lb.ua Open in urlscan Pro
95.217.122.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lb.ua/
Effective URL:
https://lb.ua/
Submission: On March 18 via api (March 18th 2022, 2:34:58 am UTC) from GB — Scanned from GB

Summary HTTP 102 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 16 domains to perform 102 HTTP transactions. The main IP is 95.217.122.140, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is lb.ua. The Cisco Umbrella rank of the primary domain is 290165.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 7th 2022. Valid for: a year.

This is the only time lb.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	95.217.122.140 95.217.122.140	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
1 2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
102	24

43 95.217.122.140 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: lb.ua

lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	lb.ua 1 redirects lb.ua — Cisco Umbrella Rank: 290165 i.lb.ua — Cisco Umbrella Rank: 432462	867 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	328 KB
13	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	196 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 pix.eu.criteo.net — Cisco Umbrella Rank: 7328 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	57 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702	41 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	72 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5368 www.google.co.uk — Cisco Umbrella Rank: 3345	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 243	17 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7964	1 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	921 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	410 B
102	16

	Domain	Requested by
32	i.lb.ua	lb.ua
11	lb.ua	1 redirects lb.ua
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	lb.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	lb.ua securepubads.g.doubleclick.net
2	pix.eu.criteo.net	ads.eu.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.facebook.com	lb.ua
2	connect.facebook.net	lb.ua connect.facebook.net
2	ssl.google-analytics.com	1 redirects lb.ua
2	counter.yadro.ru	1 redirects lb.ua
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.co.uk	lb.ua
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
102	26

This site contains links to these domains. Also see Links.

Domain
rus.lb.ua
en.lb.ua
like.lb.ua
www.facebook.com
twitter.com
t.me
www.youtube.com
depositphotos.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.lb.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-07` - `2023-02-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-25` - `2022-03-25`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://lb.ua/
Frame ID: C83AC30344FA621D0588F20A038AAF51
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: 6AE595C1748FA5FF9D8466F0FA575221
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&adk=1812271804&adf=3025194257&lmt=1647570893&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16777344%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&plas=209x810_l%7C209x810_r&format=0x0&url=https%3A%2F%2Flb.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893188&bpp=2&bdt=304&idt=133&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2383546143777&frm=20&pv=2&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=150
Frame ID: E7DF7E21F965DD2920E5DCED443A869D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1647570893&psa=0&format=320x150&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893201&bpp=4&bdt=317&idt=155&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=258&ady=1360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=B7hljmQLQn&p=https%3A//lb.ua&dtd=159
Frame ID: 141D1465CC52AD5755E4F1385395530B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&slotname=9952089888&adk=2082505381&adf=3370432024&pi=t.ma~as.9952089888&w=336&lmt=1647570893&psa=0&format=336x280&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893207&bpp=10&bdt=324&idt=164&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dwg3TQLyJ8&p=https%3A//lb.ua&dtd=166
Frame ID: 680B9BAF490F3F295BDE0F21C5C07B74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=415775276&pi=t.ma~as.8605697088&w=300&lmt=1647570893&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893217&bpp=1&bdt=333&idt=159&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mZMzDB3Rbw&p=https%3A//lb.ua&dtd=161
Frame ID: A5B0EC97A2ACB22B99D1284AC84B15B0
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjPvzQAGZdkIu9FUAAEMb1pFMr1nWWaLmjRh4Q&u=%7CThWQfz6lNWcqX%2BsIIts8oLlFJfx1QD45cCVf0zwEYbA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDjPN4FBZnXjjyNRIv_c2QYjRDmozPcohQkj2UeNdhs9AS5S9xAdnMxoYwVWe4LZcEgAZasnMN4iRaREva5A0SISWfQqurZwE81lMnF7sbODxtFQdjukdmyVVHSgTMhx_qnohtJtzp8X9gqsmh3kWlTDlKFPLb3e8IElPav1iGvKUzWnG02AtVeIW3Z1rJLfL66w75M-K7c2Wbk1fNiKiLBeMSHqFv7e004ymb_HRGPnHiN_tCO17Xy_W3pRmK8u1t54XpVVCpDqy1d378x10nhpFstS0pxDqI3RzS0UH-GbhyCRH_qy-sJsKmRcSQCsZzLzzp78W0Ph1GZwDcKJ-azFfXna76pBUBdiQo0I-ogodGEnTBdQVjIl8vaAX-0RqEX9qfSqG1G9eC212dtf653g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQNn5ze8zYtnLGdSi7_UP75iE0APkj9KxXL_b_YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTYwOTY5MzIwNjQ1ODUwODCgAb3UiOsDyAEJqQIKLw247Q-2PqgDAaoE2AFP0G6YJNqtWLXkE3Mc4RFMaf17s1xuyklI6cxwbu5nGcGdpmyquMbfQl2MRp-FygoetcSX5v6AMbpl9q3osKka9pnH_h97Pu4lsZhj8Z8a7zfxdoJAM4ROgKZeoMslHyGzVWxunaY6DkosSvpbhKH56cyoE8LPkvwYQeZt9LeEmyDMr0Myw5Yyes9vJJL2uEYIN2cdM-JPH38jcEshYPfi5ZNUkQ_91kHbM1hUqTBEv1IAk1UE5ceaUDIWXBQYRkNFuEz0UbjaIH2joJ3JF5KQcCRMzQ1JiZGABo3e96HJnKTC1wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_313M_n11hFCsjzSVwGEJO9FnizgA%26client%3Dca-pub-6096932064585080%26adurl%3D
Frame ID: 057F437DB971E1283B8BEA0AD8BF7D4D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A5AE696DEEC86776EC0A61CF848813DA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Frame ID: 38516652A16572F25E41EEE70841ABE3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CC798021A5692C8CC0F55E6F48AAB980
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C8AED338A3B37F040ED6FA3FC090920
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F48C0455708A91DB42F1504CC3E527E5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України від LB.ua: оперативна аналітика української політики, економіки, новини культури та спорту

Page URL History Show full URLs

http://lb.ua/ HTTP 301
https://lb.ua/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

98 %
HTTPS

75 %
IPv6

16
Domains

26
Subdomains

24
IPs

6
Countries

1708 kB
Transfer

3228 kB
Size

12
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://rus.lb.ua/
Title: РУС

Search URL Search Domain Scan URL

URL: https://en.lb.ua/
Title: ENG

Search URL Search Domain Scan URL

URL: https://like.lb.ua/
Title: Like

Search URL Search Domain Scan URL

URL: https://www.facebook.com/%D0%9B%D1%96%D0%B2%D0%B8%D0%B9-%D0%91%D0%B5%D1%80%D0%B5%D0%B3-LBUA-111382865585059

Search URL Search Domain Scan URL

URL: https://twitter.com/lb_ua

Search URL Search Domain Scan URL

URL: https://t.me/lbua_official

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/LBTV_channel

Search URL Search Domain Scan URL

URL: https://rus.lb.ua/culture/2022/03/15/509644_zavtra_rossii.html

Search URL Search Domain Scan URL

URL: http://depositphotos.com/?utm_source=LB&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lb.ua/ HTTP 301
https://lb.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps://lb.ua/;0.6446019013373934 HTTP 302
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps://lb.ua/;0.6446019013373934

Request Chain 55

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=29098570&utmhn=lb.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D0%B2%D1%96%D0%B4%20LB.ua%3A%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%97%20%D0%BF%D0%BE%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8%2C%20%D0%B5%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%96%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D1%83&utmhid=2112353063&utmr=-&utmp=%2Flb%2F&utmht=1647570893384&utmac=UA-10143123-13&utmcc=__utma%3D5405166.1312300208.1647570893.1647570893.1647570893.1%3B%2B__utmz%3D5405166.1647570893.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=482690921&utmredir=1&utmu=qBCAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10143123-13&cid=1312300208.1647570893&jid=482690921&_v=5.7.2&z=29098570 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1312300208.1647570893&jid=482690921&_v=5.7.2&z=29098570 HTTP 302
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1312300208.1647570893&jid=482690921&_v=5.7.2&z=29098570&slf_rd=1&random=2704854941

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lb.ua/
Redirect Chain

http://lb.ua/
https://lb.ua/

67 KB
23 KB

245ms
122ms

Document
text/html

95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: 9cd2ee5b83d4bd3d635da74dbee6326ac9197ae40174380139cfafe77b04c758

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 18 Mar 2022 02:34:52 GMT
content-length: 23281

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://lb.ua/
Server: Microsoft-IIS/10.0
Date: Fri, 18 Mar 2022 02:34:52 GMT
Content-Length: 137

GET
H2 200 ptsans.woff2
lb.ua/media/1523/news/fonts/ 104 KB
104 KB 61ms
60ms Font
application/font-woff2 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1523/news/fonts/ptsans.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 4184605cff7ec3a09e238ad9a8c297305abe1613cb3af988a7dd33b5c0600f62

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
last-modified: Thu, 10 Mar 2022 10:34:00 GMT
server: Microsoft-IIS/10.0
etag: "c7c8d95a6a34d81:0"
content-type: application/font-woff2
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 106704

GET
H2 200 ptsansb.woff2
lb.ua/media/1523/news/fonts/ 106 KB
107 KB 179ms
177ms Font
application/font-woff2 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1523/news/fonts/ptsansb.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: c4d00d0c5c8ab1c7a96c4795bd90fb9e4bb8b2cc36144254f01201b2e70f1678

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
last-modified: Thu, 10 Mar 2022 10:34:00 GMT
server: Microsoft-IIS/10.0
etag: "c7c8d95a6a34d81:0"
content-type: application/font-woff2
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 109012

GET
H2 200 icons.woff2
lb.ua/media/1523/news/fonts/ 65 KB
65 KB 240ms
238ms Font
application/font-woff2 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1523/news/fonts/icons.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
last-modified: Thu, 10 Mar 2022 10:34:00 GMT
server: Microsoft-IIS/10.0
etag: "c7c8d95a6a34d81:0"
content-type: application/font-woff2
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 66624

GET
H2 200 style.css
lb.ua/media/1523/news/css/ 58 KB
11 KB 178ms
176ms Stylesheet
text/css 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1523/news/css/style.css
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 8677b71013fecfa13748ff096fc661d956b435f8f6a22b40fa06d395a0456df5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 10:33:59 GMT
server: Microsoft-IIS/10.0
etag: "805165a6a34d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 10957

GET
H2 200 jquery-3.1.1.min.js Show response
lb.ua/media/1523/news/js/ 85 KB
30 KB 242ms
241ms Script
application/javascript 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1523/news/js/jquery-3.1.1.min.js
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 10:34:00 GMT
server: Microsoft-IIS/10.0
etag: "09cae5a6a34d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 30164

GET
H2 200 common.js Show response
lb.ua/media/1523/news/js/ 72 KB
19 KB 243ms
242ms Script
application/javascript 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1523/news/js/common.js
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: b50b0db1df4e80d8cda87e483a7cc03cf70e93f0259b8285ec04e2e5e1246abd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 10:34:00 GMT
server: Microsoft-IIS/10.0
etag: "09cae5a6a34d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 19042

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 157ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb3e77cb141902d9ff62b1a8d19a0ad3fe1c61a75d920890ac599024e2b952ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54645
x-xss-protection: 0
server: cafe
etag: 10176257622441062882
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 148ms
59ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

b739e0af12c34f905fb69b1d43ba84215a89c5e1961f4ce6435f63dcc17ac9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27860
x-xss-protection: 0
server: sffe
etag: "1161 / 539 of 1000 / last-modified: 1647554712"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H2 200 logo.white.png
lb.ua/media/1523/news/img/logo/ 21 KB
21 KB 60ms
60ms Image
image/png 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1523/news/img/logo/logo.white.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1523/news/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 01348caaa16ac38ef521784b90368092bd215861903db0f52473e4d502494227

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1523/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
last-modified: Thu, 10 Mar 2022 10:33:59 GMT
server: Microsoft-IIS/10.0
etag: "b8df8f5a6a34d81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21495

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 294 KB
106 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6096932064585080&plah=lb.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cac09915ed785cc45f8f896ddc811c1233ca6acdb401b44dcb11757a7ae61c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108581
x-xss-protection: 0
server: cafe
etag: 6483298014807298798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame 6AE5 10 KB
5 KB 121ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Thu, 17 Mar 2022 20:47:02 GMT
expires: Thu, 31 Mar 2022 20:47:02 GMT
cache-control: public, max-age=1209600
age: 20871
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sprite.png
lb.ua/media/1523/news/img/ 13 KB
13 KB 60ms
60ms Image
image/png 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1523/news/img/sprite.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1523/news/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: b00d32d226e40d8ac2eb0a6851388d6682f0196e8c1ce46db8e06d6571cf5a0d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1523/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
last-modified: Thu, 10 Mar 2022 10:34:00 GMT
server: Microsoft-IIS/10.0
etag: "d967b85a6a34d81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 13544

GET
H2 200 62211d74032b5_200_130.jpeg
i.lb.ua/074/39/ 5 KB
5 KB 224ms
154ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/074/39/62211d74032b5_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 783a5b4f4d208130f4fb3bc0c6415517bbb88783a3702efb7668da0159eff99c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 03 Mar 2022 19:56:36 GMT
server: Microsoft-IIS/10.0
etag: "5df61cca382fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5527

GET
H2 200 6233665fbe411_200_130.jpeg
i.lb.ua/017/31/ 7 KB
7 KB 221ms
150ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/017/31/6233665fbe411_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 8bef447a5b48657f68fe3a1a0437d7f5bfc4d03aabcb7cde58236aa072093e82

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 16:48:32 GMT
server: Microsoft-IIS/10.0
etag: "d76e45d61e3ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6998

GET
H2 200 6233706b1eeae_200_130.jpeg
i.lb.ua/049/20/ 7 KB
7 KB 478ms
408ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/049/20/6233706b1eeae_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 494ec7abb738aad5b6cb77ae026c29c309be80360c3a403c3c3564b220d7b03f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "d0a69ad2243ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6841

GET
H2 200 62337ecc43b59_200_130.jpeg
i.lb.ua/047/47/ 7 KB
7 KB 479ms
409ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/047/47/62337ecc43b59_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 67d5d24d285a6a599501c370a142d80536fbfce5d04860cfd0c10b564e1a87ae

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 18:32:44 GMT
server: Microsoft-IIS/10.0
etag: "146c8642d3ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7220

GET
H2 200 62336b387effd_200_130.jpeg
i.lb.ua/115/12/ 5 KB
5 KB 129ms
59ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/115/12/62336b387effd_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 5950668826532dbb81bddf0358e41da309701301c744b057bbf0eff305713fe5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
last-modified: Thu, 17 Mar 2022 17:09:13 GMT
server: Microsoft-IIS/10.0
etag: "4779cab9213ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5372

GET
H2 200 62338edb4cfd0_200_130.jpeg
i.lb.ua/094/00/ 7 KB
8 KB 214ms
145ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/094/00/62338edb4cfd0_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 64f86c4c209de636c9bd4dccbc6e326dbf829ca728342036e01fbee2e7659806

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 19:41:16 GMT
server: Microsoft-IIS/10.0
etag: "de06ef7363ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7600

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps://lb.ua/;0.6446019013373934
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps://lb.ua/;0.6446019013373934

132 B
618 B

71ms
71ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps://lb.ua/;0.6446019013373934

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

HTTP/1.1

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 02:34:53 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 132
Expires: Wed, 17 Mar 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 02:34:53 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps://lb.ua/;0.6446019013373934
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 17 Mar 2021 21:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6238
date: Fri, 18 Mar 2022 00:50:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 18 Mar 2022 02:50:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 118ms
39ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: coVk8xnUgy4YR/O/hxE9qHtji0pXvnelVaQ6J1yZ85dZtoHZkH7O+h3oOq5PsXprcY+SofIVwEBrWHGTXBnxOA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Fri, 18 Mar 2022 02:34:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scrolltop.png
lb.ua/media/1523/news/img/icos/ 333 B
389 B 59ms
59ms Image
image/png 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1523/news/img/icos/scrolltop.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1523/news/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: f6f6baa5fa4616c905fa7630360ca8c6828ae91723ec822b1915203a1744b4b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1523/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
last-modified: Thu, 10 Mar 2022 10:33:59 GMT
server: Microsoft-IIS/10.0
etag: "96f2a25a6a34d81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 333

GET
H2 200 6233926bbe78c.jpeg
i.lb.ua/117/30/ 18 KB
18 KB 181ms
151ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/117/30/6233926bbe78c.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: ff474e22dc9e4f45878ab8a737587c8cb8c3fc38d8af2f80880795c7e77d9f13

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 19:56:27 GMT
server: Microsoft-IIS/10.0
etag: "aff5d016393ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 18143

GET
H2 200 62338fb0a3cdb.jpeg
i.lb.ua/053/24/ 27 KB
28 KB 182ms
153ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/053/24/62338fb0a3cdb.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: d9f4d05f2890fa1c438364d0f5e59112e719a087e8188ac15506bbd28c6a3972

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 19:44:48 GMT
server: Microsoft-IIS/10.0
etag: "2bad3a76373ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 28113

GET
H2 200 623391bc09366.jpeg
i.lb.ua/069/44/ 17 KB
17 KB 184ms
154ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/069/44/623391bc09366.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 130272bcc3259e8947b5731a68141caeea30c6365eec91b9cc8bc75bc4225014

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 19:53:32 GMT
server: Microsoft-IIS/10.0
etag: "cd1814ae383ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 17313

GET
H2 200 6232fbacce603.jpeg
i.lb.ua/007/58/ 19 KB
19 KB 439ms
409ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/007/58/6232fbacce603.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 2dc9bf6f3bce92ffd311dbd313bac16b44da3542b7c2ea18958c759ca417ec65

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 09:13:16 GMT
server: Microsoft-IIS/10.0
etag: "cfcd43cdf39d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 19317

GET
H2 200 623259e51e826.jpeg
i.lb.ua/121/34/ 41 KB
41 KB 181ms
151ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/121/34/623259e51e826.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: bd45bcac49a7dad13102f7e02341cfa11bd3f7363dacbe2490c20e4f168f8bcc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Wed, 16 Mar 2022 21:43:01 GMT
server: Microsoft-IIS/10.0
etag: "5a7c46cf7e39d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 41557

GET
H2 200 62322756ee66d.jpeg
i.lb.ua/005/06/ 20 KB
20 KB 255ms
254ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/005/06/62322756ee66d.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: ca083c75d6b8dc9cbafcd99080518da1458bed624d9dbecb36eb896bbe15ed58

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Wed, 16 Mar 2022 18:07:19 GMT
server: Microsoft-IIS/10.0
etag: "e5a723ad6039d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 20119

GET
H2 200 6231cd207bdbb.jpeg
i.lb.ua/025/33/ 19 KB
19 KB 256ms
255ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/025/33/6231cd207bdbb.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 4ac8e04e55e585c50d6996f66cc4d70f5304b04f826ef03e8fd8e8ff05b20af5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Wed, 16 Mar 2022 11:42:24 GMT
server: Microsoft-IIS/10.0
etag: "d86cc3e72a39d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 19281

GET
H2 200 6231cce5d1aae.jpeg
i.lb.ua/093/37/ 17 KB
17 KB 62ms
60ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/093/37/6231cce5d1aae.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: b624d1b13ec2538f49346d4285824320462dcd38d315939251d8dea871cd691a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Wed, 16 Mar 2022 11:41:26 GMT
server: Microsoft-IIS/10.0
etag: "8aafcbc42a39d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 17550

GET
H2 200 623112d4d7878.jpeg
i.lb.ua/085/32/ 26 KB
26 KB 184ms
181ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/085/32/623112d4d7878.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 0f41a84df450698d6f84c5fc1671465e35f12938256087e67ca6af761be7bdb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 22:27:32 GMT
server: Microsoft-IIS/10.0
etag: "68fe35ddbb38d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 26674

GET
H2 200 623112c2e6776.jpeg
i.lb.ua/067/14/ 29 KB
29 KB 185ms
182ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/067/14/623112c2e6776.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 847bdfd0afcbbad304c39c058f4aea196921a6d06d762fece76d5cd990ceff05

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 22:27:14 GMT
server: Microsoft-IIS/10.0
etag: "dbf086d2bb38d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 29750

GET
H2 200 6230d91e4d865.jpeg
i.lb.ua/043/00/ 28 KB
28 KB 186ms
184ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/043/00/6230d91e4d865.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: e5008b89071db30ac86d16fe6a9224584fa7197346d1b45a9c3621168fe45fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 18:21:18 GMT
server: Microsoft-IIS/10.0
etag: "41212779938d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 29041

GET
H2 200 6231123b4f93a.jpeg
i.lb.ua/059/05/ 16 KB
16 KB 186ms
185ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/059/05/6231123b4f93a.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: f2086a9ec93fee20ee6273a64420cca946548b0eebc749f1658f5c364d5fd77d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 22:24:59 GMT
server: Microsoft-IIS/10.0
etag: "21d5b381bb38d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16009

GET
H2 200 6230b52d60746.jpeg
i.lb.ua/113/60/ 31 KB
31 KB 187ms
186ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/113/60/6230b52d60746.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 571b21ccfbfdf9c91c3dcb66dca5559333deb3e099c4e9ff186eb837a60d7d5d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 15:47:57 GMT
server: Microsoft-IIS/10.0
etag: "bcc2b4a8438d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 31239

GET
H2 200 6230d37ea97b1.jpeg
i.lb.ua/000/09/ 37 KB
37 KB 127ms
127ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/000/09/6230d37ea97b1.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 3119769075b86d2dc5ffe18683e79e436917123fc363e5930706336bdedd08af

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 17:57:18 GMT
server: Microsoft-IIS/10.0
etag: "ad93ed1c9638d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 37637

GET
H2 200 6230d267c4322_200_130.jpeg
i.lb.ua/102/45/ 9 KB
9 KB 184ms
153ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/102/45/6230d267c4322_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 38df48ad406e5f6a82f974d4cf2d9e55f932c0dd81a26be2f90271e56fa285ef

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 17:52:40 GMT
server: Microsoft-IIS/10.0
etag: "d0e143779538d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 8793

GET
H2 200 622e0262f0151_200_130.jpeg
i.lb.ua/054/58/ 6 KB
6 KB 60ms
59ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/054/58/622e0262f0151_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: ce7f6404960497fc5d4c93b86d84bb04feae378c2aa98756470a2d66959cc84a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Sun, 13 Mar 2022 14:40:35 GMT
server: Microsoft-IIS/10.0
etag: "d55fe4ce836d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6491

GET
H2 200 622f64df90ce6_200_130.jpeg
i.lb.ua/125/24/ 4 KB
5 KB 63ms
61ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/125/24/622f64df90ce6_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 8d5908dab3c4938c9cbf26a166fad0f8d6c4741000c670760440ead1b0fd9c37

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Mon, 14 Mar 2022 15:53:04 GMT
server: Microsoft-IIS/10.0
etag: "de136297bb37d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4525

GET
H2 200 62302ea53087e_200_130.jpeg
i.lb.ua/090/18/ 6 KB
6 KB 63ms
61ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/090/18/62302ea53087e_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 3215a519f478959fc5b3189397d85b0cf2f2c3dc6f88f25de25678ee66d318bd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 06:13:57 GMT
server: Microsoft-IIS/10.0
etag: "8ce1bdb3338d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6025

GET
H2 200 6230d1d1e64dd_200_130.jpeg
i.lb.ua/079/21/ 9 KB
9 KB 63ms
62ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/079/21/6230d1d1e64dd_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: c531d6f255f472c652a07441e67a7822b78f02679c1241d99c2a1c3045c7e2aa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Tue, 15 Mar 2022 17:50:10 GMT
server: Microsoft-IIS/10.0
etag: "903fa51d9538d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9064

GET
H2 200 623174cbf2c03_200_130.jpeg
i.lb.ua/018/37/ 9 KB
9 KB 61ms
61ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/018/37/623174cbf2c03_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: b9cfb1b69f39ae32b83b729d3058835173c2bbd45b847ba3acdf344217e4e27b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Wed, 16 Mar 2022 05:25:33 GMT
server: Microsoft-IIS/10.0
etag: "27e42142f638d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9289

GET
H2 200 6232f3959a53b_200_130.jpeg
i.lb.ua/095/03/ 9 KB
10 KB 329ms
329ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/095/03/6232f3959a53b_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 9e6b0df533774660b64206f6048e5eae6150e5f68bb708877eb4f9a3a9193ce9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 08:38:45 GMT
server: Microsoft-IIS/10.0
etag: "d6e7a6ada39d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9660

GET
H2 200 62337d69d0958_200_130.jpeg
i.lb.ua/073/07/ 8 KB
8 KB 112ms
111ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/073/07/62337d69d0958_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: cff875304d69f2154654b40fdf2d1c7ddebbfe6413afe1d572486deb142aa025

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 18:26:50 GMT
server: Microsoft-IIS/10.0
etag: "dac978912c3ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7986

GET
H2 200 6233948f994cf_200_130.jpeg
i.lb.ua/030/11/ 6 KB
6 KB 62ms
61ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/030/11/6233948f994cf_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 81de1b4203b60486ccb05240f7986198656a23a3584df4798b24ad6a76b7ba20

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 17 Mar 2022 20:05:36 GMT
server: Microsoft-IIS/10.0
etag: "e41ecf5d3a3ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6464

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
410 B 49ms
49ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lb.ua&callback=_gfp_s_&client=ca-pub-6096932064585080

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6096932064585080&plah=lb.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

0b268511ae8e081ed13ed1e43f2abdcdab7876aa3d19f5b99eec76bdfc7a5ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 134ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
49ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flb.ua%2F&tn=DIV&id=popup-donate&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 02:34:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7DF 0
19 B 132ms
85ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&adk=1812271804&adf=3025194257&lmt=1647570893&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16777344%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&plas=209x810_l%7C209x810_r&format=0x0&url=https%3A%2F%2Flb.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893188&bpp=2&bdt=304&idt=133&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2383546143777&frm=20&pv=2&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=150

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Mar 2022 02:34:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Mar 2022 02:34:53 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 141D 21 KB
9 KB 205ms
179ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1647570893&psa=0&format=320x150&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893201&bpp=4&bdt=317&idt=155&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=258&ady=1360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=B7hljmQLQn&p=https%3A//lb.ua&dtd=159

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35f4459bfacbfbadbf49f33060f25b2adf2cd5cac34d55dbcec6f89c0d7dcf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Mar 2022 02:34:53 GMT
server: cafe
content-length: 9281
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Mar 2022 02:34:53 GMT
cache-control: private

GET
H3 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 86ms
39ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 00:19:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 55 B
86 B 97ms
49ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b83ab38fc8da5b3ba70b481cea94134b0a8f4e826aee07c0d39833f20437cbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 680B 430 B
230 B 135ms
123ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&slotname=9952089888&adk=2082505381&adf=3370432024&pi=t.ma~as.9952089888&w=336&lmt=1647570893&psa=0&format=336x280&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893207&bpp=10&bdt=324&idt=164&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dwg3TQLyJ8&p=https%3A//lb.ua&dtd=166

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dfda84acb3610f3ee242701af5f697c921f28d28a0573b7b5e125fba81598ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Mar 2022 02:34:53 GMT
server: cafe
content-length: 207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Mar 2022 02:34:53 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5B0 74 KB
29 KB 253ms
245ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=415775276&pi=t.ma~as.8605697088&w=300&lmt=1647570893&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893217&bpp=1&bdt=333&idt=159&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mZMzDB3Rbw&p=https%3A//lb.ua&dtd=161

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c3edd512faba7cacbe830cad9e436ed6576774685c284958005e0dc4e5b6355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Mar 2022 02:34:53 GMT
server: cafe
content-length: 30136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Mar 2022 02:34:53 GMT
cache-control: private

GET
H2

200

ga-audiences
www.google.co.uk/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=29098570&utmhn=lb.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10143123-13&cid=1312300208.1647570893&jid=482690921&_v=5.7.2&z=29098570
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1312300208.1647570893&jid=482690921&_v=5.7.2&z=29098570
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1312300208.1647570893&jid=482690921&_v=5.7.2&z=29098570&slf_rd=1&random=2704854941

42 B
501 B

137ms
50ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1312300208.1647570893&jid=482690921&_v=5.7.2&z=29098570&slf_rd=1&random=2704854941

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 02:34:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 02:34:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1312300208.1647570893&jid=482690921&_v=5.7.2&z=29098570&slf_rd=1&random=2704854941
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 440471506375777 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 80ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/440471506375777?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

804a883ef195e0bc0f8b0e34c45ef7391155de43477aa6fc808ac941895ae7a0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89191
x-xss-protection: 0
pragma: public
x-fb-debug: uny1DQuPR57KI8+k74v10zEXbuydLfldP10KlfkvHxKiTw+30K8Hk9BSn/OV9YB4zz0IiJseIbhNo2CCrhxW8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Mar 2022 02:34:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 124ms
40ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=440471506375777&ev=PageView&dl=https%3A%2F%2Flb.ua%2F&rl=&if=false&ts=1647570893579&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647570893577.350105967&it=1647570893399&coo=false&rqm=GET

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 141D 2 KB
1 KB 161ms
74ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1647570893&psa=0&format=320x150&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893201&bpp=4&bdt=317&idt=155&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=258&ady=1360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=B7hljmQLQn&p=https%3A//lb.ua&dtd=159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 00:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 00:55:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 141D 117 KB
36 KB 141ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 141D 15 KB
6 KB 136ms
50ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 01:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 1939740185073438140
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 01:54:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 141D 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ83Kze8zYtnLGdSi7_UP75iE0APkj9KxXL_b_YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTYwOTY5MzIwNjQ1ODUwODCgAb3UiOsDyAEJqQIKLw247Q-2PqgDAaoE1QFP0G6YJNqtWLXkE3Mc4RFMaf17s1xuyklI6cxwbu5nGcGdpmyquMbfQl2MRp-FygoetcSX5v6AMbpl9q3osKka9pnH_h97Pu4lsZhj8Z8a7zfxdoJAM4ROgKZeoMslHyGzVWxunaY6DkosSvpbhKH56cyoE8LPkvwYQeZt9LeEmyDMr0Myw5Yyes9vJJL2uEYIN2cdM-JPH38jcEshYPfi5ZNUkQ_91kHbM1hUqTBE_VAhAYamF8IJoj2O33CE7UBRsvD-f6ABrubHPDx2Cb6IoaOmyJ6ABo3e96HJnKTC1wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02MDk2OTMyMDY0NTg1MDgwGAA&sigh=WC9o02Qk2yY&uach_m=[UACH]&cid=CAQSGwCNIrLMEowTHGlEpvSvHURvqhA6r9UbyXn1bBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1647570893&psa=0&format=320x150&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893201&bpp=4&bdt=317&idt=155&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=258&ady=1360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=B7hljmQLQn&p=https%3A//lb.ua&dtd=159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 18 Mar 2022 02:34:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 141D 0
0 108ms
35ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U86uD6_JMMAClgGH-lcYAgAAAMkbQ1iN6R1-cIFdoJaBD64Qze8zYvvVtvDsPXqt9wENABI&wp=YjPvzQAGZdkIu9FUAAEMb1pFMr1nWWaLmjRh4Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 287828
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 057F 113 KB
40 KB 151ms
81ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjPvzQAGZdkIu9FUAAEMb1pFMr1nWWaLmjRh4Q&u=%7CThWQfz6lNWcqX%2BsIIts8oLlFJfx1QD45cCVf0zwEYbA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDjPN4FBZnXjjyNRIv_c2QYjRDmozPcohQkj2UeNdhs9AS5S9xAdnMxoYwVWe4LZcEgAZasnMN4iRaREva5A0SISWfQqurZwE81lMnF7sbODxtFQdjukdmyVVHSgTMhx_qnohtJtzp8X9gqsmh3kWlTDlKFPLb3e8IElPav1iGvKUzWnG02AtVeIW3Z1rJLfL66w75M-K7c2Wbk1fNiKiLBeMSHqFv7e004ymb_HRGPnHiN_tCO17Xy_W3pRmK8u1t54XpVVCpDqy1d378x10nhpFstS0pxDqI3RzS0UH-GbhyCRH_qy-sJsKmRcSQCsZzLzzp78W0Ph1GZwDcKJ-azFfXna76pBUBdiQo0I-ogodGEnTBdQVjIl8vaAX-0RqEX9qfSqG1G9eC212dtf653g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQNn5ze8zYtnLGdSi7_UP75iE0APkj9KxXL_b_YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTYwOTY5MzIwNjQ1ODUwODCgAb3UiOsDyAEJqQIKLw247Q-2PqgDAaoE2AFP0G6YJNqtWLXkE3Mc4RFMaf17s1xuyklI6cxwbu5nGcGdpmyquMbfQl2MRp-FygoetcSX5v6AMbpl9q3osKka9pnH_h97Pu4lsZhj8Z8a7zfxdoJAM4ROgKZeoMslHyGzVWxunaY6DkosSvpbhKH56cyoE8LPkvwYQeZt9LeEmyDMr0Myw5Yyes9vJJL2uEYIN2cdM-JPH38jcEshYPfi5ZNUkQ_91kHbM1hUqTBEv1IAk1UE5ceaUDIWXBQYRkNFuEz0UbjaIH2joJ3JF5KQcCRMzQ1JiZGABo3e96HJnKTC1wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_313M_n11hFCsjzSVwGEJO9FnizgA%26client%3Dca-pub-6096932064585080%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

89d6a71a42caf854c85999b7be916e1c0a052b29d05acf60a239911bb9cf0dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fqysYX8WfiSywPK0g9On2domIzEx59JY-d5KgtYwmWO4-k29HgT-aVRiqO_LXVgCvPk0T3cRzNyVKIpCTHyPgetJ3ohnxDZJJhLa9jONrkn8XlHFZdrzXC_jJrWh9YgzJ6fELukjBUa5rXQobiNnvGQTYDym2uQWpwtTBhTutY4-4NPXNdq5btYiM6fwx2ZWcrwRHQpqp5i8cTAK8yxqYsmjFJxwKscNc1UJyi3ToxRCgwb_lPKW5MZQa_NBiqJS4iUb5Q"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 47346745
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 11426163980723086619
tpc.googlesyndication.com/daca_images/simgad/ Frame A5B0 83 KB
84 KB 108ms
76ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11426163980723086619

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=415775276&pi=t.ma~as.8605697088&w=300&lmt=1647570893&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893217&bpp=1&bdt=333&idt=159&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mZMzDB3Rbw&p=https%3A//lb.ua&dtd=161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f52ffc041b6857ab4e34df4df24024c6496ad056480dda42ecb73231bf690bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:39:34 GMT
x-content-type-options: nosniff
age: 32119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85349
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 09:56:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 17:39:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame A5B0 19 KB
8 KB 70ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 02:05:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame A5B0 2 KB
1 KB 76ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 02:26:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5B0 117 KB
36 KB 129ms
101ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame A5B0 15 KB
6 KB 72ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 02:23:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A5B0 0
0 115ms
114ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5YZ6ze8zYv7XGYTW7_UPgq6zoA2F8tXVaO_iu97aD4Knm_fLLxABIJX8kiVguwagAeXA2dMCyAECqQIKLw247Q-2PqgDAcgDyQSqBO8BT9CQtlDn3Q8FN0fDFFo_otJPBvl8sP7qpVIonBowIHsoFGeX0Sy9sy_Wuj9eLyHr8R2DOxSitRuYY1nzsShsCr1YZEWpsFtsn7QEN0ZwcFKnFWhKYn1rlXVInj-w_ilSPC8NdLzj0Jc-BC7EE5LlKSk8MmV3M_9enIaopwOuozIbRtpQNvq3crZl8g9JoMypE9LmdsIdA4IdZhHi99lUuevWUS_bRD2hwxKoWaPv-aJa5YtCPHMmVpiPR72yfzj7MHbibn9BpZUguWsnP7mdux8B5E3fIFwNr-FVSLSgVYf_uLVDWw4W_81sTUAvisjABJru4ZH4A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeDv6asAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOqfDNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi02MDk2OTMyMDY0NTg1MDgwGAA&sigh=fiaxEqilKLA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=415775276&pi=t.ma~as.8605697088&w=300&lmt=1647570893&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893217&bpp=1&bdt=333&idt=159&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mZMzDB3Rbw&p=https%3A//lb.ua&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 18 Mar 2022 02:34:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame A5B0 28 KB
12 KB 158ms
131ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8bb34e7773640e6852d778e5f792867b6a291a405243f7bd6c55142d2336328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 20:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11771
x-xss-protection: 0
server: cafe
etag: 15823111227481032857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 20:09:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A5AE 143 B
163 B 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=415775276&pi=t.ma~as.8605697088&w=300&lmt=1647570893&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647570893217&bpp=1&bdt=333&idt=159&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=2383546143777&frm=20&pv=1&ga_vid=1312300208.1647570893&ga_sid=1647570893&ga_hid=2112353063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C44760495%2C21065724%2C31065515&oid=2&pvsid=2827031634181974&pem=708&tmod=1871544463&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mZMzDB3Rbw&p=https%3A//lb.ua&dtd=161

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 18 Mar 2022 02:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 057F 2 KB
1 KB 129ms
61ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjPvzQAGZdkIu9FUAAEMb1pFMr1nWWaLmjRh4Q&u=%7CThWQfz6lNWcqX%2BsIIts8oLlFJfx1QD45cCVf0zwEYbA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDjPN4FBZnXjjyNRIv_c2QYjRDmozPcohQkj2UeNdhs9AS5S9xAdnMxoYwVWe4LZcEgAZasnMN4iRaREva5A0SISWfQqurZwE81lMnF7sbODxtFQdjukdmyVVHSgTMhx_qnohtJtzp8X9gqsmh3kWlTDlKFPLb3e8IElPav1iGvKUzWnG02AtVeIW3Z1rJLfL66w75M-K7c2Wbk1fNiKiLBeMSHqFv7e004ymb_HRGPnHiN_tCO17Xy_W3pRmK8u1t54XpVVCpDqy1d378x10nhpFstS0pxDqI3RzS0UH-GbhyCRH_qy-sJsKmRcSQCsZzLzzp78W0Ph1GZwDcKJ-azFfXna76pBUBdiQo0I-ogodGEnTBdQVjIl8vaAX-0RqEX9qfSqG1G9eC212dtf653g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQNn5ze8zYtnLGdSi7_UP75iE0APkj9KxXL_b_YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTYwOTY5MzIwNjQ1ODUwODCgAb3UiOsDyAEJqQIKLw247Q-2PqgDAaoE2AFP0G6YJNqtWLXkE3Mc4RFMaf17s1xuyklI6cxwbu5nGcGdpmyquMbfQl2MRp-FygoetcSX5v6AMbpl9q3osKka9pnH_h97Pu4lsZhj8Z8a7zfxdoJAM4ROgKZeoMslHyGzVWxunaY6DkosSvpbhKH56cyoE8LPkvwYQeZt9LeEmyDMr0Myw5Yyes9vJJL2uEYIN2cdM-JPH38jcEshYPfi5ZNUkQ_91kHbM1hUqTBEv1IAk1UE5ceaUDIWXBQYRkNFuEz0UbjaIH2joJ3JF5KQcCRMzQ1JiZGABo3e96HJnKTC1wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_313M_n11hFCsjzSVwGEJO9FnizgA%26client%3Dca-pub-6096932064585080%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 13 Mar 2023 02:34:53 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 057F 2 KB
1 KB 100ms
33ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 13 Mar 2023 02:34:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 057F 308 B
637 B 99ms
32ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 13 Mar 2023 02:34:53 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 057F 507 B
835 B 128ms
62ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 13 Mar 2023 02:34:53 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 057F 43 B
348 B 199ms
36ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=gcTDNxZHp49La72JOv9TOQBVOZXpz8oirLUfD6AhrPRqE7u1eO8MqdcFlZghNwBrkiqqbF6l6Nq6mJUjjHcBXGasPLkGoBCrw2DbEGqNQRr7p5JGOt_yYbmLV5ZABPmXGuBvBlqQH7SioW066wmf4BQNFyfN3wOKKByDsa2idn5E_PnsUGk1Fg2-i7yV93_RMBXxOSOwU1ksxvQAxflV6rNyKV5kzAntG5dFuQe529gN4sj-PkhV6MgP1b2MYJD-7axPIY2fK_xUkWNzVI6KOockpSvo1I3B_YBJtO77THp5m1KHUYwxdloUL8BNqYyxzXaHlVacCRb3PRe0pIhz1d-aZOhE_7w9bKIOz7QFoBJ4RM_Ax6GCAJGnmM8tAT0_wwi22qVimsLzz6fSHXqT19YPqLBAiBIrm9q0qjsqsrhJqlGseZz3XRQKacnvwGLEsyO2pg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 02:34:53 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3059771
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 057F 12 KB
5 KB 87ms
32ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3646543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47kGZm2o5OQr%2F%2BWpLw0sXtzZL1IoYTpYjnmrkyb%2F%2F2lMtX%2Fxg%2FX4zZgTmsE2XHL%2FUjUl11kZ86npA2RHtitnzDR79i7Drdd9%2FJNQH0vYeeEtGkzY9OjDnNk1YzkGLRGcMCwMenC66b3kZ4zlFYfd2N4k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6eda926668e076e3-LHR
expires: Wed, 08 Mar 2023 02:34:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A5AE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

59ms
59ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Mar 2022 02:34:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Mar 2022 02:34:53 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Mar 2022 02:34:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 057F 12 KB
6 KB 37ms
33ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 13 Mar 2023 02:34:53 GMT

GET
DATA 200
OK truncated
/ Frame 141D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff8c14d84e96309c90f01938d96bc32bf990d3258c2d4bd9e8901490073a590c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 057F 7 KB
8 KB 110ms
32ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=296&m=0&partner=52446&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F52446%2F211222%2F06d68a9820b24a6ba5b658778b03a30d_otm-logo_navy_bg-%281%29_small.png&v=3&w=196&s=yprACjWPCo9SffI5YlCqqN2P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9d6b9a1828d4f385b96567b46c734f0ee46f425c74db5c0e3a2b72ca8b2818eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29390406
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7554
expires: Tue, 21 Feb 2023 06:35:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 057F 36 KB
37 KB 111ms
33ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52446&q=80&r=2&u=https%3A%2F%2Fmedia.onthemarket.com%2Fproperties%2F11383561%2F1383784838%2Fimage-0-1024x1024.jpg&v=3&w=400&s=Gq21BGluxG5XuL5vC35sDwi9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c1da8e169b5f5bfde02d00ac065dc84608238829bcc9b1509d1f94ef97e6c710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=488565
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 37304
expires: Wed, 23 Mar 2022 18:17:39 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 057F 0
128 B 106ms
32ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=fqysYX8WfiSywPK0g9On2domIzEx59JY-d5KgtYwmWO4-k29HgT-aVRiqO_LXVgCvPk0T3cRzNyVKIpCTHyPgetJ3ohnxDZJJhLa9jONrkn8XlHFZdrzXC_jJrWh9YgzJ6fELukjBUa5rXQobiNnvGQTYDym2uQWpwtTBhTutY4-4NPXNdq5btYiM6fwx2ZWcrwRHQpqp5i8cTAK8yxqYsmjFJxwKscNc1UJyi3ToxRCgwb_lPKW5MZQa_NBiqJS4iUb5Q&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 18 Mar 2022 02:34:53 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 057F 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 13 Mar 2023 02:34:53 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 057F 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:53 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 13 Mar 2023 02:34:53 GMT

GET
DATA 200
OK truncated
/ Frame A5B0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09e0c55d9c85e07bceb336cebfee24fb34df11741c008124e9fa53680cf6fbf7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 057F 1003 B
921 B 135ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92538185f11c2023bd0a5e7030688eafbbc0e4a71886c2b6e608399f1ec8fb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 02:16:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 02:34:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 02:34:53 GMT

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3851 35 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 20:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 20:42:48 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ Frame 057F 8 KB
8 KB 124ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:31:44 GMT
x-content-type-options: nosniff
age: 111790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:31:44 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame CC79 0
18 B 81ms
39ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://lb.ua
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/

Response headers

content-type: text/plain
access-control-allow-origin: https://lb.ua
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 18 Mar 2022 02:34:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 99ms
52ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220316&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9321aca5b15313e47322b98ed0fd470325138406e38da66fd2940fbee6e4e43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 02:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10571
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 95ms
47ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 02:34:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C8A 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 23:50:27 GMT
expires: Fri, 17 Mar 2023 23:50:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F48C 783 B
535 B 49ms
49ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4bd172b8bf548ccbee2736098d7494a9057111c47e3b4c1c68b489271321a10

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gE830JXi9PtGuYLlJ030Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 18 Mar 2022 02:34:54 GMT
date: Fri, 18 Mar 2022 02:34:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-gE830JXi9PtGuYLlJ030Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C8A 35 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 20:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 20:42:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F48C 0
0 49ms
49ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220316&jk=2827031634181974&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8C8A 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Pmtvig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5B0 42 B
64 B 105ms
105ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNUyYTNSlDzC-Q1D5TexLu-_uLknurjDcdnEnSX652chH76Mm6la5uvZP7NCcxpY_S6g4rKAGQWLGMvqZA_xO4FnWnk_NUHX83623Txovgnyzorx4lrQ&sai=AMfl-YS39ufPRp0vmeh_bgYBlgrAe1pwpQUg5o2TA9G8HRxu0GAiy-7k8IzEt14-HGI0JK_rgkfCYCQbDbeL&sig=Cg0ArKJSzEV3uBIzj6OyEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1381437064&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647570893378&rpt=453&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 02:34:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220316&jk=2827031634181974&bg=!FxSlFFDNAAba2mK92to7ACkAdvg8WrIiDW0WITFD4NLMW-q8ekqqsKVkcO3AR6yyqs5_77cyPOGo-AIAAABOUgAAAAJoAQeZAsMpeJ3NiS9n-5Sl5Mrft7jJEl9pdqI45rMZS79cmP26-YqmFYchy-iHf9uebhu-qj8pg9B6NzBbFbUPb9jSzzcrYVfjzjqiDvyLLQ2VgfEow5zLOXvwIDIWgz7jWUcR1C7xB-ydjcuV4Ahlki8ul03wx90Zsuo-RneMq3gs4DW5VW_mx3IIeqm3mATpvbzqIq9UEpkm7ey3dwMO7o5mE5wMz5NxAD9oL3j948fp9ZolZ3_hIqsuAdJF0ZfQrppjHF1QiSUHHlwNBeiHRIZp55NqfymArN6xmSo5J6A5JCfQeydpOwb86qSL9GwTOkwJnguX5g-QJn2vo-yYN8CVw9R3wj6_7lI6fAG_Y60ENwbO8lkkj0O-89a1CQP2NnDZQznxgVRr_ctt5qjbFu0HjMOcfR7L0dGbSVnLvdGY6e3Se-StsJDOQ_ZiiQRIgOQO3vXp8uZ4-IztjRVNoAQBtA8UyYWW9XlrRI_M0chhna_Yvued8CSHLQfbn8MEY5KNICEumqEYnnRiCaSwU8pIy6Xao7H9MB7oyW-C6c5E4YE9WXxLbuZMUoTZKBCUkKHvdapdKGtDSsa6oxT8nCqo1Z9JIY3izQgop0dAaHo9TN3GGGOJgJmqJDABCRIMAeHH-BKjkKOMU-BzgocjLQzUN_y2Hhse0O_yNv1UdL_D5yLMogFVN59z0wDlslMqixHId85ct8gNjkHriEulaflnmrAjxFImyBif37zK5strpSzZgyXli309E2h3eZ0f6cqRsL5ijAas2XZKrMPtd9XJaBux5kvch-c8-Lo-S2mu8S4hyWimqQIwiJGj_puh94v22_IEirDhJ1_44lXHVc2tRENUGNL7IluvZctKDdVt0CVWk6hsAN-JB33snX86PYrDw92KgTeOGIIqAKKyVrMx-9FK3pLg1Rq1xQ1oFrJNggArNWQnaA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 02:34:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 623335ea246fe_200_130.jpeg
i.lb.ua/058/37/ 6 KB
6 KB 60ms
59ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/058/37/623335ea246fe_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 2f84b51e187f811b688f34e5e1d61a00274a20010409b008da9f47cc5732716e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:57 GMT
last-modified: Thu, 17 Mar 2022 13:21:46 GMT
server: Microsoft-IIS/10.0
etag: "c5b6a7f313ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5981

GET
H2 200 6232d9f4778ee_200_130.jpeg
i.lb.ua/011/57/ 9 KB
9 KB 61ms
60ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/011/57/6232d9f4778ee_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: 5e6270fd5b06adb24b7f1f7c418a62f8a37128f783260683369e5b1d26f59dd6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:57 GMT
last-modified: Thu, 17 Mar 2022 06:49:32 GMT
server: Microsoft-IIS/10.0
etag: "62cb3f28cb39d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9252

GET
H2 200 623301350ab29_200_130.jpeg
i.lb.ua/027/26/ 7 KB
7 KB 62ms
59ms Image
image/jpeg 95.217.122.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/027/26/623301350ab29_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.140 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb.ua
Software: Microsoft-IIS/10.0 /
Resource Hash: fc5d6d49718bc734122c39f0128811df8eee83eb7a2c3919ff5f08dd9da1e406

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:34:57 GMT
last-modified: Thu, 17 Mar 2022 09:36:53 GMT
server: Microsoft-IIS/10.0
etag: "d2dd2189e239d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7586

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lb.ua/	1969-12-31 23:59:59	Name: session Value: 0bca34b82017d693808cb0d5f75a46e4
.lb.ua/	1969-12-31 23:59:59	Name: __utmc Value: 5405166
.lb.ua/	1970-01-20 06:02:18	Name: __utmz Value: 5405166.1647570893.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.lb.ua/	1970-01-20 01:39:31	Name: __utmt Value: 1
.lb.ua/	1970-01-20 19:10:42	Name: __utma Value: 5405166.1312300208.1647570893.1647570893.1647570893.1
.lb.ua/	1970-01-20 01:39:32	Name: __utmb Value: 5405166.1.10.1647570893
.lb.ua/	1970-01-20 11:01:06	Name: __gads Value: ID=06cf5cbd7a5bba59-229b02cb5fcd006d:T=1647570893:RT=1647570893:S=ALNI_MaoyNxpAetS7jmt2efgu57AOmOyBg
.yadro.ru/	1970-01-20 10:24:46	Name: FTID Value: 1YC-_D2CeaeH1YC-_D000DSG
.yadro.ru/	1970-01-20 10:24:46	Name: VID Value: 2ZfJaV0aA-uH1YC-_D000DVC
.lb.ua/	1970-01-20 03:49:06	Name: _fbp Value: fb.1.1647570893577.350105967
.doubleclick.net/	1970-01-20 11:01:06	Name: IDE Value: AHWqTUkdAQC-vNyRy4nJf6mijfq_3C_bx9_-jF3uHDqxeqtcyV4ZI885j_GNPZnOLus
.doubleclick.net/	1970-01-20 01:39:34	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
connect.facebook.net
counter.yadro.ru
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.lb.ua
lb.ua
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.co.uk
www.google.com
www.googletagservices.com
142.250.185.194
178.250.0.160
178.250.2.135
178.250.2.150
2606:4700::6810:135e
2a00:1450:4001:800::2004
2a00:1450:4001:802::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2008
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c0b::9b
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
88.212.201.216
95.217.122.140
01348caaa16ac38ef521784b90368092bd215861903db0f52473e4d502494227
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09e0c55d9c85e07bceb336cebfee24fb34df11741c008124e9fa53680cf6fbf7
0b268511ae8e081ed13ed1e43f2abdcdab7876aa3d19f5b99eec76bdfc7a5ac8
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0f41a84df450698d6f84c5fc1671465e35f12938256087e67ca6af761be7bdb7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
130272bcc3259e8947b5731a68141caeea30c6365eec91b9cc8bc75bc4225014
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2dc9bf6f3bce92ffd311dbd313bac16b44da3542b7c2ea18958c759ca417ec65
2dfda84acb3610f3ee242701af5f697c921f28d28a0573b7b5e125fba81598ee
2f84b51e187f811b688f34e5e1d61a00274a20010409b008da9f47cc5732716e
3119769075b86d2dc5ffe18683e79e436917123fc363e5930706336bdedd08af
3215a519f478959fc5b3189397d85b0cf2f2c3dc6f88f25de25678ee66d318bd
35f4459bfacbfbadbf49f33060f25b2adf2cd5cac34d55dbcec6f89c0d7dcf85
38df48ad406e5f6a82f974d4cf2d9e55f932c0dd81a26be2f90271e56fa285ef
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
4184605cff7ec3a09e238ad9a8c297305abe1613cb3af988a7dd33b5c0600f62
494ec7abb738aad5b6cb77ae026c29c309be80360c3a403c3c3564b220d7b03f
4ac8e04e55e585c50d6996f66cc4d70f5304b04f826ef03e8fd8e8ff05b20af5
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571b21ccfbfdf9c91c3dcb66dca5559333deb3e099c4e9ff186eb837a60d7d5d
5950668826532dbb81bddf0358e41da309701301c744b057bbf0eff305713fe5
5e6270fd5b06adb24b7f1f7c418a62f8a37128f783260683369e5b1d26f59dd6
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f86c4c209de636c9bd4dccbc6e326dbf829ca728342036e01fbee2e7659806
67d5d24d285a6a599501c370a142d80536fbfce5d04860cfd0c10b564e1a87ae
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
783a5b4f4d208130f4fb3bc0c6415517bbb88783a3702efb7668da0159eff99c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
804a883ef195e0bc0f8b0e34c45ef7391155de43477aa6fc808ac941895ae7a0
81de1b4203b60486ccb05240f7986198656a23a3584df4798b24ad6a76b7ba20
847bdfd0afcbbad304c39c058f4aea196921a6d06d762fece76d5cd990ceff05
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8677b71013fecfa13748ff096fc661d956b435f8f6a22b40fa06d395a0456df5
89d6a71a42caf854c85999b7be916e1c0a052b29d05acf60a239911bb9cf0dd5
8bef447a5b48657f68fe3a1a0437d7f5bfc4d03aabcb7cde58236aa072093e82
8c3edd512faba7cacbe830cad9e436ed6576774685c284958005e0dc4e5b6355
8d5908dab3c4938c9cbf26a166fad0f8d6c4741000c670760440ead1b0fd9c37
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
92538185f11c2023bd0a5e7030688eafbbc0e4a71886c2b6e608399f1ec8fb5b
9321aca5b15313e47322b98ed0fd470325138406e38da66fd2940fbee6e4e43b
9cd2ee5b83d4bd3d635da74dbee6326ac9197ae40174380139cfafe77b04c758
9d6b9a1828d4f385b96567b46c734f0ee46f425c74db5c0e3a2b72ca8b2818eb
9e6b0df533774660b64206f6048e5eae6150e5f68bb708877eb4f9a3a9193ce9
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bd172b8bf548ccbee2736098d7494a9057111c47e3b4c1c68b489271321a10
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8bb34e7773640e6852d778e5f792867b6a291a405243f7bd6c55142d2336328
b00d32d226e40d8ac2eb0a6851388d6682f0196e8c1ce46db8e06d6571cf5a0d
b50b0db1df4e80d8cda87e483a7cc03cf70e93f0259b8285ec04e2e5e1246abd
b624d1b13ec2538f49346d4285824320462dcd38d315939251d8dea871cd691a
b739e0af12c34f905fb69b1d43ba84215a89c5e1961f4ce6435f63dcc17ac9c2
b83ab38fc8da5b3ba70b481cea94134b0a8f4e826aee07c0d39833f20437cbe6
b9cfb1b69f39ae32b83b729d3058835173c2bbd45b847ba3acdf344217e4e27b
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bd45bcac49a7dad13102f7e02341cfa11bd3f7363dacbe2490c20e4f168f8bcc
c1da8e169b5f5bfde02d00ac065dc84608238829bcc9b1509d1f94ef97e6c710
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
c4d00d0c5c8ab1c7a96c4795bd90fb9e4bb8b2cc36144254f01201b2e70f1678
c531d6f255f472c652a07441e67a7822b78f02679c1241d99c2a1c3045c7e2aa
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
ca083c75d6b8dc9cbafcd99080518da1458bed624d9dbecb36eb896bbe15ed58
cac09915ed785cc45f8f896ddc811c1233ca6acdb401b44dcb11757a7ae61c98
ce7f6404960497fc5d4c93b86d84bb04feae378c2aa98756470a2d66959cc84a
cff875304d69f2154654b40fdf2d1c7ddebbfe6413afe1d572486deb142aa025
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d9f4d05f2890fa1c438364d0f5e59112e719a087e8188ac15506bbd28c6a3972
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5008b89071db30ac86d16fe6a9224584fa7197346d1b45a9c3621168fe45fc1
eb3e77cb141902d9ff62b1a8d19a0ad3fe1c61a75d920890ac599024e2b952ba
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2086a9ec93fee20ee6273a64420cca946548b0eebc749f1658f5c364d5fd77d
f52ffc041b6857ab4e34df4df24024c6496ad056480dda42ecb73231bf690bb1
f6f6baa5fa4616c905fa7630360ca8c6828ae91723ec822b1915203a1744b4b5
fc5d6d49718bc734122c39f0128811df8eee83eb7a2c3919ff5f08dd9da1e406
ff474e22dc9e4f45878ab8a737587c8cb8c3fc38d8af2f80880795c7e77d9f13
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ff8c14d84e96309c90f01938d96bc32bf990d3258c2d4bd9e8901490073a590c

lb.ua Open in urlscan Pro 95.217.122.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

98 %HTTPS

75 %IPv6

16 Domains

26 Subdomains

24 IPs

6 Countries

1708 kBTransfer

3228 kBSize

12 Cookies

10 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lb.ua Open in urlscan Pro
95.217.122.140 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

98 %
HTTPS

75 %
IPv6

16
Domains

26
Subdomains

24
IPs

6
Countries

1708 kB
Transfer

3228 kB
Size

12
Cookies

102 HTTP transactions
2 data transactions