xn--80adth0aefm3i.xn--j1amh Open in urlscan Pro Puny
яваскрипт.укр IDN
176.111.63.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn--80adth0aefm3i.xn--j1amh/
Effective URL:
http://xn--80adth0aefm3i.xn--j1amh/
Submission: On May 23 via manual (May 23rd 2020, 10:25:27 am UTC) from UA

Summary HTTP 24 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 24 HTTP transactions. The main IP is 176.111.63.115, located in Ukraine and belongs to UN-UKRAINE-AS Kiev, Ukraine, UA. The main domain is xn--80adth0aefm3i.xn--j1amh.

This is the only time xn--80adth0aefm3i.xn--j1amh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	176.111.63.115 176.111.63.115	24703 (UN-UKRAIN...) (UN-UKRAINE-AS Kiev)
3	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	91.198.36.16 91.198.36.16	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
24	8

4 176.111.63.115 (Ukraine)

ASN24703 (UN-UKRAINE-AS Kiev, Ukraine, UA)
PTR: vhost1-ua.parkovka.ua

xn--80adth0aefm3i.xn--j1amh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	135 KB
4	bigmir.net c.bigmir.net i.bigmir.net	2 KB
4	doubleclick.net googleads.g.doubleclick.net
4	function sub() { [native code] }.	44 KB
1	i.ua r.i.ua	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	952 B
1	google.de adservice.google.de	952 B
24	8

	Domain	Requested by
6	pagead2.googlesyndication.com	xn--80adth0aefm3i.xn--j1amh pagead2.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	xn--80adth0aefm3i.xn--j1amh	xn--80adth0aefm3i.xn--j1amh
3	i.bigmir.net	xn--80adth0aefm3i.xn--j1amh
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	r.i.ua	xn--80adth0aefm3i.xn--j1amh
1	www.googletagservices.com	pagead2.googlesyndication.com
1	c.bigmir.net	xn--80adth0aefm3i.xn--j1amh
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
24	10

This site contains links to these domains. Also see Links.

Domain
www.bigmir.net
www.i.ua

Subject Issuer	Validity	Valid
*.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://xn--80adth0aefm3i.xn--j1amh/
Frame ID: AF7A410F39C820506DB095BA8AF6ED79
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html
Frame ID: E89BEB7ECE7187EAD751B0E389DDADEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9000791174239560&output=html&adk=1812271804&adf=3025194257&lmt=1590229495&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590229495702&bpp=11&bdt=103&idt=80&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1011541896772&frm=20&pv=2&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=11944&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=99
Frame ID: F6650341E1A17C0FC4693281A4B5C144
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9000791174239560&output=html&h=280&slotname=7383677560&adk=4016557144&adf=404036695&w=392&fwrn=4&fwrnh=100&lmt=1590229495&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=392x280&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590229495733&bpp=4&bdt=135&idt=74&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1011541896772&frm=20&pv=1&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=44712&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1181&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MIZxIp6LFK&p=http%3A//xn--80adth0aefm3i.xn--j1amh&dtd=81
Frame ID: 41B32F8EECBB3422AFFA890F22AD8441
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9000791174239560&output=html&h=280&adk=871865870&adf=1950255931&w=1145&fwrn=4&fwrnh=100&lmt=1590229495&rafmt=1&to=qs&pwprc=9227484730&psa=0&guci=1.2.0.0.2.2.0.0&format=1145x280&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590229495928&bpp=1&bdt=330&idt=1&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C392x280&nras=1&correlator=1011541896772&frm=20&pv=1&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=44712&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=21&ady=2615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=A7TKPfJppJ&p=http%3A//xn--80adth0aefm3i.xn--j1amh&dtd=11
Frame ID: DED1CC78D375C4836167CF29A6C5A23F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 5C429AFA2E2749E37B97D7D0AE1B0322
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

24
Requests

46 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

8
IPs

2
Countries

210 kB
Transfer

496 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: http://www.i.ua/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
xn--80adth0aefm3i.xn--j1amh/ 15 KB
5 KB 249ms
87ms Document
text/html 176.111.63.115
UN-UKRAINE-AS Kiev

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--80adth0aefm3i.xn--j1amh/
Protocol: HTTP/1.1
Server: 176.111.63.115 , Ukraine, ASN24703 (UN-UKRAINE-AS Kiev, Ukraine, UA),
Reverse DNS: vhost1-ua.parkovka.ua
Software: Apache /
Resource Hash: fb4bb6c1d704e07108ecd5d8d803c6d60159c1935e79ef4c3bd0fc128d02494a

Request headers

Host: xn--80adth0aefm3i.xn--j1amh
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 23 May 2020 10:24:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5227
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK function.js Show response
xn--80adth0aefm3i.xn--j1amh/_js/ 20 KB
6 KB 49ms
49ms Script
text/javascript 176.111.63.115
UN-UKRAINE-AS Kiev

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--80adth0aefm3i.xn--j1amh/_js/function.js?v=5
Requested by: Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/
Protocol: HTTP/1.1
Server: 176.111.63.115 , Ukraine, ASN24703 (UN-UKRAINE-AS Kiev, Ukraine, UA),
Reverse DNS: vhost1-ua.parkovka.ua
Software: Apache /
Resource Hash: 322354ae8d0232f4dc298bed5a9d2cc729b79cf35da2d87d35ab4292280667a7

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 23 May 2020 10:24:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 May 2020 07:23:41 GMT
Server: Apache
ETag: "6217f0-4fdf-5a5becf2c8f9d"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6008

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ca763af24d15ce0742a1bf67304d0a23587b0a9d296670742a5caf7eee5e9fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 23 May 2020 10:24:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5009305713781295135
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 39264
X-XSS-Protection: 0
Expires: Sat, 23 May 2020 10:24:55 GMT

GET
H/1.1 200
OK style.css
xn--80adth0aefm3i.xn--j1amh/_css/default/ 11 KB
3 KB 49ms
48ms Stylesheet
text/css 176.111.63.115
UN-UKRAINE-AS Kiev

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--80adth0aefm3i.xn--j1amh/_css/default/style.css?v=5
Requested by: Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/_js/function.js?v=5
Protocol: HTTP/1.1
Server: 176.111.63.115 , Ukraine, ASN24703 (UN-UKRAINE-AS Kiev, Ukraine, UA),
Reverse DNS: vhost1-ua.parkovka.ua
Software: Apache /
Resource Hash: 778c3eff71a8a54ca0c46b385c511702093781b00891b1ab0058c1b5e2c1af6b

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 23 May 2020 10:24:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Apr 2020 22:36:38 GMT
Server: Apache
ETag: "6206d7-2dad-5a3e8c3f65b3f"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3038

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
952 B 35ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--80adth0aefm3i.xn--j1amh

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 May 2020 10:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
952 B 35ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--80adth0aefm3i.xn--j1amh

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 May 2020 10:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/ 218 KB
83 KB 47ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 23 May 2020 10:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83958
x-xss-protection: 0
server: cafe
etag: 14927078227322710652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 May 2020 10:24:55 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/ Frame E89B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200519/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xn--80adth0aefm3i.xn--j1amh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://xn--80adth0aefm3i.xn--j1amh/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 20 May 2020 02:19:05 GMT
expires: Wed, 03 Jun 2020 02:19:05 GMT
content-type: text/html; charset=UTF-8
etag: 17826495148367054107
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4284
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 288350
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK icon_soc.png
xn--80adth0aefm3i.xn--j1amh/_css/default/ 28 KB
29 KB 49ms
49ms Image
image/png 176.111.63.115
UN-UKRAINE-AS Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xn--80adth0aefm3i.xn--j1amh/_css/default/icon_soc.png
Requested by: Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/
Protocol: HTTP/1.1
Server: 176.111.63.115 , Ukraine, ASN24703 (UN-UKRAINE-AS Kiev, Ukraine, UA),
Reverse DNS: vhost1-ua.parkovka.ua
Software: Apache /
Resource Hash: 563e8b4a5c56135b05bcc78fd76611cde0fdecd271a3d40b6b7ba65ca36dcfb5

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/_css/default/style.css?v=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 23 May 2020 10:24:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jan 2020 14:56:18 GMT
Server: Apache
ETag: "6204e8-71b9-59b154771ff48"
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 29122

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 131 B
422 B 97ms
83ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.bigmir.net/?o1&v16945993&s16946482&t0&c1&n963458&w0&y0&d24&r1600
Requested by: Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: f40777c4f6c2e507a3ba9b7d6bd2b0ca8f2844a059c257e6b8441d9144351da3

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sat, 23 May 2020 10:24:55 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F665 0
0 64ms
64ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9000791174239560&output=html&adk=1812271804&adf=3025194257&lmt=1590229495&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590229495702&bpp=11&bdt=103&idt=80&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1011541896772&frm=20&pv=2&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=11944&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=99

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9000791174239560&output=html&adk=1812271804&adf=3025194257&lmt=1590229495&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590229495702&bpp=11&bdt=103&idt=80&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1011541896772&frm=20&pv=2&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=11944&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xn--80adth0aefm3i.xn--j1amh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://xn--80adth0aefm3i.xn--j1amh/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 May 2020 10:24:55 GMT
server: cafe
content-length: 625
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-May-2020 10:39:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 23 May 2020 10:24:55 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 23 May 2020 10:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589974910160429"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27764
x-xss-protection: 0
expires: Sat, 23 May 2020 10:24:55 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 41B3 0
0 305ms
305ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9000791174239560&output=html&h=280&slotname=7383677560&adk=4016557144&adf=404036695&w=392&fwrn=4&fwrnh=100&lmt=1590229495&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=392x280&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590229495733&bpp=4&bdt=135&idt=74&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1011541896772&frm=20&pv=1&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=44712&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1181&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MIZxIp6LFK&p=http%3A//xn--80adth0aefm3i.xn--j1amh&dtd=81

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8962716196691460195/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8962716196691460195/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLC918HiyekCFZUO4AodwyoCaw&gqi=9_nIXummMpuCgQfEr5sw&layout=/sadbundle/%24csp%253Der3%24/8962716196691460195/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9000791174239560&output=html&h=280&slotname=7383677560&adk=4016557144&adf=404036695&w=392&fwrn=4&fwrnh=100&lmt=1590229495&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=392x280&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590229495733&bpp=4&bdt=135&idt=74&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1011541896772&frm=20&pv=1&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=44712&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1181&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MIZxIp6LFK&p=http%3A//xn--80adth0aefm3i.xn--j1amh&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xn--80adth0aefm3i.xn--j1amh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://xn--80adth0aefm3i.xn--j1amh/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8962716196691460195/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8962716196691460195/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLC918HiyekCFZUO4AodwyoCaw&gqi=9_nIXummMpuCgQfEr5sw&layout=/sadbundle/%24csp%253Der3%24/8962716196691460195/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 May 2020 10:24:56 GMT
server: cafe
content-length: 31560
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-May-2020 10:39:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 23 May 2020 10:24:56 GMT
cache-control: private

GET
H/1.1 200
OK s
r.i.ua/ 772 B
1 KB 105ms
91ms Image
image/png 91.198.36.16
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://r.i.ua/s?u210956&p4&n0.38010458488123566&c1&d24&w1600&h1200&rxn--80adth0aefm3i.xn--j1amh/
Requested by: Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/
Protocol: HTTP/1.1
Server: 91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: r.i.ua
Software: nginx /
Resource Hash: ddd6530f3f7d4c888ae0cd6a78412611566f540cc97c86cb24677c8cf3e9a8a8

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 May 2020 10:24:55 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/png
Expires: 0

GET
H/1.1 200
OK b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
388 B 95ms
80ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by: Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 23 May 2020 10:24:55 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:28 GMT
Server: nginx
ETag: "45b60a34-41"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 65
Expires: Tue, 26 May 2020 10:24:55 GMT

GET
H/1.1 200
OK b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 78 B
401 B 99ms
84ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by: Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 23 May 2020 10:24:55 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:28 GMT
Server: nginx
ETag: "45b60a34-4e"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 78
Expires: Tue, 26 May 2020 10:24:55 GMT

GET
H/1.1 200
OK b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
389 B 94ms
80ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by: Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 23 May 2020 10:24:55 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:28 GMT
Server: nginx
ETag: "45b60a34-42"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 66
Expires: Tue, 26 May 2020 10:24:55 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
415 B 14ms
13ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-9000791174239560&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C2%2C3%2C7&apv=20200511_200457&afm=0&as_count=1&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.091&alldns=0.182&allp=20&fd=(0%2C4%2C1)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=3077&su=xn--80adth0aefm3i.xn--j1amh&r=0.1

Requested by

Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 May 2020 10:24:55 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame DED1 0
0 270ms
269ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9000791174239560&output=html&h=280&adk=871865870&adf=1950255931&w=1145&fwrn=4&fwrnh=100&lmt=1590229495&rafmt=1&to=qs&pwprc=9227484730&psa=0&guci=1.2.0.0.2.2.0.0&format=1145x280&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590229495928&bpp=1&bdt=330&idt=1&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C392x280&nras=1&correlator=1011541896772&frm=20&pv=1&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=44712&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=21&ady=2615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=A7TKPfJppJ&p=http%3A//xn--80adth0aefm3i.xn--j1amh&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9000791174239560&output=html&h=280&adk=871865870&adf=1950255931&w=1145&fwrn=4&fwrnh=100&lmt=1590229495&rafmt=1&to=qs&pwprc=9227484730&psa=0&guci=1.2.0.0.2.2.0.0&format=1145x280&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590229495928&bpp=1&bdt=330&idt=1&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C392x280&nras=1&correlator=1011541896772&frm=20&pv=1&ga_vid=67859422.1590229496&ga_sid=1590229496&ga_hid=1985961402&ga_fc=0&iag=0&icsg=44712&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=21&ady=2615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C21066125&oid=3&pvsid=2814602876836417&pem=624&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=A7TKPfJppJ&p=http%3A//xn--80adth0aefm3i.xn--j1amh&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xn--80adth0aefm3i.xn--j1amh/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://xn--80adth0aefm3i.xn--j1amh/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 May 2020 10:24:56 GMT
server: cafe
content-length: 24991
x-xss-protection: 0
set-cookie: IDE=AHWqTUnzL0LNjy2W3ehoHwsj_kAvxHsh-EKmIk4FKaEJy8-TAJnDPvbl7bzsWvIf; expires=Thu, 17-Jun-2021 10:24:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 23 May 2020 10:24:56 GMT
cache-control: private

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
415 B 14ms
13ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=404036695&client=ca-pub-9000791174239560&eid=21066085%2C21066125&et=1&fwrattr=true&io=0&saldr=aa&oa=0.00&qid=CLC918HiyekCFZUO4AodwyoCaw&rafmt=1&roa=0&slot=7383677560&sp=0%2C0&tgt=ins%2Faswift_1_expand.0&tr=1180.78125%2C89%2C1572.78125%2C369&url=http%3A%2F%2Fxn--80adth0aefm3i.xn--j1amh%2F&vp=1600x1200

Requested by

Host: xn--80adth0aefm3i.xn--j1amh
URL: http://xn--80adth0aefm3i.xn--j1amh/

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 May 2020 10:24:56 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 35ms
17ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200519&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e9fa4f8194f4922538f9f62716b93275d3c173eab25f1f871dd3194dd86b41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 May 2020 10:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5552
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 23 May 2020 10:24:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Sat, 23 May 2020 10:24:56 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5C42 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://xn--80adth0aefm3i.xn--j1amh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://xn--80adth0aefm3i.xn--j1amh/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sat, 23 May 2020 09:35:13 GMT
expires: Sun, 23 May 2021 09:35:13 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2983
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 39ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200519&jk=2814602876836417&bg=!uLulu6NYGplYwEhnz5UCAAAAS1IAAAAPmQGCzEbYL1pUEmwbnnIbgNbLmvhAKAu10qPxdAAqyVlnc1cCplxn2PJVJLMeqyn9iV6EJmTJwlTjt-cst3KkP3Ms7d63J5VxgwtvwF1LHjryDOMuoAq-rZtkR7UasqTrF0BcjyCsCVqBkMF4pBdMdryWwiGqDJvAKjLpQBVGIQBhxJm6GM4uhsvUc2a_sShfNJj5Q9SN10C65HRMJOtb80OKaoGolVt9UTZjh4vGSsu6b6FjvdgR_ZR_5-PglJCkbHtcejQzoeqHC7CH41vZBLaicGkprec3xaA8jRD41JqkdbbdxcAJG2UIoSuQFVCSteWJZpdvu1TuvUvnYniQRPAQOteenOuebIXNWYpjp9wSjDGfLTasMt_ZURttyBQqezprrrPoqyxPdqPqSs9CXK5kyi3zzIF0e_guR75ZLkto2L7Mh4-I-g6xJ3l7nGThylC_oAjjAag-Sosm1-tvLHy3ZDt66rjXQcYQA0P5Xs2z5D3XCRGPxqJlHZf8Kl09w03DFfw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--80adth0aefm3i.xn--j1amh/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 May 2020 10:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 09:43:53	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 19:05:25	Name: IDE Value: AHWqTUnzL0LNjy2W3ehoHwsj_kAvxHsh-EKmIk4FKaEJy8-TAJnDPvbl7bzsWvIf
xn--80adth0aefm3i.xn--j1amh/	1969-12-31 23:59:59	Name: b Value: b
xn--80adth0aefm3i.xn--j1amh/	1970-01-19 11:53:25	Name: tema Value: default

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.bigmir.net
googleads.g.doubleclick.net
i.bigmir.net
pagead2.googlesyndication.com
r.i.ua
tpc.googlesyndication.com
www.googletagservices.com
xn--80adth0aefm3i.xn--j1amh
176.111.63.115
193.239.68.97
193.239.71.100
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:817::2002
2a00:1450:4001:819::2002
91.198.36.16
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0ca763af24d15ce0742a1bf67304d0a23587b0a9d296670742a5caf7eee5e9fb
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
322354ae8d0232f4dc298bed5a9d2cc729b79cf35da2d87d35ab4292280667a7
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
563e8b4a5c56135b05bcc78fd76611cde0fdecd271a3d40b6b7ba65ca36dcfb5
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
778c3eff71a8a54ca0c46b385c511702093781b00891b1ab0058c1b5e2c1af6b
8e9fa4f8194f4922538f9f62716b93275d3c173eab25f1f871dd3194dd86b41d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ddd6530f3f7d4c888ae0cd6a78412611566f540cc97c86cb24677c8cf3e9a8a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f40777c4f6c2e507a3ba9b7d6bd2b0ca8f2844a059c257e6b8441d9144351da3
fb4bb6c1d704e07108ecd5d8d803c6d60159c1935e79ef4c3bd0fc128d02494a

xn--80adth0aefm3i.xn--j1amh Open in urlscan Pro Puny яваскрипт.укр IDN 176.111.63.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

46 %HTTPS

50 %IPv6

8 Domains

10 Subdomains

8 IPs

2 Countries

210 kBTransfer

496 kBSize

4 Cookies

2 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

4 Cookies

Indicators

xn--80adth0aefm3i.xn--j1amh Open in urlscan Pro Puny
яваскрипт.укр IDN
176.111.63.115 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

46 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

8
IPs

2
Countries

210 kB
Transfer

496 kB
Size

4
Cookies

24 HTTP transactions
0 data transactions