www.imgonline.com.ua Open in urlscan Pro
176.9.147.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://imgonline.com.ua/
Effective URL:
https://www.imgonline.com.ua/
Submission: On December 14 via api (December 14th 2022, 12:04:54 am UTC) from GB — Scanned from GB

Summary HTTP 54 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 10 domains to perform 54 HTTP transactions. The main IP is 176.9.147.119, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.imgonline.com.ua. The Cisco Umbrella rank of the primary domain is 893521.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 28th 2022. Valid for: a year.

This is the only time www.imgonline.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	176.9.147.119 176.9.147.119	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
54	14

25 176.9.147.119 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.119.147.9.176.clients.your-server.de

imgonline.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.imgonline.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	imgonline.com.ua 1 redirects imgonline.com.ua — Cisco Umbrella Rank: 795786 www.imgonline.com.ua — Cisco Umbrella Rank: 893521	415 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	239 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	38 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 72 mts0.google.com — Cisco Umbrella Rank: 4304 www.google.com — Cisco Umbrella Rank: 2	65 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	43 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 7344	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	698 B
0	bannerka.ua Failed www.bannerka.ua Failed
54	10

	Domain	Requested by
24	www.imgonline.com.ua	www.imgonline.com.ua
9	pagead2.googlesyndication.com	www.imgonline.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	mts0.google.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	imgonline.com.ua	1 redirects
0	www.bannerka.ua Failed	www.imgonline.com.ua
54	15

This site contains links to these domains. Also see Links.

Domain
www.bannerka.ua

Subject Issuer	Validity	Valid
*.imgonline.com.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-01-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.imgonline.com.ua/
Frame ID: 842C14F87A5DE5A245BE3AE0EF53F7A4
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: ABFFE126C705FE56164BB6E1A54E023C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&adk=1812271804&adf=3025194257&lmt=1670976289&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fwww.imgonline.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670976289047&bpp=5&bdt=275&idt=312&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1214261506323&frm=20&pv=2&ga_vid=1880314915.1670976289&ga_sid=1670976289&ga_hid=1207780701&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779793%2C44780792&oid=2&pvsid=1176179589888124&tmod=967468712&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340
Frame ID: 6DDC2F3BB9566ABE57E8312FCEFD84F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&h=280&slotname=8592316491&adk=3245178112&adf=3508954633&pi=t.ma~as.8592316491&w=740&fwrn=4&fwrnh=100&lmt=1670976289&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.imgonline.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670976289052&bpp=2&bdt=280&idt=342&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1214261506323&frm=20&pv=1&ga_vid=1880314915.1670976289&ga_sid=1670976289&ga_hid=1207780701&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779793%2C44780792&oid=2&pvsid=1176179589888124&tmod=967468712&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=x2t1jtpgyZ&p=https%3A//www.imgonline.com.ua&dtd=347
Frame ID: 91E3AE9CBBDB3F0BCB7173BF27969F5E
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 31933721A9CDCD5CC0DB7D380C46A2D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02BBB65E6D0792F8E816E40C511CADD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CB9D7650994249D3D3CF049E85C975D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Обработка JPEG фотографий онлайн - IMG online

Page URL History Show full URLs

http://imgonline.com.ua/ HTTP 301
https://www.imgonline.com.ua/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

54
Requests

98 %
HTTPS

92 %
IPv6

10
Domains

15
Subdomains

14
IPs

1
Countries

850 kB
Transfer

1481 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bannerka.ua/obmen/2b954a21cd81

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://imgonline.com.ua/ HTTP 301
https://www.imgonline.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.imgonline.com.ua/
Redirect Chain

http://imgonline.com.ua/
https://www.imgonline.com.ua/

11 KB
4 KB

286ms
53ms

Document
text/html

176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 8f0772f8dfca7b641383a176aa016f971b0b0f04d2b29b80cf8d8588871ea9ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Dec 2022 00:04:48 GMT
Keep-Alive: timeout=1200
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Wed, 14 Dec 2022 00:04:48 GMT
Keep-Alive: timeout=1200
Location: https://www.imgonline.com.ua/
Server: nginx

GET
H/1.1 200
OK design.css
www.imgonline.com.ua/ 2 KB
1 KB 53ms
52ms Stylesheet
text/css 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgonline.com.ua/design.css
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: cf23074a5fe104d989c288d16827705c779034c1fd998729166c960639694c03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Mar 2018 10:04:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000, private
Connection: keep-alive
Keep-Alive: timeout=1200
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 175ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124

Requested by

Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

294c9779eaa163792d6b7e4f272c5b2f7dcac77c3fe59c83a46aec2d9e41931b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Origin: https://www.imgonline.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49450
x-xss-protection: 0
server: cafe
etag: 10568359762626483384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 00:04:48 GMT

GET
H/1.1 200
OK random-pixels.jpg
www.imgonline.com.ua/examples/ 14 KB
14 KB 141ms
104ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/random-pixels.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: afc913183fbf9585679bf387f4f23fad5da44c54f0419995c74e4d8afe0d29fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Wed, 07 Dec 2016 18:24:28 GMT
Server: nginx
ETag: "584853dc-3714"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 14100
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK random-pixels-wallpaper.jpg
www.imgonline.com.ua/examples/ 9 KB
9 KB 283ms
52ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/random-pixels-wallpaper.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 736e28b1d87f8b97c330ab583fecc51f853120b741f256999d790e138ec57879

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Dec 2016 18:25:43 GMT
Server: nginx
ETag: "58485427-2288"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 8840
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK random-pixels-background.jpg
www.imgonline.com.ua/examples/ 14 KB
14 KB 284ms
54ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/random-pixels-background.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 599486b5bfde45d569079681ceb8e7f1ea163e86cd2d3fae3613a047db80053d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Sun, 14 May 2017 08:22:32 GMT
Server: nginx
ETag: "591813c8-366a"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 13930
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK photo-mosaic-1-mini.jpg
www.imgonline.com.ua/examples/ 28 KB
28 KB 285ms
55ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/photo-mosaic-1-mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: a0acdaabe3ddf0b5e30a38685ee2121235fe4cbea4e712ef8fed030df2f6dd28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Dec 2016 18:27:58 GMT
Server: nginx
ETag: "584854ae-6eec"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 28396
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK photo-mosaic-2-mini.jpg
www.imgonline.com.ua/examples/ 25 KB
26 KB 284ms
54ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/photo-mosaic-2-mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: efd8909cea7b8b1cac4ffa0b66efde1bf046fe6373f429028dd26c68a7c47f62

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Dec 2016 18:33:07 GMT
Server: nginx
ETag: "584855e3-64eb"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 25835
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK photo-mosaic-3-mini.jpg
www.imgonline.com.ua/examples/ 30 KB
30 KB 269ms
53ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/photo-mosaic-3-mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: cced138ef2e5e182565d6903d7cf366e9d6a01c361a731b887e311d8f5f51042

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Dec 2016 18:24:28 GMT
Server: nginx
ETag: "584853dc-77ce"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 30670
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK painting-with-frame.jpg
www.imgonline.com.ua/examples/ 27 KB
27 KB 164ms
109ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/painting-with-frame.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: e70c5776621837860d75f07069f337eae18736dbd236399ff51b208c8024208c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Wed, 07 Dec 2016 18:32:21 GMT
Server: nginx
ETag: "584855b5-6b56"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 27478
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK oil-painting.jpg
www.imgonline.com.ua/examples/ 34 KB
35 KB 162ms
107ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/oil-painting.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 6676b11e2fd66a66a9ce01b97045453a4244fe45a3f18eedeec1a30549d1676c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Wed, 07 Dec 2016 18:27:57 GMT
Server: nginx
ETag: "584854ad-89b8"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 35256
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK oil-strokes.jpg
www.imgonline.com.ua/examples/ 23 KB
23 KB 159ms
105ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/oil-strokes.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: a78210a027b1bd44f8f2a622810a6aa04664539683fa3c40f478551c2b1cb3db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Wed, 07 Dec 2016 18:30:39 GMT
Server: nginx
ETag: "5848554f-5bbb"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 23483
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK color_palette_1_mini.jpg
www.imgonline.com.ua/examples/ 15 KB
15 KB 166ms
54ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/color_palette_1_mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 39ce521dff8c2bb0750eee98d532b7130945fba06b024af51a1c8730a045e3c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Wed, 07 Dec 2016 18:25:38 GMT
Server: nginx
ETag: "58485422-3a81"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 14977
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK color_palette_2_mini.jpg
www.imgonline.com.ua/examples/ 15 KB
15 KB 160ms
54ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/color_palette_2_mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: d6236fe0c60ea7f1cfb423a656f1ea91131d6cd390e39cbeb34a4a9909504897

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Sun, 14 May 2017 08:22:31 GMT
Server: nginx
ETag: "591813c7-3b36"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 15158
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK color_palette_3_mini.jpg
www.imgonline.com.ua/examples/ 11 KB
11 KB 139ms
53ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/color_palette_3_mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 7a024fe782d24bc2602625c536d917ceae4bf8b9d797ff2a63e46c68cea2c274

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Sun, 14 May 2017 08:21:54 GMT
Server: nginx
ETag: "591813a2-2b26"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 11046
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK one-tone-1.jpg
www.imgonline.com.ua/examples/ 10 KB
10 KB 194ms
53ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/one-tone-1.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 2e2d307f16629930c345f257337e2b52faa02898a1a0e03245d897133d66c3f5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Dec 2016 18:27:30 GMT
Server: nginx
ETag: "58485492-267d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 9853
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK one-tone-6.jpg
www.imgonline.com.ua/examples/ 10 KB
11 KB 225ms
53ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/one-tone-6.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: d0079e5e74c93917fab76e8f2b9b70673a5d41d5d8d8bd8715c743c1f56a7f20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Dec 2016 18:29:54 GMT
Server: nginx
ETag: "58485522-28c8"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 10440
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK one-tone-5.jpg
www.imgonline.com.ua/examples/ 8 KB
8 KB 108ms
53ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/one-tone-5.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 97fc831912e1133f8fd573d4b299e3a3c5a2f8c3bc361f1876133d86f4324c11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Wed, 07 Dec 2016 18:27:13 GMT
Server: nginx
ETag: "58485481-2086"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 8326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bokeh-effect-1.jpg
www.imgonline.com.ua/examples/ 20 KB
20 KB 54ms
54ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/bokeh-effect-1.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: c1d8c86bc29336a44cc518556e18575e1e32942f741944a9384dd691e915c618

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Dec 2016 18:32:22 GMT
Server: nginx
ETag: "584855b6-4fc3"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 20419
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bokeh-effect-2.jpg
www.imgonline.com.ua/examples/ 22 KB
22 KB 53ms
53ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/bokeh-effect-2.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: d019a2a165770dcd2302b6c6467734fdf8d879d5db383f382fcb849d9bafbfc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Dec 2016 18:25:54 GMT
Server: nginx
ETag: "58485432-5748"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 22344
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bokeh-effect-3.jpg
www.imgonline.com.ua/examples/ 20 KB
21 KB 54ms
53ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/bokeh-effect-3.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 6e7a7d8c4afd182d9ba11226881d927f280f7cb6156a24193360d8c4e9a5efb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Sun, 14 May 2017 08:22:16 GMT
Server: nginx
ETag: "591813b8-519d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 20893
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kaleidoscope-effect-1.jpg
www.imgonline.com.ua/examples/ 19 KB
19 KB 55ms
54ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/kaleidoscope-effect-1.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 0d5e77d5870e2b6da94c0e7933484ef33c7a15b2c50abf4100dd76e97c4772c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Mar 2018 01:00:31 GMT
Server: nginx
ETag: "5a9f39af-4a08"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 18952
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kaleidoscope-effect-2.jpg
www.imgonline.com.ua/examples/ 18 KB
19 KB 54ms
54ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/kaleidoscope-effect-2.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: aba0d8663de17f30293ba67668d4889e39862d4dec34437afc7377e7de333586

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Mar 2018 01:00:31 GMT
Server: nginx
ETag: "5a9f39af-48b2"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 18610
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kaleidoscope-effect-3.jpg
www.imgonline.com.ua/examples/ 25 KB
26 KB 53ms
53ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/kaleidoscope-effect-3.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 60f06cb68fe14655acbdd28c4d79c447d8d7082e84d5d3a262bf4e8f341724e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:49 GMT
Last-Modified: Wed, 07 Mar 2018 01:00:29 GMT
Server: nginx
ETag: "5a9f39ad-6585"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 25989
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET button1.gif
www.bannerka.ua/img/referal/ 0
0

GET
H/1.1 200
OK logo.jpg
www.imgonline.com.ua/images/ 7 KB
7 KB 115ms
54ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/images/logo.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/design.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 7069f7c640f5c4bf24319b64a8322dfa1caa469534144f8aebe95db237a5508c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/design.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 00:04:48 GMT
Last-Modified: Wed, 07 Dec 2016 18:34:20 GMT
Server: nginx
ETag: "5848562c-1b35"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 6965
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 188ms
97ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7114716596087124&plah=www.imgonline.com.ua&bust=31071250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cecc381162e146be3e7e2805ede9cb92dddc65bd988d3a4c9c1537574b01abad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120011
x-xss-protection: 0
server: cafe
etag: 6390326672878519293
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 00:04:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame ABFF 10 KB
5 KB 142ms
45ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 25119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 17:06:10 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 17:06:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 177ms
82ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.imgonline.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
698 B 171ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.imgonline.com.ua&callback=_gfp_s_&client=ca-pub-7114716596087124&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7114716596087124&plah=www.imgonline.com.ua&bust=31071250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68f7bf5760296909f23ec2536c57d552e7e1ce9e0c40eeceb0ccb0c5bf3dcabe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 153ms
54ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.imgonline.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 156ms
55ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.imgonline.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DDC 0
19 B 188ms
94ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&adk=1812271804&adf=3025194257&lmt=1670976289&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fwww.imgonline.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670976289047&bpp=5&bdt=275&idt=312&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1214261506323&frm=20&pv=2&ga_vid=1880314915.1670976289&ga_sid=1670976289&ga_hid=1207780701&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779793%2C44780792&oid=2&pvsid=1176179589888124&tmod=967468712&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 00:04:49 GMT
expires: Wed, 14 Dec 2022 00:04:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91E3 106 KB
34 KB 751ms
667ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&h=280&slotname=8592316491&adk=3245178112&adf=3508954633&pi=t.ma~as.8592316491&w=740&fwrn=4&fwrnh=100&lmt=1670976289&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.imgonline.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670976289052&bpp=2&bdt=280&idt=342&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1214261506323&frm=20&pv=1&ga_vid=1880314915.1670976289&ga_sid=1670976289&ga_hid=1207780701&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779793%2C44780792&oid=2&pvsid=1176179589888124&tmod=967468712&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=x2t1jtpgyZ&p=https%3A//www.imgonline.com.ua&dtd=347

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

104945a3295ce3d0f53b522d6208dbe56ebc8e0fd5d842cc5668417a291c8794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34611
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 00:04:50 GMT
expires: Wed, 14 Dec 2022 00:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 91E3 8 KB
1 KB 166ms
60ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&h=280&slotname=8592316491&adk=3245178112&adf=3508954633&pi=t.ma~as.8592316491&w=740&fwrn=4&fwrnh=100&lmt=1670976289&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.imgonline.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670976289052&bpp=2&bdt=280&idt=342&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1214261506323&frm=20&pv=1&ga_vid=1880314915.1670976289&ga_sid=1670976289&ga_hid=1207780701&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779793%2C44780792&oid=2&pvsid=1176179589888124&tmod=967468712&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=x2t1jtpgyZ&p=https%3A//www.imgonline.com.ua&dtd=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 00:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 23:24:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 00:04:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 91E3 2 KB
845 B 169ms
63ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:12:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 91E3 23 KB
10 KB 149ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 15:13:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 91E3 3 KB
1 KB 159ms
65ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 21:21:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 21:21:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 91E3 18 KB
7 KB 155ms
51ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:04:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91E3 153 KB
47 KB 171ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 00:04:50 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 91E3 34 KB
14 KB 152ms
47ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:16:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 91E3 0
0 93ms
92ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYsBCIROZY-bgH8W89u8PwJWZwATSkPfRbIrZr_uREdSEu_uaAhABIMTpgSdgu4aAgNAKoAHdo6HdA8gBCakC-3oDL2m3tD6oAwHIA8sEqgTfAU_QCZE68zxUF4e41P1AK0zS6teWHNRFttnqt_gzQlVugF1SATZnlJ63F57fC3JLP9sFAEiMfre7GYLxm_k9-1XxreYHq7J9Qsng7YrJAs-nrqn4ZtpPdymBu67IpSgLShpsHZhjQw9rPdn_topPEBkkJ-N0K3VTLlm1oJeVHURJorYwNr8NmAIkcIJD6oRtXYP-wgi9L_xW3IaX7ES_b-FXcXwCSHXn4tj-uQ11PBQ1iBJYwSTQpW4QezuK8drZoPYb_FU91VtUFh2lg0p243nShhkggWfw4fj2gx4P207ABN6t4Y2oBJIFBAgEGAGSBQQIBRgEoAYugAeL3N4iqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQodYH0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGYDNPr_a6aBLgTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNzExNDcxNjU5NjA4NzEyNBgA&sigh=zYajSJXgZ_w&uach_m=[UACH]&cid=CAQSGwDq26N9tMiJFceaw9UAEVe9WOIlmEfyP-T3ChgBIBM&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&h=280&slotname=8592316491&adk=3245178112&adf=3508954633&pi=t.ma~as.8592316491&w=740&fwrn=4&fwrnh=100&lmt=1670976289&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.imgonline.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670976289052&bpp=2&bdt=280&idt=342&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1214261506323&frm=20&pv=1&ga_vid=1880314915.1670976289&ga_sid=1670976289&ga_hid=1207780701&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779793%2C44780792&oid=2&pvsid=1176179589888124&tmod=967468712&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=x2t1jtpgyZ&p=https%3A//www.imgonline.com.ua&dtd=347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 00:04:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Dec 2022 00:04:50 GMT

GET
H2 200 data=i3tUIgqkLDZMCXoNaRK1vRkma2q-TCh-yCyOGDkMBXfjVnreNcJ-mADqPMkz0Jd2YrdHDCHO5T0XTLltXenMRX6rlogSOksXL5Jcpbzq0lnq-AypvToVjBJT8SMIuoo
mts0.google.com/vt/ Frame 91E3 63 KB
63 KB 275ms
154ms Image
image/png 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=i3tUIgqkLDZMCXoNaRK1vRkma2q-TCh-yCyOGDkMBXfjVnreNcJ-mADqPMkz0Jd2YrdHDCHO5T0XTLltXenMRX6rlogSOksXL5Jcpbzq0lnq-AypvToVjBJT8SMIuoo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8a26ffbeedff0713ec461e8c69adeb01d1942ab34054a85f8d70e97541552b7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:50 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64009
x-xss-protection: 0
x-server-version-bin: CggIBBCgztucBg==
server: scaffolding on HTTPServer2
etag: 08a75e6b49db38043
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 14 Dec 2022 01:04:50 GMT

GET
DATA 200
OK truncated
/ Frame 91E3 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 91E3 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 91E3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6745ffd5250d426a32571504de9908c961b4f20d5b23f176b7764c45a84cef0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 91E3 28 KB
28 KB 149ms
46ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 440949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 21:35:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 61ms
60ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd8534ad5a350d6baa5cfd478161faade16ed2d663654f05326400db3dd9f5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11258
x-xss-protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3193 36 KB
16 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 156ms
56ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 00:04:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02BB 13 KB
5 KB 47ms
45ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 23:02:19 GMT
expires: Wed, 13 Dec 2023 23:02:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7CB9 783 B
1 KB 156ms
55ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27d88e7bda7e79a60397270088c2ad60d34939cdc2740f1211bc483513ec01ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zYrqn9P4DC7ZhOHCSN2nEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-zYrqn9P4DC7ZhOHCSN2nEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 00:04:51 GMT
expires: Wed, 14 Dec 2022 00:04:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 02BB 36 KB
16 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7CB9 0
0 80ms
80ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1176179589888124&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 02BB 0
10 B 45ms
44ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jPrjfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:04:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 91E3 42 B
64 B 84ms
84ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4wrcz7UpwDckU6GvMjV31rywp7Ib9BbaMLxk6wKujs3I2521p_hC_8zzc4gZ0gva_2a06t_1CRRGygL4nRV5G9LrrLk34WzUQQFserLwMZaR2bz2j1Jy-wgbT9ajpp8BZRFarmJt3z4jNyaW_EUCCRUkJjIpxFPM_iwuWO-HV71ofCrT7oIfMxYNGRlfhVllll8Jzpqw2n0mHM9-X2fZKf7lP-DKHVC9gjwvcY4BP4RH5QU8RBK1B1V5GKNvTozRriaDf9GfW5fKML9IY0oUvFglD6MzjMrMtJTXPP-7pUqRCI1q9At3ckCLfnxAo6Fol7nv7QNS7GWNAdOgqt0B_zTEPmPzknnjMIdysTMMHOKKMqjRofQiSObTLD4NtesKxjxKIw-dWEMq1G_ZjGeNI6sHRYda0UUJHGfJXIT4v9sGFi_PAkLx-KlGkxyjIzUYedFlWo048Ym8iP-zIC9JXI6Ju9Wif1hjcIkx5jgsJe7Lyo5juMvu1RIfWBnUeNX9nZy2yiEGVzZVyix8x0UcWHre44tuRcdM5VQrT58Ew4-bxAYor4oI3-7QZtuy7cRWRWusI1uyK0dz_cb1X_ksrwUc1yp1Lx_dcveIinZTVzHYHHMmS69WGlSsOBMLd44KdE3kWXh0DRNAAKqXxoreYvSRv9rpMh_LVjNNnKDFfss_7rTlGepWw_sZ-ugv2D4f5icFWCDjTujV__W-eyB5ZjYFJqM2fCy201M8EE98K-_fXr0PVyYgH_adORmSaMvC8Vs9wCcY8o59l3D5bR3Z15MNUY8oiMMUPSKkPna_o2o6pLWVqsGy12-9Fx-156seUDYunWWSqD6E-BqGsrZFlwVTupqXWIodkyIl5NwMCgcGXcWi5XkxJXAwS1VN0bu5nNwWI_u7b3ZhySt-2qPHieFsQl1sjx8_dutUs8Nt_XfDfja-CI92Oc0lChJosoLTgo4_OEbGWMv--mRrQtWrH62qfTagD6AYIdFVurxGmJKnhuvn6QNkQWV6YB1_e-hlJvcbS38b_QJaLwa-HVggLKG3XP5mr3GLgr8CUh27fJzqsvfPwjtwP&sai=AMfl-YSyqE4BYXFBpb_JQ3IALqjQksl_U744NaS_wy1uHaBGTrFpwxaMFBUNSCtG_56uQL2_kLjiEcimHhN15w1zaSM7cWFmBi72BMTi&sig=Cg0ArKJSzEsnUXZJUjEqEAE&cid=CAQSGwDq26N9tMiJFceaw9UAEVe9WOIlmEfyP-T3ChgBIBM&id=lidar2&mcvt=1000&p=0,0,280,740&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3245178112&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670976289400&rpt=1293&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 00:04:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
82ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1176179589888124&bg=!Li2lLWnNAAYgquz3AKo7ACkAdvg8Wlx13UCe9whA4hLh2HJL32jDHyp5wYKiFb7Zzqx3xWRcPs4M5wIAAABSUgAAAANoAQeZAriKW6favpAD37g78NJeapY93j0eCVWKnhsECfIJlMb9jbnQU3L0Zgvpf0R1sTzV6_tJcR1hstG6N3CS5LMHXzNsLZbjf57vY6Ziwar-DHTWUI5eQ_A5Xs077MUgxG_GDIcd2IJBa7dIFGnUdz8I7HFh8NI4Ahz-ffIG1YK-KtdTWNiuckN7rytp6y-O_hKLQARpXi8ajSceOotRqTNGa0ZnJQhbIZKnr1om3bBqSXBWReAZNZpkrYTLEkLUYAexm8My8z5polH0GiYshJHHiwBUE6dviB4QkrlOkCFHjscHU_bgVDLrlXW7laNSMRnLsmC2290iBJkxatbRGR3vDLVCfMQq3Q0me6Yz4jOTRZiqYL9EA8PfBKf2Xtmeil1TfGoIkQTf-PGs3jychCM7mMFZXqz0GcBMB2VCciQLX5CmI3VCaICnjehi-5ZLNoyJ43CZMi5fFlEN-RWHjg7ynnhGkvBaC3K5x_Jpus0UIPZKWhuG2xfyztn3UamMLf8_N46Pv85h3kAPo1OBeR6HoehfupfD3qvGt5P3I5f_lV-oybUI2JQMlnyrBU2lrrQi5HGz04ycXLF-yIEw7IIADrPh18a0yyr2Upr3IGnQ_T7KC5Q-Lnu9SD0fAaV7aNoZ02uHC36OaXxQ2GNKkE41kLEhvV7ZeIG2_T6o_4RbsYtatjRQa5s_HB1Qc6kLODdYdupXitmcsyzEzU3MTMZzcCqk3UgWh2LLpcRtf0-m28Gm_r7okkwmCww-3GNgHrxevr_H428PYvPS4-0Uyimlr5PPCy7YZ7enBATbM2rQB3i7G3fjhJQT6r8BD2Xx7l3B0W39dAEy6j0Fx2LPyzn3WN_g8uLLrGJKIMCLI5nsTg8vrQ4OQvt8lnk5YiFbuNP8nMRESBMSGJqFmQJMbb5gEr-ggSOX-hDMqxE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bannerka.ua
URL: https://www.bannerka.ua/img/referal/button1.gif

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgonline.com.ua/	1970-01-20 17:31:12	Name: __gads Value: ID=7053bc0f9d9d8e20-22179797fad9001a:T=1670976289:RT=1670976289:S=ALNI_MZun_T9N3QRhbWQefMuDi8vSgjMaw
.imgonline.com.ua/	1970-01-20 17:31:12	Name: __gpi Value: UID=00000b925d8fdda5:T=1670976289:RT=1670976289:S=ALNI_Mb2zlhCCuNNwxnv__V1t9Z3wYaKVw
.doubleclick.net/	1970-01-20 17:31:12	Name: IDE Value: AHWqTUkBPETZZHbw5Xp4OQBRHpyKeemv6cmePeTt2nJE3Nte1jUjCnGxQ2CTyZ3tsK0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bannerka.ua/img/referal/button1.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imgonline.com.ua
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.bannerka.ua
www.google.com
www.googletagservices.com
www.gstatic.com
www.imgonline.com.ua
www.bannerka.ua
176.9.147.119
2a00:1450:4001:801::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0d5e77d5870e2b6da94c0e7933484ef33c7a15b2c50abf4100dd76e97c4772c3
104945a3295ce3d0f53b522d6208dbe56ebc8e0fd5d842cc5668417a291c8794
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
27d88e7bda7e79a60397270088c2ad60d34939cdc2740f1211bc483513ec01ee
294c9779eaa163792d6b7e4f272c5b2f7dcac77c3fe59c83a46aec2d9e41931b
2e2d307f16629930c345f257337e2b52faa02898a1a0e03245d897133d66c3f5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39ce521dff8c2bb0750eee98d532b7130945fba06b024af51a1c8730a045e3c3
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
599486b5bfde45d569079681ceb8e7f1ea163e86cd2d3fae3613a047db80053d
60f06cb68fe14655acbdd28c4d79c447d8d7082e84d5d3a262bf4e8f341724e3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6676b11e2fd66a66a9ce01b97045453a4244fe45a3f18eedeec1a30549d1676c
68f7bf5760296909f23ec2536c57d552e7e1ce9e0c40eeceb0ccb0c5bf3dcabe
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6e7a7d8c4afd182d9ba11226881d927f280f7cb6156a24193360d8c4e9a5efb4
7069f7c640f5c4bf24319b64a8322dfa1caa469534144f8aebe95db237a5508c
736e28b1d87f8b97c330ab583fecc51f853120b741f256999d790e138ec57879
7a024fe782d24bc2602625c536d917ceae4bf8b9d797ff2a63e46c68cea2c274
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8a26ffbeedff0713ec461e8c69adeb01d1942ab34054a85f8d70e97541552b7d
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8f0772f8dfca7b641383a176aa016f971b0b0f04d2b29b80cf8d8588871ea9ea
97fc831912e1133f8fd573d4b299e3a3c5a2f8c3bc361f1876133d86f4324c11
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0acdaabe3ddf0b5e30a38685ee2121235fe4cbea4e712ef8fed030df2f6dd28
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a78210a027b1bd44f8f2a622810a6aa04664539683fa3c40f478551c2b1cb3db
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aba0d8663de17f30293ba67668d4889e39862d4dec34437afc7377e7de333586
afc913183fbf9585679bf387f4f23fad5da44c54f0419995c74e4d8afe0d29fa
b6745ffd5250d426a32571504de9908c961b4f20d5b23f176b7764c45a84cef0
bd8534ad5a350d6baa5cfd478161faade16ed2d663654f05326400db3dd9f5fb
c1d8c86bc29336a44cc518556e18575e1e32942f741944a9384dd691e915c618
cced138ef2e5e182565d6903d7cf366e9d6a01c361a731b887e311d8f5f51042
cecc381162e146be3e7e2805ede9cb92dddc65bd988d3a4c9c1537574b01abad
cf23074a5fe104d989c288d16827705c779034c1fd998729166c960639694c03
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d0079e5e74c93917fab76e8f2b9b70673a5d41d5d8d8bd8715c743c1f56a7f20
d019a2a165770dcd2302b6c6467734fdf8d879d5db383f382fcb849d9bafbfc3
d6236fe0c60ea7f1cfb423a656f1ea91131d6cd390e39cbeb34a4a9909504897
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70c5776621837860d75f07069f337eae18736dbd236399ff51b208c8024208c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd8909cea7b8b1cac4ffa0b66efde1bf046fe6373f429028dd26c68a7c47f62
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

www.imgonline.com.ua Open in urlscan Pro 176.9.147.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

92 %IPv6

10 Domains

15 Subdomains

14 IPs

1 Countries

850 kBTransfer

1481 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.imgonline.com.ua Open in urlscan Pro
176.9.147.119 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

92 %
IPv6

10
Domains

15
Subdomains

14
IPs

1
Countries

850 kB
Transfer

1481 kB
Size

3
Cookies

54 HTTP transactions
3 data transactions