-hn9YZnSGk8txD9ACXjhFnZSI0CDL6BcOTkdKXxI7ilStbTJBqZEJSaNYrhys7gR84hC0vDHHyYAGnhnYtSigYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.obozrevatel.ltd%2F&ds=l&xdt=1&iif=1&cor=18205089292103318000&adk=1761367584&idt=66&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FEA7 31 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FEA7 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 312349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame FEA7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf926d97e40eb899941ba43294d181a6d3d00d0b11fc9f5a92a52c60a333b3f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0433 38 KB
13 KB 9ms
7ms Document
text/html 2a00:1450:4001:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 10:52:00 GMT
expires: Tue, 10 Dec 2024 10:52:00 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 6 KB
2 KB 27ms
8ms Document
text/html 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

435bc3ed6fba1f122dec8f5261877048c6c8c4eea6fb424a8ebacd46bbbb2505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 52
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1986
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:50:06 GMT
expires: Wed, 11 Dec 2024 08:50:06 GMT
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FEA7 0
0 92ms
56ms Fetch
image/gif 142.250.185.66

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuR8wfkOzTyBlve5ezKlUHTeKMJmG8ZUV_c7gn30ZI-tBrc2HxAYqfCIT80HtD6PNZPT0y39SrBo8qcVtbwtiEDoURTnxba-6MfydBYurA3up2KbjWMJ__43H3KySxjk7ktAQ0n869kkob1jE1fsacvm56bCHVO8fJ3oaP1Azh6raH3t5w0EOjcuuCWnO0dpLB3zavnr0Vjwb7L8ke9koB_3XLUY0h1qzqQs5J3z6rDhZOwxPhj--Jt8IsTKQ-VjhfM8CR-NUYdhPXSi7XREDU4bQ0sYqqPFSZunSIwk23bv1ncCO35jDI7aICTG9mgNKvebszWsB0d75LM1IqfJRGH2soo7spRXrbcob98CC5z6SbBsFn5eJffaP5pfXEVbRcJ2-_ryYW_FeNFfds0PbuCL3-Fg1pEsVBM6Yf7i0qWZNxRyC1XB_oHSilgEt-IoXQOpP32brSqI3UiYUwps2-h_qWcMM0Xvj24hmKExKLHVGcBvqCPdOSrjIpQs2ZWW8g2GcUJwNlQkylFsywHwIeWj-S227Gue_lsMwuaG0ZrfJQTzv86CKnQWWmmw57z1-OlI0mVSAZ6had6WKY2R37FDAI1jeU0c6T3wctyddwoVmFnM-O-e_BWVSJSGPM4wfHZ8GAeqIYySN8231_IGazuvRhXG6v3I_SrRYeKXWIyULk3QR7TVTDDFlKtF5lanOYyiIue3z2xWM4e-tRQXvBpsXxkr5dawdRc1btxkkTXHqqXIPEmPgy4ZIyuPXQiOFVNVObXVxa18fcJJ_vKQbyuC6EA1LfmoKy1B8xtoH4EO7-HaJNzXgK5FrvDgMX6P4DtEE0Fnfaj3gC3POvKQXpcMK6xx11M0enzShCoYPr-aNc2T6xYauJ1SlZW1yilpOGXVCDg_lWU7HfaZ8Hj60Ec9ukjEQqqwT4m0IA8v5g-UM6fHUiAHh60-86AgyKsIIRWr9yCs8IFylKJ-c-nJ-x6taCrne6uG_05aeqJLyblXIRtUxweM1Lbh6tdiiigEckn5amrr_hz_2XCTXzLGlR6brOgcW9ojpMtN-VaM5mMTNri8uCTWFIb2FtQ3vyvWOQZ52qlQ9UIensVyi4uPz8ZEgnB2zethcxrzQwREHN-dy9Kg9nCmpZvSTwQ8ylyI6fdmIXLRyPG2Dy6urP7hQYOp8HEllDFIQ87kIn2w24C9eBuufxJpzDOUV3IKoL4QOTQzItHWG50rdoHWwjfaRDTANE8a5O79Ef-STudAXiVQi0x7LGA_D8-BrpBhNaIxaqeRb41gN0I-Jf98RQRSFXlj7INnwXaRSJop_f3PZ89tf0CxOBAk2GQa0r4gOTBvAquntMOBh0-X7brFRHznMMUFOIF1IRg2M0DET-8K5iMr4FLI0FClcvKYRgXCh4WyF8MFVjlQV5qRfPH1Xyv-cnIc-wYaUbhPmo6BTgsOsCbK7XVGbHV6Ro3HkkZsrLxbzcH5elUcZ6RLsXPEIjGksZiq64dGHMLR0OA_ZY6gvZ66yMyHetN&sai=AMfl-YTxxVZlM6PPGIVI_IJ3RSUD_r1efSH8n6SknOoDiREkK9ghPACuRSfWWbfgI2nIDfdXGIOEJ8sCRH0qh-bYDyrvPnAQHxElKSJgiJrScQhzjbrhCK-TN4nNJdbhGn_SQMOgm3e3j57OFWcM5W608sR2FM6tz0QKFUwMazqlh0dpMUI4nQ8CpKS0BaFws-shcFeYhGTYGq_AWa6l5Me91WuFiZOwnrj1sNuu_oAokk99P9TMHz630qwmRzVY-YZo2aDeWgt-MQ8eS4z0dnh7LJMwZ0lQ65ze-DP1i9Xi_g&sig=Cg0ArKJSzO8hZCN388TJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=97&cisv=r20231207.44028&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mt-secure-bnk.com
URL: https://mt-secure-bnk.com/oboz7429543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 08:50:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame FEA7
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_ukraine_dv_pros_378014208&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

10ms
10ms

Image
image/gif

3.77.143.145

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 3.77.143.145 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:50:58 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Tue, 12 Dec 2023 08:50:58 GMT
Last-Modified: Tue, 12 Dec 2023 08:50:58 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0433 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 4579 15 KB
6 KB 49ms
16ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.obozrevatel.ltd

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.obozrevatel.ltd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:50:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 361991
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.134.js
static.criteo.net/js/ld/ 89 KB
29 KB 53ms
27ms XHR
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obozrevatel.ltd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:50:58 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 898 B
466 B 10ms
9ms Stylesheet
text/css 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

72c402b026159e1c5f8f0903fb4f863b735f71857dbe9230a608d7672bea5bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 02:51:59 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B802 109 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 08:50:58 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 4 KB
1 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ac21a2bdda6f6d9f817d2f7798357b5d923b88a475dd3ec2d7f25614300b8c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1414
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 23:48:42 GMT

GET
BLOB 200
OK 09fba5bd-f01a-4755-b730-b5865234909b
https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/ Frame E83F 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/09fba5bd-f01a-4755-b730-b5865234909b
Requested by: Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK b9dc52cc-b1fd-4827-9119-29c0b2014f5d
https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/ Frame E83F 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/b9dc52cc-b1fd-4827-9119-29c0b2014f5d
Requested by: Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E83F 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufZilAFy2Y2kAXBt0EW9GtYsuRpBYSFtRzZEZ-A3o3OrHwP0xWH97sq7N2yifxMCdgpHLJXAUT5eizqdA5JtA_hom4qsn1g8YtLBk0W-JrQk7tkiSBSYmzy8RvaY1K6pmdVAQuZoWnRQh13z-U0XBMXd-MCmylOAq60AjRv3VjaaCz9GCFS-YGUul-o-rgG4_Ptyfhd9L_PDHy88T10y525EHJrSk82yq-fwGqOGf8IU_oz4aYtebPckdCiEyyUuTRmGrPufQLBfLWyDz2XrxziBtzbwzkYDbXNm4WdnpDE4BxuANR7Y-dJ2I_5p9igSIw2yKaPRkQjVyG5yjS8EHC0a9tDl4s5ExUy4XfCUR5GVeZxevUa9wk3qYYC0sQNdqa82V4H1SiK6lxFQ&sai=AMfl-YQ_UllDaVrjytWL-yK0e9Ly7U6_FFOm9JjdvBz7oW9-RmxlUZOOc2xtNz_VNdFRAc4rSXw321ov_96CbJiRMpTXe0rEDpVZPmPNcqfE950O_XbxmfKlRTTSegcu6b5rbtQQB8Zm4WO9f3C5RP6Eij2B&sig=Cg0ArKJSzNN1pOOXdmb5EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:50:58 GMT

GET
BLOB 200
OK ba6c1850-d7c3-4ea1-b095-5607b8c8e14c
https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/ Frame DE79 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/ba6c1850-d7c3-4ea1-b095-5607b8c8e14c
Requested by: Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK fea3fe1d-dbaf-47b8-acb1-23dcdfa62682
https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/ Frame DE79 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/fea3fe1d-dbaf-47b8-acb1-23dcdfa62682
Requested by: Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE79 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHNmkDd-N_nTajy_rCaY2b80XyySlqmf0QtnmQbwU9CSiyFG_7slWFWU3AOpvbnbuy6_Mu2f3msOXaT2_f60knNDY0jK56Uqeu9ueoXa4WY06he4vVnKTS_mOfruFSliAiwg0sRQXWuo0hYw6lZ2Q-EnJ1mNcyXlrF4_qvWqtoUXrXIQhsPWDUxgp_Gd1hGokZxqCwPfVA6GITFBZS9UA0ia1ZlN4wEhEUhpGPwFqJ5y1m01vcxrGMsDcQhlOL2SPS2HfAKUJFwGwo7s15o2ypJIFH_l5ByHZ8O0rG5kZQsMa7P2pmI1a9ks67cM4lFPHd8LA0EDJwvyot_RO7O-5Jr87YKqzCm0_cySuKf5xPEeW0q6WvsbUCprUl&sai=AMfl-YSsCFjfjTmgJ343mAZ27jlV2Qy6VVEHopcUxQ_-DY27p2caZ33nEWKChyLCZ0UvcFcHRoGYWsDG4OzN_C6puDizFMPRjdjXNYNKekmpsyM6rIFAQHY9eW58LrfQ2ADKa8tU461JZ_AkKkLT1OMArvAV&sig=Cg0ArKJSzKcgfoogCM5OEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:50:58 GMT

GET
H2

200

sid
mug.criteo.com/ Frame 4579
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=obozrevatel.ltd&sn=ChromeSyncframe&so=0&topUrl=www.obozrevatel.ltd&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=93i6c3w3czRMcWNyTGJwZXVncWpiMmdFZ2p2ZFBkZnA0MEdEclpiNjJCVFhxbmk4RGpXbXFWVGd5WnpvdjFvNG40ajdoT3FpVThNZDZXb3BsaStacmR1a1RLSld2OTlqd0h2RXZhMnNqUnQxYmt3dDRmN0RVTGFyem03Wl...

417 B
650 B

24ms
14ms

Fetch
application/json

2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=93i6c3w3czRMcWNyTGJwZXVncWpiMmdFZ2p2ZFBkZnA0MEdEclpiNjJCVFhxbmk4RGpXbXFWVGd5WnpvdjFvNG40ajdoT3FpVThNZDZXb3BsaStacmR1a1RLSld2OTlqd0h2RXZhMnNqUnQxYmt3dDRmN0RVTGFyem03WlJvVmU5MEdaVDR0T25VbHRsWllhWXdBWUtDWEVFcDRQSUl2V1RWdU1WNVN5Z2cvOTBHcGp2RlVvcklUR3doaTNDMjcxM1Bsb21KbFJIb2Y4R0ozclU0VHhIZEtlQjlsWm1WV2h4UWJGaS93bTY1c1hSTE1rV3prWGtSZXlqTG1qYnBybFg5UU10elZtUE5STjh6ZkxWWFlVVXdkVjFTcVdURWlVS2l2eXVLRWVnY3ZUVXpMTT18&cppv=2

Protocol

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1958545
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:50:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=93i6c3w3czRMcWNyTGJwZXVncWpiMmdFZ2p2ZFBkZnA0MEdEclpiNjJCVFhxbmk4RGpXbXFWVGd5WnpvdjFvNG40ajdoT3FpVThNZDZXb3BsaStacmR1a1RLSld2OTlqd0h2RXZhMnNqUnQxYmt3dDRmN0RVTGFyem03WlJvVmU5MEdaVDR0T25VbHRsWllhWXdBWUtDWEVFcDRQSUl2V1RWdU1WNVN5Z2cvOTBHcGp2RlVvcklUR3doaTNDMjcxM1Bsb21KbFJIb2Y4R0ozclU0VHhIZEtlQjlsWm1WV2h4UWJGaS93bTY1c1hSTE1rV3prWGtSZXlqTG1qYnBybFg5UU10elZtUE5STjh6ZkxWWFlVVXdkVjFTcVdURWlVS2l2eXVLRWVnY3ZUVXpMTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 349616
content-length: 0
expires: 0

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 25 KB
25 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/bg.jpg

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:50:07 GMT
x-content-type-options: nosniff
age: 51
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25731
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:50:07 GMT

GET
H3 200 band.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 8 KB
8 KB 17ms
15ms Image
image/png 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/band.png

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:09:38 GMT
x-content-type-options: nosniff
age: 31280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7817
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 00:09:38 GMT

GET
H3 200 band-headline.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 4 KB
4 KB 16ms
15ms Image
image/png 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/band-headline.png

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:21:13 GMT
x-content-type-options: nosniff
age: 5385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3802
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 07:21:13 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 5 KB
5 KB 17ms
16ms Image
image/png 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/text2.png

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:17:34 GMT
x-content-type-options: nosniff
age: 16404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5223
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 04:17:34 GMT

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 5 KB
5 KB 13ms
12ms Image
image/png 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/text3.png

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:22:16 GMT
x-content-type-options: nosniff
age: 48522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4822
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 19:22:16 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/cta.png

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:55:27 GMT
x-content-type-options: nosniff
age: 60931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2416
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 15:55:27 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/14946547236887404660/ Frame B802 4 KB
4 KB 14ms
14ms Image
image/png 2a00:1450:4001:802::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14946547236887404660/logo.png

Requested by

Host: bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
URL: https://bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14946547236887404660/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:22:51 GMT
x-content-type-options: nosniff
age: 34087
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4041
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:43:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 23:22:51 GMT

GET view
googleads4.g.doubleclick.net/pcs/ Frame FEA7 0
0

GET /
c.mgid.com/pv/ Frame E83F 0
0

GET /
c.mgid.com/pv/ Frame DE79 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuR8wfkOzTyBlve5ezKlUHTeKMJmG8ZUV_c7gn30ZI-tBrc2HxAYqfCIT80HtD6PNZPT0y39SrBo8qcVtbwtiEDoURTnxba-6MfydBYurA3up2KbjWMJ__43H3KySxjk7ktAQ0n869kkob1jE1fsacvm56bCHVO8fJ3oaP1Azh6raH3t5w0EOjcuuCWnO0dpLB3zavnr0Vjwb7L8ke9koB_3XLUY0h1qzqQs5J3z6rDhZOwxPhj--Jt8IsTKQ-VjhfM8CR-NUYdhPXSi7XREDU4bQ0sYqqPFSZunSIwk23bv1ncCO35jDI7aICTG9mgNKvebszWsB0d75LM1IqfJRGH2soo7spRXrbcob98CC5z6SbBsFn5eJffaP5pfXEVbRcJ2-_ryYW_FeNFfds0PbuCL3-Fg1pEsVBM6Yf7i0qWZNxRyC1XB_oHSilgEt-IoXQOpP32brSqI3UiYUwps2-h_qWcMM0Xvj24hmKExKLHVGcBvqCPdOSrjIpQs2ZWW8g2GcUJwNlQkylFsywHwIeWj-S227Gue_lsMwuaG0ZrfJQTzv86CKnQWWmmw57z1-OlI0mVSAZ6had6WKY2R37FDAI1jeU0c6T3wctyddwoVmFnM-O-e_BWVSJSGPM4wfHZ8GAeqIYySN8231_IGazuvRhXG6v3I_SrRYeKXWIyULk3QR7TVTDDFlKtF5lanOYyiIue3z2xWM4e-tRQXvBpsXxkr5dawdRc1btxkkTXHqqXIPEmPgy4ZIyuPXQiOFVNVObXVxa18fcJJ_vKQbyuC6EA1LfmoKy1B8xtoH4EO7-HaJNzXgK5FrvDgMX6P4DtEE0Fnfaj3gC3POvKQXpcMK6xx11M0enzShCoYPr-aNc2T6xYauJ1SlZW1yilpOGXVCDg_lWU7HfaZ8Hj60Ec9ukjEQqqwT4m0IA8v5g-UM6fHUiAHh60-86AgyKsIIRWr9yCs8IFylKJ-c-nJ-x6taCrne6uG_05aeqJLyblXIRtUxweM1Lbh6tdiiigEckn5amrr_hz_2XCTXzLGlR6brOgcW9ojpMtN-VaM5mMTNri8uCTWFIb2FtQ3vyvWOQZ52qlQ9UIensVyi4uPz8ZEgnB2zethcxrzQwREHN-dy9Kg9nCmpZvSTwQ8ylyI6fdmIXLRyPG2Dy6urP7hQYOp8HEllDFIQ87kIn2w24C9eBuufxJpzDOUV3IKoL4QOTQzItHWG50rdoHWwjfaRDTANE8a5O79Ef-STudAXiVQi0x7LGA_D8-BrpBhNaIxaqeRb41gN0I-Jf98RQRSFXlj7INnwXaRSJop_f3PZ89tf0CxOBAk2GQa0r4gOTBvAquntMOBh0-X7brFRHznMMUFOIF1IRg2M0DET-8K5iMr4FLI0FClcvKYRgXCh4WyF8MFVjlQV5qRfPH1Xyv-cnIc-wYaUbhPmo6BTgsOsCbK7XVGbHV6Ro3HkkZsrLxbzcH5elUcZ6RLsXPEIjGksZiq64dGHMLR0OA_ZY6gvZ66yMyHetN&sai=AMfl-YTxxVZlM6PPGIVI_IJ3RSUD_r1efSH8n6SknOoDiREkK9ghPACuRSfWWbfgI2nIDfdXGIOEJ8sCRH0qh-bYDyrvPnAQHxElKSJgiJrScQhzjbrhCK-TN4nNJdbhGn_SQMOgm3e3j57OFWcM5W608sR2FM6tz0QKFUwMazqlh0dpMUI4nQ8CpKS0BaFws-shcFeYhGTYGq_AWa6l5Me91WuFiZOwnrj1sNuu_oAokk99P9TMHz630qwmRzVY-YZo2aDeWgt-MQ8eS4z0dnh7LJMwZ0lQ65ze-DP1i9Xi_g&sig=Cg0ArKJSzO8hZCN388TJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=189&vt=11&dtpt=91&dett=3&cstd=97&cisv=r20231207.44028&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Domain: c.mgid.com
URL: https://c.mgid.com/pv/?pr=www.obozrevatel.ltd&lu=https%3A%2F%2Fbb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&cbuster=1702371058084766904749&pvid=18c5d38e1a4b85d88d3&implVersion=11&cxurl=https%3A%2F%2Fwww.obozrevatel.ltd%2F&site=422712&i=1&scum=%3F0&scuw=%3F0

Domain: c.mgid.com
URL: https://c.mgid.com/pv/?pr=www.obozrevatel.ltd&lu=https%3A%2F%2Fbb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&cbuster=1702371058088518136028&pvid=18c5d38e1a8ab2aa80c&implVersion=11&cxurl=https%3A%2F%2Fwww.obozrevatel.ltd%2F&site=422712&i=1&scum=%3F0&scuw=%3F0

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 01:38:27	Name: CLID Value: 15a8e40703814c03a4786b0fc15e04cd.20231212.20241211
.obozrevatel.ltd/	1970-01-21 01:38:27	Name: _clck Value: yeght1%7C2%7Cfhh%7C0%7C1441
.obozrevatel.ltd/	1970-01-20 16:54:17	Name: _clsk Value: 1xubmff%7C1702371056198%7C1%7C1%7Cg.clarity.ms%2Fcollect
.bing.com/	1970-01-21 02:14:27	Name: MUID Value: 2EB6D55173136DB13399C6B472BF6C11
.c.bing.com/	1970-01-20 17:02:55	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:14:27	Name: SRM_B Value: 2EB6D55173136DB13399C6B472BF6C11
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:14:27	Name: MUID Value: 2EB6D55173136DB13399C6B472BF6C11
.c.clarity.ms/	1970-01-20 17:02:55	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:52:51	Name: ANONCHK Value: 0
.obozrevatel.ltd/	1970-01-21 02:28:51	Name: _ga Value: GA1.1.1597582662.1702371057
.obozrevatel.ltd/	1970-01-21 02:28:51	Name: _ga_JBX3X27G7H Value: GS1.1.1702371056.1.1.1702371056.60.0.0
.obozrevatel.ltd/	1970-01-20 19:02:27	Name: _fbp Value: fb.1.1702371056729.752800293
www.obozrevatel.ltd/	1970-01-21 02:28:51	Name: GN_USER_ID_KEY Value: ee397228-fe8c-48ba-9c4a-3db949c63d90
www.obozrevatel.ltd/	1970-01-20 16:52:52	Name: GN_SESSION_ID_KEY Value: cbc9fc3c-37e4-4076-8b26-d25166754d6a
.obozrevatel.ltd/	1970-01-21 01:38:27	Name: ym_long_lasting_session_id Value: 1307197554847
.admixer.net/	1970-01-20 19:02:27	Name: am-uid Value: 862d106b60c1451f9244b0b703a90355
.adnxs.com/	1970-01-20 19:02:27	Name: icu Value: ChgIgsxzEAoYASABKAEw8L3gqwY4AUABSAEQ8L3gqwYYAA..
.adnxs.com/	1970-01-20 19:02:27	Name: uuid2 Value: 6701163713586482177
.onaudience.com/	1970-01-21 01:38:27	Name: cookie Value: 5a1761d7679b0898
.onaudience.com/	1970-01-20 16:54:17	Name: done_redirects161 Value: 1
server.smartytech.io/	1970-01-21 01:39:53	Name: uid Value: f39158c0-5a4e-473c-b8e6-b4f9e37b74df
a4p.adpartner.pro/	1970-01-20 18:19:15	Name: apuid Value: e78c5850-8842-46d6-b6f2-d7fd2c7252ae
www.obozrevatel.ltd/	1969-12-31 23:59:59	Name: IdealmediaStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1418748%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221702371057073%22%7D%7D
.exelator.com/	1970-01-20 19:45:39	Name: EE Value: "db11b9f5284730049d4738ab0106d1bf"
.exelator.com/	1970-01-20 19:45:39	Name: ud Value: "eJxrXxzq6XKLQSElydAwyTLN1MjCxNzYwMDEMgVIWyQmGRgamKUYJqUtLkstWrC0tDg1JenQkoqckpym1WXxoY7xbo6%252Bnj6Ry5wzivJzU1eAhcJcgxYbGhksyS%252FKTF%252Fk4rq4KCWNYVFJ8angY3pzAHsIKbQ%253D"
.onaudience.com/	1970-01-20 16:54:17	Name: done_redirects104 Value: 1
.onaudience.com/	1970-01-20 16:54:17	Name: done_redirects219 Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ndc1.obozrevatel.com/pixel.png?1678446935695 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.obozrevatel.com/api/news/ukr/pixel/?token=2983006&h=1702371056529 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://id.gravitec.net/ Message: Failed to load resource: the server responded with a status of 477 ()
violation	error	URL: https://jsc.mgid.com/o/b/obozrevatel.com.361087.es6.js(Line 266) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://jsc.mgid.com/o/b/obozrevatel.com.361087.es6.js(Line 266) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
violation	error	URL: https://jsc.mgid.com/o/b/obozrevatel.com.361086.es6.js(Line 315) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://jsc.mgid.com/o/b/obozrevatel.com.361086.es6.js(Line 315) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aax.amazon-adsystem.com
adx.adform.net
ap.lijit.com
api.gravitec.media
autocounter.idealmedia.io
bb1d53f0fd8f04285d2208b4e47aebe0.safeframe.googlesyndication.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c.idealmedia.io
c.mgid.com
cdn-b.notsy.io
cdn.gravitec.media
cdn.gravitec.net
cdn.jsdelivr.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
d.adtriba.com
dsum-sec.casalemedia.com
error.c.cdn77.org
fonts.googleapis.com
fonts.gstatic.com
g.clarity.ms
ggspace.space
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
inv-nets.admixer.net
jsc.idealmedia.io
jsc.mgid.com
kinesis.us-east-2.amazonaws.com
lf16-tiktok-web.ttwstatic.com
loada.exelator.com
mt-secure-bnk.com
mug.criteo.com
mwzeom.zeotap.com
ndc1.obozrevatel.com
pagead2.googlesyndication.com
pixel.onaudience.com
platform.instagram.com
prebid-eu.creativecdn.com
prebid.redtram.com
region1.analytics.google.com
s-img.idealmedia.io
s0.2mdn.net
securepubads.g.doubleclick.net
server.smartytech.io
servicer.idealmedia.io
spl.zeotap.com
static.criteo.net
stats.g.doubleclick.net
sync.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.obozrevatel.com
www.obozrevatel.ltd
www.tiktok.com
c.mgid.com
googleads4.g.doubleclick.net
104.18.36.155
108.138.1.25
13.32.119.77
141.94.171.213
142.250.185.66
146.59.110.145
159.69.174.227
167.235.184.171
172.217.18.2
184.86.251.147
185.184.8.90
185.64.189.112
185.89.211.12
2001:4860:4802:32::36
206.71.148.217
216.52.2.86
23.32.238.184
2400:52e0:1e00::1080:1
2606:4700:10::ac43:db6
2606:4700:1::6813:834c
2606:4700:21::681b:cb59
2606:4700:3030::ac43:b494
2606:4700:3036::6815:4383
2606:4700::6810:5714
2606:4700::6813:9822
2607:4f00:944:0:3eec:efff:fed0:86a2
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:802::2006
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:6ea0:c700::11
2a02:6ea0:c700::22
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a03:2880:f277:1e8:face:b00c:0:4420
2a03:2880:f277:c0:face:b00c:0:43fe
3.126.178.223
3.15.36.75
3.77.143.145
3.78.238.50
37.157.3.20
45.133.44.3
45.133.44.4
46.228.174.115
52.182.214.99
54.216.8.15
54.38.197.123
54.78.254.47
68.219.88.97
99.86.4.39
01c9ca897b40f739de756720a10f0d3af3059cfe9bd5f3a671c5c829983c29d7
01cb7c0d3a11112d6ea83c95e24f430cbcf86e665af4e92766124e19d1e4bad3
0308f9a3b8c6cc1290d5651c2949e7e33732adcce9c2b3bbdb457af85fee2440
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
03f9f59fec107da216bfa36f0e4a225112ba3fb811ec0e6ea63bcae2014d0d5f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053b8167334b1fbf88e35aaafa64222300f1b6d4bbdfd5e8302d99b9891b47e5
067bf565b91f22dd6b73bc87080c2abcc265a0edd7fd680576809ec61cc637f2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c667361d9650299a7f2ae9f4d0f62a7cfa40bfee315d09515dcbf17bc55be64
0cc903f8e0d3e8a4ae9163875d0d5ff73e365dcdfdae4612c69fbf230ea28694
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10b4f51fb64cb6b08bb2421d2d6182be44fd3123e23867b16edab824cd57be4d
13573a000b1799533b6154346bdf4dbeb673482428b1d40fe5d0a35477e4a8e4
13eb25dc23c16f23d23d2da810c3c1f5e478a64fca2f813235240a570206e638
1418eed8bdc52ef5a9087aa44ba4280b12ec746c60facd353a1dbf01758a7b81
143a03d19befa178dd89265dce5a9a322f949a00fe95947e5024738c554b3f5b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27a017244201fdd39e15f74093b3b78b5475db9cc30d8eec35aef0d608e933f3
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3
29612f52f04b9eb5637b57fcb7e73a39197898a3a7b9b74ffd797d34f1e1960c
2a9d85708ae6fee2885e8af1dee0a9512e7def8ec4f35ecfab339d08e2e165cb
2b26138ddbcf65b9fac0e50b06c26cfbbc377b833bb66b0e3a3966922f477674
2f411bc544536dd2da4d6048cc5e532415892b31f3c349b551e1e5703bb9ddd7
3070451c8e8f7033e127e2ac1ed2202ba297d012d1485828f6d5bdaa67e96e67
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a63d54ece1877473a2b3fadccdd63aa5c65773c1623defe6ff83859fe4dfc9
3492739925a674c9be4e8d12b9a40a9bcbf0d83130d7ad404c84bbe063e60cd3
352f98077484f218eea323017c0423d07563ca483866aa24be4da957bafc363e
359ab90e6488393c144aad1b5962e847c3b989554ab2a5e45868a557add53bd7
371d844205ecffe3a171dfb0f001f1f678eccd700bc51b4286d981a669a6470a
3776b3c1e3ead88720ce509a95451c76dd96b111f27c74dca5e13038e577d35e
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a3a9a7eb306f17aaac4a6ce781606d4e2b71a2eb971096616dc6de2de11af16
3a3f02059346f4c9988c24dd1b98a2a032ca23a1d8b90c7463f9797c4345fc76
3ac3da8c80e8da42442f387a3a625d4180229cbbe107c7d739befce626c45938
3ba8de04462ba10b0baaf37774c803309d0d12ab0c8af792f6792471d5b438d4
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
401e6c25801ba2d59795d05a6dd973f95566b41070d3939ba9307d65860ae50e
40a90ba65cd8c0be391f5f15ab90b9e757b8ed89fcb78df5c94373b6979db637
41075f455f9397cdc04e9eae4581b838f988b087a3dbf17194dbd6b8df4c66a6
42f9da7ccb1139e96cbaf31336d24812cb9a47e9beda60491c18ff75110af4c9
435bc3ed6fba1f122dec8f5261877048c6c8c4eea6fb424a8ebacd46bbbb2505
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1d9cf4e64f598f8c0eb5f7231a0d435a61166fd1fae51082ea55251c03a6e0
4d40bc198c59b1bb02a255d3d038923b8d9dbd09f08a27e810b236dd8b742ee0
4f21cda77923d01aef6e93d8501f188d204a2c39696b4c99c5ab8172a21a0b19
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563ee9779d7b3e0597f938f880d9f35f615e7ce69f5049a81ef7009860e50f37
56dbff0fb74e17425e3cb6acb116f18c97114c4c79fe432a289b8a86bf171004
578fa02ea9ef3f77c78cce63d236bbfc1c1eec14a1a56889926b55182a1cf3d7
57cdf60d5c8dc317d238c29fa6a19497d0f45840211e526b86d47cf77830c190
5f6b525430c581a1396fc5ed2263997449b103feafc0455bf9a477d89d1baec6
608e789b80eae3a143b483cbaf3fa26bd1cf351daa903ae8df5a2d9435fa79fd
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6246e0141bd4beea5c9ac9b01a6ed2ea9283adfc35e21113e10b224cb90ed877
62d87bca3aba5965d3fa695d43c0cb3f48c89f76c1c33b52eb8ca1ff9eb0577e
62e8a2d3d5647287d085154e7eb0dc5bb3ca75d5bfdf31dcc80fd399e26f9d88
634166a0597a37b8823e6e173e7c065a7da53dab02e6d38b9b7f188ea248428c
63bcbf2b526d0ad06ecab5cd2fd4502630b83037ac0bb44f3e3d19a0fcdcc9cf
6517adb10176e4c71e2c817ec9b8dcef892935edda74ca934e2478022b395dfe
66a0036ffabb25e46920154c2435f16d15df679c1260c125d1c4e42acb9126a8
6e71749254a65822cd2bb6efda92cec053029fb7d17bc8f5f4fd91bce1d14014
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72c402b026159e1c5f8f0903fb4f863b735f71857dbe9230a608d7672bea5bb7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
771c5f47e50ff2b1fcbc3cfbf0fc14347fafca0b4698fd276949b69c61fefe3d
798f05d6bfa34057f8d30aa42bae10ab197cf4f23cc4cc479d3edb5571aac79c
7c8091ab1dd1c5716115f7736898aa19a116df1b7d03c98f653c63587b58040e
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7ea7c66460bad9d8872b7467a39cdb784e0befceeea6fadb66599554355279ee
82a300c536da4c16d421fe3f4c56cf023cfb94d3f785eb8aab775f6ee0e135f9
85c05009662d24b78059cd22c982260db89d2fb8bd87610cec23f56b66a7acb9
86b218e90ff07b27c80128069df39270361d8cc57c4e19398c60e885a243ce9d
86df8786ac8ad22ebe6a2ce9d3866cb8ecc64a0fd9ac9634dd997ec16a4cab9f
8bf65fa3bb054d5a0c5333c25252144ad4ba3e8eccbeb58596d8f36124038bf4
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
90d0f491830f7b53e939eb15abe82d79b5e56585ac17e7e74a5408b522fe9bad
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
917c5c38eee727f77d68611d3d634d34b23c2561b48c1a20f544c6243fab0e7b
9482132e6088697acbf75b69cf152976d9b55855f4a2c755f5ab2684873f5b96
981805c97007a3bb41495219de1d04ae2522e562581adf652f5192340274381d
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0cb3c49a5d475b9d8830e3c4918e35c8eabb69fc78ac7d350f57a5ec025cca
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a33bd115053d4e43fa69574378a3bbf433ca803f03a847011b2c9b501412e819
a483670a02ef0ad085346d9a7c353d1119f036dc6acea0107ad219f394954fea
a5f02a0f091e4e9ef6c2e2260283f7be254705543c7af4c0ab499b8975a9beb5
a85f4b237e5a3771aaff124baeea85278de9c0ff567eb769c47d18e7f182d62d
a93fae5b573dd62f9d6de2cfdde98a35a3943c14e7ed611b9a2c16178173e5f0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac21a2bdda6f6d9f817d2f7798357b5d923b88a475dd3ec2d7f25614300b8c22
ac48d96425401d308f74953d7a0cf5d993b22d9153cbe4069dcd6e02f1c25d8b
ae14196b5c331f79f0652c3798705b2124266c46a73973f154e99f8d49121a8a
ae24162f5fb40c9df2eca37a71195b08659fb5c9ed22c8021f0000141fe58d69
ae3145d48ee953e66228ba4be51b759da5be5dda4cfc38236a79f300b881f3cb
afc62c5169887152b3149fb1448a5b23d2a4412621c54f546caa20f7d791bcb4
b12b566a4b982d1d9ebdd2f94dbffc73ff39c9f6df112b8752191418538d01e6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3da780ebc1dbe0efc7d4b4d8c9524fb27f2ae336b980b3cf8bc0b5ea3c9277e
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b7d117ab67623710c571bc9c00d8e89048da13a5f18adfc7b3e0746d39a4e4f8
b9e66e07b38c69031ea42c00d4202aff7cc75b08a83d3af43ed902d576dafe99
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
bf926d97e40eb899941ba43294d181a6d3d00d0b11fc9f5a92a52c60a333b3f7
c3d67430fc76b5f45afd85d630af49329f5ca321d02b4992e71fa559cab9413d
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6b475ecee282177bca746aedfee696440687aa08a36b1cbbede64433310d99
cb259701ce0bfdeda57d45c96e58496302ee86b5d6b287a42e3f510c13e281c6
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
ce796858fd36177791013dde3dd3cbb3add35e49c3511fc944017ba824d663b2
cfc9ab3970c655c214040d1c068ad418c5ceeb14978dba7e718ff601f23b135e
d0e544623460ed60d6db202ff08d73c1793a6814233ee815965b68c25f07d0da
d132c03c84236e104439b346597723d13ae0e2948830165898d0c592644293f3
d1e5ae7b312c5b0fb6e38fba06b3fbbc5a60310cc1fea4f216ac7ff985b05b5c
d2482e50d0fa14ae0a34e6eb00cfaf4ca6ba4d5d7ab0b3ab7095cc998970e6ed
d663bfbfc189f5e805b86189b9ec67bb6751fc8e5d90a460b148ffdd82a3ed72
d864e74f2632c22f87def88c73d8a1dec5722b2e6083eda7c0dd4abe77d1e3a7
e35230238672f285ad244d12b658a089ffea3e672e641db49d3763d52a7e63b5
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d0a9008848e18cc2f3e545dae5b09df38d327bb981ad46cf9c6d07671199a9
e731110247092ceee3341a91aa429bfa4f2ac9d42c199d541f5d26ae026f1414
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3
eca376766ef5e3eac085396d74af3adaac7539b3c45069f7ef6ac5dc522f6cbe
ee8d76bf3a0d3cb6068d437a035eb116c811906fc0c7b92ae3776536318a5a31
ee9a97f440f7e2b76f4635d790300e1073d8fbd3f2208fe7d889990eacea7988
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0644a93de568dd64109355d26e65e8e9af02c4938d8aa173ea9f81c4bb3a616
f36959f231339d122714c7e8ae263abab8fcada1745da4c6908675848af76b2b
f3e3b2b41614d8fc8f510b927eb892b7c0a18b8f01318f7519959b7776ef0b2a
f6c16924a8b85daecf5de93e3088928c2d8de4f78ca690586a29dbc331277a86
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f7ebfe437cbf3a1402e65e1873e74b40811798ee198115ca18eb650d99247a78
f93c23e2ddede676b53edcb53662ce25d695d15fdb6bb6f30d7c7e33678c64f5
fcb16add1f59e18325bbe572d717a434921ed7e90363f143f2f6402320c6a272
fcd1bc2d639054402957608b51d436b19530db2d56add22f3883fd24c68102e2
fcd2e7fd08b19ced87041640c67cd401538ef7062f90848eb458d72fa530b4c1
fe6dde0665ad67bd909964a77d07328afaca1265f1c760d4a7b5e8b1552a8e57
ff942ac9e43a0c40e9e4488b222caf3dfd3c6c81ada2c2eb2fb827893664ca91

www.obozrevatel.ltd Open in urlscan Pro 2606:4700:3036::6815:4383 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

223 Requests

89 %HTTPS

53 %IPv6

49 Domains

73 Subdomains

59 IPs

9 Countries

2917 kBTransfer

8231 kBSize

28 Cookies

104 Outgoing links

Page URL History

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.obozrevatel.ltd Open in urlscan Pro
2606:4700:3036::6815:4383 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

89 %
HTTPS

53 %
IPv6

49
Domains

73
Subdomains

59
IPs

9
Countries

2917 kB
Transfer

8231 kB
Size

28
Cookies

223 HTTP transactions
5 data transactions